Bughound – Static Code Analysis Tool Based On Elasticsearch
Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana...
hacking
US govt offers $10 million reward for info on nation-state cyber operations
The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors....
Cisco fixes high-risk DoS flaw in ASA, FTD Software
Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco...
D-Link issues beta hotfix for multiple flaws in DIR-3040 routers
Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment...
Kali-Whoami – A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level
The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly...
Exploit_Mitigations – Knowledge Base Of Exploit Mitigations Available Across Numerous Operating Systems, Architectures And Applications And Versions
The goal is to list exploitation mitigations added over time in various operating systems, software, libraries or hardware. It becomes...
Microsoft alerts about a new Windows Print Spooler vulnerability
Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed...
Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild
Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released...
New enhanced Joker Malware samples appear in the threat landscape
The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to...
Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and...
Exploit broker Zerodium is looking for VMware vCenter Server exploits
Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it...
SpearTip Finds New Diavol Ransomware Does Steal Data
Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet....
Ventoy – A New Bootable USB Solution
Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI files. With ventoy, you don't need to...
Redteam-Hardware-Toolkit – Red Team Hardware Toolkit
A collection of hardware s that aid in red team operations. This repository will help you during red team engagement....
SonicWall warns of ‘imminent ransomware’ attacks on its EOL products
SonicWall has issued an urgent security alert to warn customers of “an imminent ransomware campaing” targeting EOL equipment. SonicWall has...
macOS: Bashed Apples of Shlayer and Bundlore
Uptycs threat research team analyzed macOS malware threat landscape and discovered that Shlayer and Bundlore are the most predominant malware....
Google: four zero-day flaws have been exploited in the wild
Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG)...
China-linked LuminousMoth APT targets entities from Southeast Asia
LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the...
XLS Entanglement
VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their...
Wpscvn – Wpscvn Is A Tool For Pentesters, Website Owner To Test If Their Websites Had Some Vulnerable Plugins Or Themes
wpscvn is a tool for pentesters, website owner to test if their websites had some vulnerable plugins or themesThe author...
Injector – Complete Arsenal Of Memory Injection And Other Techniques For Red-Teaming In Windows
Complete Arsenal of Memory injection and other techniques for red-teaming in WindowsWhat does Injector do?Process injection support for shellcode located...
Trickbot improve its VNC module in recent attacks
Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems. The...
China-linked hacking group DEV-0322 behind Solarwinds Serv-U zero-day attacks
Microsoft attributes the recent attacks that have targeted SolarWinds file transfer servers to a China-linked APT group that the experts tracked as...
The infrastructure and websites used by REvil ransomware gang are not reachable
The infrastructure and leak sites used by the REvil ransomware gang for its operations went offline last night. Starting last...
