CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive...
hacking
Experts warn that Mirai Botnet starts exploiting OMIGOD flaw
The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a...
Ntlm_Theft – A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files
A tool for generating multiple types of NTLMv2 hash theft files. ntlm_theft is an Open Source Python3 Tool that generates...
On-The-Fly – Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)
▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█...
German Election body hit by a cyber attack
A spokesman for the authority running Germany’s September 26 general election confirmed that hackers briefly disrupted its website last month....
New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems
A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers...
A new Win malware uses Windows Subsystem for Linux (WSL) to evade detection
Security researchers spotted a new malware that uses Windows Subsystem for Linux (WSL) to evade detection in attacks against Windows...
FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho...
Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug
Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft...
DNSTake – A Fast Tool To Check Missing Hosted DNS Zones That Can Lead To Subdomain Takeover
A fast tool to check missing hosted DNS zones that can lead to subdomain takeover. What is a DNS takeover?DNS...
CVE-2021-40444 PoC – Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)Creation of this Script is based on some reverse...
Plution – Prototype Pollution Scanner Using Headless Chrome
Plution is a convenient way to scan at scale for pages that are vulnerable to client side prototype pollution via...
Kali Linux 2021.3 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates.A summary of the changes...
Bitdefender released free REvil ransomware decryptor that works for past victims
Researchers from Bitdefender released a free master decryptor for the REvil ransomware operation that allows past victims to recover their...
Anonymous hacked the controversial, far-right web host Epik
Anonymous claims to have hacked the controversial web hosting provider Epik, known for allowing far-right, neo-Nazi, and other extremist content....
OMIGOD vulnerabilities expose thousands of Azure users to hack
OMIGOD – Microsoft addressed four vulnerabilities in the Open Management Infrastructure (OMI) software agent that could expose Azure users to...
Microsoft announces passwordless authentication for consumer accounts
Microsoft announced that users can access their consumer accounts without providing passwords and using more secure authentication methods. Microsoft will...
Vailyn – A Phased, Evasive Path Traversal + LFI Scanning & Exploitation Tool In Python
Vailyn's Crawler analyzing a damn vulnerable web application. LFI Wrappers are not enabled. GUI Demonstration (v2.2.1-5) Possible IssuesFound some false...
Rootend – A *Nix Enumerator And Auto Privilege Escalation Tool
rootend is a python *nix Enumerator & Auto Privilege Escalation tool. For a full list of our tools, please visit...
Three formers NSA employees fined for providing hacker-for-hire services to UAE firm
Three former NSA employees entered into a deferred prosecution agreement that restricts their future activities and employment and requires the...
US CISA appointed Kiersten Todt as new chief of staff
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has appointed Kiersten Todt as its new chief of staff. The U.S....
Microsoft Patch Tuesday fixes CVE-2021-40444 MSHTML zero-day
Microsoft Patch Tuesday security updates for September 2021 addressed a high severity zero-day flaw actively exploited in targeted attacks. Microsoft Patch...
Mēris Bot infects MikroTik routers compromised in 2018
Latvian vendor MikroTik revealed that recently discovered Mēris botnet is targeting devices that were compromised three years ago. Last week, the Russian...
Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw
A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS...
