efiXplorer – IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation
efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus...
hacking
The Biden administration will work with 30 countries to curb global cybercrime
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime....
LeakDB – Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search
LeakDB is a tool set designed to allow organizations to build and deploy their own internal plaintext "Have I Been...
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw...
Flubot Android banking Trojan spreads via fake security updates
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat...
Kekeo – A Little Toolbox To Play With Microsoft Kerberos In C
kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) ASN.1 libraryIn kekeo,...
Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G
Telecom Italia Red Team Research (RTR) laboratory led by Massimiliano Brolli reported three new flaws in Oracle GlassFish and Nokia...
Pwncat – Fancy Reverse And Bind Shell Handler
pwncat is a post-exploitation platform for Linux targets. It started out as a wrapper around basic bind and reverse shells...
Baby died at Alabama Springhill Medical Center due to cyber attack
A baby allegedly received inadequate childbirth health care, and later died, at an Alabama Springhill Medical Center due to a...
Hydra Android trojan campaign targets customers of European banks
Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. ...
Neiman Marcus discloses data breach, payment card data exposed
Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer...
Certify – Active Directory Certificate Abuse
Certify is a C# tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). @harmj0y and @tifkin_...
Google fixes 2 new actively exploited zero-day flaws in Chrome
Google rolled out urgent security updates to address two new actively exploited zero-day vulnerabilities in its Chrome browser. Google this...
Weaponizing Apple AirTag to lure users to malicious sites
Threat actors could exploit a stored cross-site scripting (XSS) vulnerability in Apple AirTag product to lure users to malicious websites....
PKINITtools – Tools For Kerberos PKINIT And Relaying To AD CS
This repository contains some utilities for playing with PKINIT and certificates. The tools are built on minikerberos and impacket. Accompanying...
Experts show how to make fraudulent payments using Apple Pay with VISA on locked iPhones
Security researchers devised a new attack method against iPhone owners using Apple Pay and Visa payment cards. Boffins from the...
Popular Android apps with 142.5 million collective installs leak user data
14 top Android apps with 142.5 million installs are misconfigured, leaving their data exposed to unauthorized parties Original post @...
SharpML – Machine Learning Network Share Password Hunting Toolkit
SharpML is a proof of concept file share data mining tool using Machine Learning in Python and C#. The tool...
Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence
Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted...
CISA releases Insider Risk Mitigation Self-Assessment Tool
The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider...
Facebook released Mariana Trench tool to find flaws in Android and Java apps
Facebook released Mariana Trench, an internal open-source tool that can be used to identify vulnerabilities in Android and Java applications....
Expert discloses new iPhone lock screen vulnerability in iOS 15
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet...
Webstor – A Script To Quickly Enumerate All Websites Across All Of Your Organization’S Networks, Store Their Responses, And Query For Known Web Technologies, Such As Those With Zero-Day Vulnerabilities
WebStor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your...
Kodex – A Privacy And Security Engineering Toolkit: Discover, Understand, Pseudonymize, Anonymize, Encrypt And Securely Share Sensitive And Personal Data: Privacy And Security As Code
Kodex (Community Edition - CE) is an open-source toolkit for privacy and security engineering. It helps you to automate data...
