Accenture has been hit by a LockBit 2.0 ransomware attack
Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT...
hacking
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing...
Wsh – Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Jarm – Active Transport Layer Security (TLS) server fingerprinting tool
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Adobe fixes critical flaws in Magento, patch it immediately
Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security...
Microsoft patch Tuesday security updates fix PrintNightmare flaws
Microsoft released patch Tuesday security updates for August that address 120 CVEs in Microsoft products including a zero-day actively exploited...
$611 million stolen in Poly Network cross-chain hack
The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to...
Karton – Distributed Malware Processing Framework Based On Python, Redis And MinIO
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
UnhookMe – An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors
A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors....
Microsoft Azure Sentinel uses Fusion ML to detect ransomware attacks
Microsoft Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform used the Fusion machine learning model to detect ransomware...
FlyTrap, a new Android Trojan compromised thousands of Facebook accounts
Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144...
StealthWorker botnet targets Synology NAS devices to drop ransomware
Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor...
ADCSPwn – A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to...
Sigurlfind3R – A Reconnaissance Tool, It Fetches URLs From AlienVault’s OTX, Common Crawl, URLScan, Github And The Wayback Machine
sigurlfind3r is a passive reconnaissance tool, it fetches known URLs from AlienVault's OTX, Common Crawl, URLScan, Github and the Wayback...
City of Joplin paid a 320K ransom after a ransomware Attack
A ransomware attack hit City of Joplin forcing the IT staff to shutdown the City computer. Finally the insurer for...
Australian Cyber Security Centre warns of a surge of LockBit 2.0 ransomware attacks
The Australian Cyber Security Centre (ACSC) warns of a surge of LockBit 2.0 ransomware attacks against Australian organizations starting July 2021. The Australian Cyber...
Threat actors are probing Microsoft Exchange servers for ProxyShell flaws
Threat actors are actively scanning for the Microsoft Exchange ProxyShell RCE flaws after technical details were released at the Black Hat...
1M compromised cards available for free in the underground market
Group-IB detected an unconventional post on several carding forums containing links to a file containing 1 million compromised cards. On...
Php-Jpeg-Injector – Injects Php Payloads Into Jpeg Images
Injects php payloads into jpeg images. Related to this post. Use CaseYou have a web application that runs a jpeg...
Solitude – A Privacy Analysis Tool That Enables Anyone To Conduct Their Own Privacy Investigations
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or...
Security Affairs newsletter Round 326
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A zero-day RCE in Cisco ADSM has yet to be fixed
A remote code execution (RCE) vulnerability in the Cisco Adaptive Security Device Manager (ADSM) Launcher disclosed in July has yet...
CVE-2021-20090 actively exploited to target millions of IoT devices worldwide
Threat actors are actively exploiting a critical authentication bypass issue (CVE-2021-20090) affecting home routers with Arcadyan firmware. Threat actors actively...
