Cisco released security patches for High-Severity flaws in IOS XR software
Cisco fixed multiple high-severity flaws in the IOS XR software that can allow attackers to trigger a DoS condition, elevate...
hacking
Pollenisator – Collaborative Pentest Tool With Highly Customizable Tools
Pollenisator is a tool aiming to assist pentesters and auditor automating the use of some tools/scripts and keep track of...
Karta – Source Code Assisted Fast Binary Matching Plugin For IDA
"Karta" (Russian for "Map") is an IDA Python plugin that identifies and matches open-sourced libraries in a given binary. The...
New SOVA Android Banking trojan is rapidly growing
SOVA is a new Android banking trojan that targets banking applications, cryptocurrency wallets, and shopping apps from the U.S. and...
Microsoft fixes Azurescape flaw in Azure Container Instances
Microsoft has fixed the Azurescape issue, a flaw in Azure Container Instances that allows to take over containers of other...
Hooks, Filters, and Other Really, Really, Cool Things
In case you don’t check our commit history on our GitHub on a daily basis, Empire 4.1 and Starkiller 1.9 were released to...
WWWGrep – OWASP Foundation Web Respository
WWWGrep is a rapid search “grepping” mechanism that examines HTML elements by type and permits focused (single), multiple (file based...
EDD – Enumerate Domain Data
Enumerate Domain Data is designed to be similar to PowerView but in .NET. PowerView is essentially the ultimate domain enumeration...
Grayfly APT uses recently discovered Sidewalk backdoor
Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked...
Experts confirmed that the networks of the United Nations were hacked earlier this year
The United Nations this week confirmed that its computer networks were hit by a cyberattack earlier this year, as first...
International money launderer sentenced to more than 11 years
A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions...
A new botnet named Mēris is behind massive DDoS attack that hit Yandex
The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked...
Owt – The Most Compact WiFi Auditing Tool That Works On Command Line Linux
This tool compiles some necessary tools for wifi auditing in a unix bash script with a user friendly interface....
Graphw00F – GraphQL fingerprinting tool for GQL endpoints
Credits to Nick Aleks for the logo!How does it work?graphw00f (inspired by wafw00f) is the GraphQL fingerprinting tool for GQL...
Millions of Microsoft web servers powered by vulnerable legacy software
CyberNews researchers identified more than 2 million web servers worldwide still running on outdated and vulnerable versions of Microsoft Internet...
TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide
The financially motivated TeamTNT hacking group expanded its arsenal with new tools used to target thousands of victims worldwide. Researchers...
Yandex is under the largest DDoS attack in the history of Runet
The Russian internet service provider Yandex is under a massive distributed denial-of-service (DDoS) attack that began last week. The Russian...
Zoho warns of zero-day authentication bypass flaw actively exploited
Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the...
Personal information of 7 million Israelis available for sale
A threat actor that goes online with the moniker ‘Sangkancil’ claims to have stolen the personal information of 7 million...
Groove gang leaks list of 500k credentials of compromised Fortinet appliances
Groove gang leaked online Fortinet credentials that could be used to breach networks of organizations using the compromised devices. The financially...
SharpStrike – A Post Exploitation Tool Written In C# Uses Either CIM Or WMI To Query Remote Systems
GUI version: Solution ArchitectureSharpStrike is composed of three main projects ServiceLayer -- Provides core functionality and consumed by the UI...
TREVORspray – A Featureful Round-Robin SOCKS Proxy And Python O365 Sprayer Based On MSOLSpray Which Uses The Microsoft Graph API
TREVORproxy is a SOCKS proxy that round-robins requests through SSH hosts. TREVORspray is a A featureful Python O365 sprayer based...
Russian communications watchdog Roskomnadzor blocks access to 6 VPNs
Russian communications watchdog Roskomnadzor tightens control of its citizens and blocked access to six virtual private networks (VPNs), including NordVPN...
Microsoft warns of a zero-day in Internet Explorer that is actively exploited
Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs....
