CVE-2021-3711 in OpenSSL can allow to change an application’s behavior
The OpenSSL Project patched a high-severity vulnerability, tracked as CVE-2021-3711, that can allow an attacker to change an application’s behavior...
hacking
New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware
Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging...
DNSMonster – Passive DNS Capture/Monitoring Framework
Passive DNS collection and monitoring built with Golang, Clickhouse and Grafana: dnsmonster implements a packet sniffer for DNS traffic. It...
Git-Secret – Go Scripts For Finding An API Key / Some Keywords In Repository
Go scripts for finding an API key / some keywords in repository Update V1.0.1Removing some checkers Adding example file contains...
FBI flash alert warns on OnePercent Group Ransomware attacks
The FBI shared info about OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least...
Realtek SDK flaws exploited to deliver Mirai bot variant
Researchers warn that threat actors are actively exploiting Realtek SDK vulnerabilities since their technical details were publicly disclosed. Researchers from SAM Seamless...
CISA recommends immediately patch Exchange ProxyShell flaws
US CISA issued an urgent alert to warn admins to address ProxyShell vulnerabilities on-premises Microsoft Exchange servers. The US Cybersecurity...
LazySign – Create Fake Certs For Binaries Using Windows Binaries And The Power Of Bat Files
Create fake certs for binaries using windows binaries and the power of bat files Over the years, several cool tools...
Process-Dump – Windows Tool For Dumping Malware PE Files From Memory Back To Disk For Analysis
Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware...
Are you using a Sophos UTM appliance? Be sure it is up to date!
A researcher disclosed technical details of a critical remote code execution vulnerability, tracked as CVE-2020-25223, patched last year. In September,...
LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs
A zero-day vulnerability in Razer Synapse could allow threat actors to gain Windows admin privileges by plugging in a Razer...
Memorial Health System forced to cancel surgeries after ransomware attack
Health organization Memorial Health System was hit by a disruptive cyber attack that forced it to cancel surgeries and divert...
Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP
Google disclosed the details of a Windows AppContainer vulnerability because Microsoft initially had no plans to fix it. Google Project...
Keimpx – Check For Valid Credentials Across A Network Over SMB
keimpx is an open source tool, released under the Apache License 2.0. It can be used to quickly check for...
SQLancer – Detecting Logic Bugs In DBMS
SQLancer (Synthesized Query Lancer) is a tool to automatically test Database Management Systems (DBMS) in order to find logic bugs...
Security Affairs newsletter Round 328
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
T-Mobile data breach could be worse than initially thought, 54 million customers impacted
T-Mobile data breach could be worse than initially thought, an update to the investigation reveals that over 54 million individuals...
U.S. State Department was recently hit by a cyber attack
The U.S. State Department was recently hit by a cyber attack, the Department of Defense Cyber Command might have suffered...
New LockFile ransomware gang uses ProxyShell and PetitPotam exploits
A new ransomware gang named LockFile targets Microsoft Exchange servers exploiting the recently disclosed ProxyShell vulnerabilities. A new ransomware gang...
XLMMacroDeobfuscator – Extract And Deobfuscate XLM Macros (A.K.A Excel 4.0 Macros)
XLMMacroDeobfuscator can be used to decode obfuscated XLM macros (also known as Excel 4.0 macros). It utilizes an internal XLM...
Brutus – An Educational Exploitation Framework Shipped On A Modular And Highly Extensible Multi-Tasking And Multi-Processing Architecture
An educational exploitation framework shipped on a modular and highly extensible multi-tasking and multi-processing architecture. Brutus: an IntroductionLooking for version...
US CISA releases guidance on how to prevent ransomware data breaches
The US Cybersecurity and Infrastructure Security Agency (CISA) released guidance on how to prevent data breaches resulting from ransomware attacks....
Lojas Renner, Brazilian largest clothing store chain, was hit by ransomware
Lojas Renner, the largest Brazilian department stores clothing company, suffered a ransomware attack that impacted its IT infrastructure. Lojas Renner,...
Emsisoft releases free SynAck ransomware decryptor
Emsisoft researchers have released a decryptor for the SynAck Ransomware that could allow victims of the gang to decrypt their...
