Canada Post disclosed a ransomware attack on a third-party service provider
Canada Post disclosed a ransomware attack on a third-party service provider that exposed shipping information for their customers. Canada Post...
hacking
APT hacked a US municipal government via an unpatched Fortinet VPN
The FBI revealed that foreign hackers compromised the network of a local US municipal government by exploiting flaws in an...
DHS announces security measures for critical pipeline industry
The US Department of Homeland Security (DHS) has announced new cybersecurity requirements for critical pipeline owners and operators. The Colonial pipeline...
Dystopia – Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Low to medium Ubuntu Core honeypot coded in Python.FeaturesOptional Login Prompt Logs commands used and IP addresses Customize MOTD, Port,...
FireStorePwn – Firestore Database Vulnerability Scanner Using APKs
fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication....
NASA identified 1,785 cyber incidents in 2020
NASA identified more than 6,000 cyber-related incidents in the last four years, according to a report published by its Office...
Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool
Threat actors have compromised offices of multiple Japanese agencies via Fujitsu ‘s ProjectWEB information sharing tool. Threat actors have breached...
M1RACLES, the unpatchable bug that impacts new Apple M1 chips
A security expert has discovered a vulnerability in Apple M1 chips, dubbed M1RACLES, that cannot be fixed. Software engineer Hector...
Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT
Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported...
French police seized dark web marketplace Le Monde Parallèle
Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police...
DNS-Black-Cat(DBC) – Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in...
Qvm-Create-Windows-Qube – Spin Up New Windows Qubes Quickly, Effortlessly And Securely
qvm-create-windows-qube is a tool for quickly and conveniently installing fresh new Windows qubes with Qubes Windows Tools (QWT) drivers automatically....
Google discovered a new variant of Rowhammer attack dubbed Half-Double
Google experts discovered a new variant of Rowhammer attack against RAM memory cards that bypasses all current defenses Google researchers...
Belgium Interior Ministry said it was hit by a sophisticated cyber attack
The Belgian interior ministry was targeted by a “sophisticated” cyber attack, a spokesman told RTBF public television on Tuesday. The...
Another critical bug impacts all VMware vCenter Server installs
VMware addresses a critical remote code execution (RCE) flaw in the Virtual SAN Health Check plug-in that impacts all vCenter...
Agrius group targets Israel with data-wipers disguised as ransomware
An Iran-linked threat actor tracked as Agrius employed data-wipers disguised as ransomware to destroy targeted IT infrastructure. Researchers from cyber-security...
Ivanti fixes high severity flaw in Pulse Connect Secure VPN
A flaw in Pulse Connect Secure VPN could allow an authenticated remote attacker to execute arbitrary code with elevated privileges....
Php_Code_Analysis – San your PHP code for vulnerabilities
This script will scan your codethe script can find check_file_upload issues host_header_injection SQl injection insecure deserialization open_redirect SSRF XSS LFI...
Solr-GRAB – Steal Apache Solr Instance Queries With Or Without A Username And Password
Steal Apache Solr instance Queries with or without a username and password. DISCLAIMER: This project should be used for authorized...
Trend Micro fixes 3 flaws in Home Network Security Devices
Trend Micro fixed some flaws in Trend Micro Home Network Security devices that could be exploited to elevate privileges or...
Apple addresses three zero-day flaws actively exploited in the wild
Apple has addressed three zero-day vulnerabilities in macOS and tvOS actively exploited in the wild by threat actors. Apple has...
Audio equipment maker Bose Corporation discloses a ransomware attack
The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this...
US banks are giving facial recognition a go; EU tightens regulations, FTC updates AI guidelines
US banks are giving the green light to the adoption of facial recognition technology, while authorities provide regulations and updates...
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at...
