Security Affairs newsletter Round 318
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
hacking
Nebula – Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS
Nebula is a Cloud and (hopefully) DevOps Penetration Testing framework. It is build with modules for each provider and each...
iOS Malicious Bit Hunter – A Malicious Plug-In Detection Eng ine For iOS Applications
iOS Malicious Bit Hunter is a malicious plug-in detection engine for iOS applications. It can analyze the head of the...
McDonald’s discloses data breach in US, Taiwan and South Korea
McDonald’s fast-food chain disclosed a data breach, hackers have stolen information belonging to customers and employees from the US, South...
Volkswagen discloses data breach, 3.3 million customers impacted
Volkswagen America discloses a data breach at a third-party vendor that exposed the personal details of more than 3.3 million...
CVE-2021-3560 flaw in polkit auth system service affects most of Linux distros
An authentication bypass flaw in the polkit auth system service used on most Linux distros can allow to get a...
Avaddon ransomware gang shuts down their operations and releases decryption keys
The Avaddon ransomware gang has shut down its operations and released the decryption keys to allow victims to recover their...
CEO-Level Guide to Prevent Data Hacking Technologies & Incidents
The current era, where all data is digital, the threats of fraud, breach and data sprawl are more of a...
Italy announced its Cybersecurity Agency
Italy announced the creation of the national cybersecurity agency, a move aimed at increase the level of cyber security of...
Interactsh – An OOB Interaction Gathering Server And Client Library
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external...
BlueCloud – Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D
Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one...
Mysterious custom malware used to steal 1.2TB of data from million PCs
Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials,...
Al Jazeera detected and blocked disruptive cyberattacks
Qatari government-funded international Arabic news channel Al Jazeera announced to have blocked a series of disruptive cyberattacks aimed at its...
DoJ announced to have shut down Slilpp marketplace in international operation
The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. The US Department of Justice...
Global Scamdemic: Scams Become Number One Online Crime
Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Group-IB, a...
Hackers stole data from the network of the gaming giant Electronic Arts
Hackers breached the network of the gaming giant Electronic Arts (EA) and have stolen roughly 780 GB of data, including game...
Neurax – A Framework For Constructing Self-Spreading Binaries
A framework that aids in creation of self-spreading software Requirementsgo get -u github.com/redcode-labs/Coldfire go get -u github.com/yelinaung/go-haikunator New in v....
Libinjection – SQL / SQLI Tokenizer Parser Analyzer
SQL / SQLI tokenizer parser analyzer. For C and C++ PHP Python Lua Java (external port) (https://github.com/p0pr0ck5/lua-ffi-libinjection) (external port) See...
JBS paid $11 million to REvil ransomware out of $22.5M requested
The beef producer JBS has admitted to have paid an $11 million ransom to the REvil ransomware gang after the...
Google Patches Chrome zero-day actively exploited
Google this week addressed 14 vulnerabilities in the Chrome browser, including a zero-day flaw that has been exploited in the...
Russia-linked APT breached the network of Dutch police in 2017
Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the...
Crypto-mining campaign targets Kubeflow installs on a large scale
Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers...
Hackers hit Spain’s Ministry of Labor and Social Economy
The Spanish Ministry of Labor and Social Economy (MITES) was hit by a cyberattack and is working to restore impacted...
Google fixes a critical Android RCE flaw in the System component
Google’s June security bulletin addresses more than 90 vulnerabilities in Android and Pixel devices, including a Critical RCE (CVE-2021-0507). Google’s...
