Atlassian released security patches to fix a critical flaw in Confluence
Atlassian released patches to fix a critical flaw, tracked as CVE-2021-26084, affecting the Confluence enterprise collaboration product. Atlassian released security patches...
hacking
An RCE in Annke video surveillance product allows hacking the device
Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by...
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’...
Ctf-Screenshotter – A CTF Web Challenge About Making Screenshots
A CTF web challenge about making screenshots. It is inspired by a bug found in real life. The challenge was...
adalanche – Active Directory ACL Visualizer and Explorer
Tags: API Documentation, Access, Active Directory, Analysis, Binary, LDAP, Linux, Max, Memory, Parameter, Reverse, Takeover, Windows, pwned, Adalancheadalanche - Active...
The FBI issued a flash alert for Hive ransomware operations
The Federal Bureau of Investigation (FBI) published a flash alert related to the operations of the Hive ransomware gang. The...
Victims of Ragnarok ransomware can decrypt their files for free
Ragnarok ransomware operators are ceasing their operations and released the master key that can allow their victims to decrypt files...
B. Braun Infusomat pumps could be hacked to alter medication doses
Researchers disclosed five vulnerabilities in B. Braun ‘s Infusomat Space Large Volume Pump and SpaceStation that could be remotely hacked....
CISA publishes malware analysis reports on samples targeting Pulse Secure devices
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released five malware analysis reports (MARs) related to samples found on compromised...
Cisco fixed a critical flaw in Cisco APIC for Nexus 9000 series switches
Cisco addressed a critical security vulnerability in the Application Policy Infrastructure Controller (APIC) interface used in its Nexus 9000 Series...
Kaseya fixed two of the three Kaseya Unitrends zero-days found in July
Software firm Kaseya addressed Kaseya Unitrends zero-day vulnerabilities that were reported by security researchers at the Dutch Institute for Vulnerability...
BeaconEye – Hunts Out CobaltStrike Beacons And Logs Operator Command Output
BeaconEye scans running processes for active CobaltStrike beacons. When processes are found to be running beacon, BeaconEye will monitor each...
Dorkify – Perform Google Dork Search
Perform Google Dork search with Dorkify Google DorkingGoogle dorking is a hacker technique that uses Google Search to find security...
Personal Data and docs of Swiss town Rolle available on the dark web
Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen...
VMware addressed 4 High-Severity flaws in vRealize Operations
VMware released security patches to address multiple vulnerabilities in vRealize Operations, including four high severity flaws. VMware addressed multiple vulnerabilities...
F5 addressed a flaw in BIG-IP devices rated as critical severity under specific conditions
F5 has addressed more than a dozen severe vulnerabilities in its BIG-IP networking device, including one rated as critical severity...
FIN8 group used a previously undetected Sardonic backdoor in a recent attack
Financially motivated threat actor FIN8 employed a previously undocumented backdoor, tracked as ‘Sardonic,’ in recent attacks. The financially motivated threat...
SLSA – Supply-chain Levels For Software Artifacts
SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing...
PSPKIAudit – PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)
PowerShell toolkit for auditing Active Directory Certificate Services (AD CS). It is built on top of PKISolution's PSPKI toolkit (Microsoft...
ShinyHunters group claims to have data of 70M AT&T customers
Threat actors claim to have a database containing private information on roughly 70 million AT&T customers, but the company denies...
Modified version of Android WhatsApp installs Triada Trojan
Experts spotted a modified version of WhatsApp for Android, which offers extra features, but that installs the Triada Trojan on...
Samsung could use a TV Block feature to disable any of its TVs worldwide
The South Korean multinational Samsung revealed that it can disable its Samsung TV sets remotely using the TV Block feature. Samsung...
CVE-2021-3711 in OpenSSL can allow to change an application’s behavior
The OpenSSL Project patched a high-severity vulnerability, tracked as CVE-2021-3711, that can allow an attacker to change an application’s behavior...
New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware
Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging...
