Insurance firm CNA discloses data breach after March ransomware attack
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance...
hacking
Hackers use a new technique in malspam attacks to disable Macro security warnings in weaponized docs
Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in malspam attacks. Most...
Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw
Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the...
Cisco fixes High Severity issue in BPA and WSA
Cisco addresses high severity privilege escalation vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users...
Multiple Sage X3 vulnerabilities expose systems to hack
Rapid7 researchers discovered security vulnerabilities in the Sage X3 ERP product that could allow to take control of vulnerable systems. Researchers from...
Morgan Stanley discloses data breach after the hack of a third-party vendor
The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server...
Ipa-Medit – Memory Search And Patch Tool For Resigned Ipa Without Jailbreak
Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security...
Cariddi – Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...PreviewInstallationYou need...
Tor Browser 10.5 is out, it includes a new anti-censorship feature
The Tor Project has released Tor Browser 10.5 which enhances an anti-censorship feature and warns of V2 onion URL deprecation....
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. A...
Experts bypassed Microsoft’s emergency patch for the PrintNightmare
The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an...
Wiregrass Electric Cooperative hit by a ransomware attack
Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama...
WildPressure APT expands operations targeting the macOS platform
WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware...
FindObjects-BOF – A Cobalt Strike Beacon Object File (BOF) Project Which Uses Direct System Calls To Enumerate Processes For Specific Loaded Modules Or Process Handles
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or...
GitDump – A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled
GitDump dumps the source code from .git when the directory traversal is disabledRequirementsPython3 Tested onWindows Kali Linux What it doesDump...
Researchers uncovered the network infrastructure of REVil – The notorious ransomware group that hit Kaseya
Resecurity® HUNTER, cyber threat intelligence and R&D unit, identified a strong connection to a cloud hosting and IoT company servicing...
Microsoft rolled out emergency update for Windows PrintNightmare zero-day
Microsoft rolled out KB5004945 emergency update to address the actively exploited PrintNightmare zero-day vulnerability (CVE-2021-34527) in Print Spooler service. Microsoft...
Hacker leaks info of pro-Trump GETTR members online
A hacker has leaked claims to have breached pro-Trump GETTR and leaked the private information of almost 90,000 members on...
SonicWall addresses critical CVE-2021-20026 flaw in NSM devices
Positive Technologies experts provide details about potential impact of a recently fixes command injection flaw in SonicWall NSM devices. Positive...
Sharperner – Simple Executable Generator With Encrypted Shellcode
Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can...
TiEtwAgent – PoC Memory Injection Detection Agent Based On ETW, For Offensive And Defensive Research Purposes
This project was created to research, build and test different memory injection detection use cases and bypass techniques. The agent...
Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya...
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide
Group-IB supported INTERPOL in its Operation Lyrebird that allowed to identify a threat actor presumably responsible for multiple attacks. Group-IB, one of the leading...
QNAP addressed a critical flaw that allows compromising NAS devices
Taiwanese vendor QNAP addressed a critical flaw, tracked as CVE-2021-28809, that could be exploited to compromise vulnerable NAS devices. Taiwanese vendor...
