XLoader, a $49 spyware that could target both Windows and macOS devices
Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and...
hacking
Kelihos botmaster Peter Levashov gets time served
A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release...
LPE flaw in Linux kernel allows attackers to get root privileges on most distros
Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux...
A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide
Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit...
Allsafe – Intentionally Vulnerable Android Application
Allsafe is an intentionally vulnerable application that contains various vulnerabilities. Unlike other vulnerable Android apps, this one is less like...
Regexploit – Find Regular Expressions Which Are Vulnerable To ReDoS (Regular Expression Denial Of Service)
Download Regexploit If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
A bug in Fortinet FortiManager and FortiAnalyzer allows unauthenticated hackers to run code as root
Fortinet fixes a serious bug in its FortiManager and FortiAnalyzer network management solutions that could be exploited to execute arbitrary...
Microsoft secured court order to take down domains used in BEC campaign
Microsoft has seized 17 malicious homoglyph domains used by crooks in a business email compromise (BEC) campaign targeting its users. Microsoft’s Digital...
WiFiDemon – Recently discovered iPhone Wi-Fi bug could also allow RCE
A recently discovered iPhone Wi-Fi bug that could crash the WiFi connectivity could be exploited by attackers to achieve remote...
US DoJ indicts four members of China-linked APT40 cyberespionage group
US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and...
Experts disclose critical flaws in Advantech router monitoring tool
Cisco Talos experts disclose details of several critical flaws in a router monitoring application developed by industrial and IoT firm...
MANSPIDER – Spider Entire Networks For Juicy Files Sitting On SMB Shares. Search Filenames Or File Content – Regex Supported!
Crawl SMB shares for juicy information. File content searching + regex is supported! File types supported:PDF DOCX XLSX PPTX any...
Orbitaldump – A Simple Multi-Threaded Distributed SSH Brute-Forcing Tool Written In Python
A simple multi-threaded distributed SSH brute-forcing tool written in Python.How it WorksWhen the script is executed without the --proxies switch,...
Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco
A hacker claims to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant,...
Pegasus Project – how governments use Pegasus spyware against journalists
Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s...
Experts show how to bypass Windows Hello feature to login on Windows 10 PCs
Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login...
ARTIF – An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.
ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of...
DNSStager – Hide Your Payload In DNS
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create...
Chinese government issues new vulnerability disclosure regulations
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The...
Instagram implements ‘Security Checkup’ to help users recover compromised accounts
Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised....
HelloKitty ransomware gang targets vulnerable SonicWall devices
BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators....
Security Affairs newsletter Round 323
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Cilium – eBPF-based Networking, Security, And Observability
Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application...
Bughound – Static Code Analysis Tool Based On Elasticsearch
Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana...
