French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at...
hacking
Zeppelin ransomware gang is back after a temporary pause
Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators...
CiLocks – Android LockScreen Bypass
CiLocks - Android LockScreen BypassFeaturesBrute Pin 4 Digit Brute Pin 6 Digit Brute LockScreen Using Wordlist Bypass LockScreen {Antiguard} Not...
MurMurHash – Tool To Calculate A MurmurHash Value Of A Favicon To Hunt Phishing Websites On The Shodan Platform
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.What...
13 flaws in Nagios IT Monitoring Software pose serious risk to orgs
Researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be exploited for malicious purposes. Cybersecurity...
Anker fixed an issue that caused access to Eufy video camera feeds to random users
A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers....
AMSITrigger – The Hunt For Malicious Strings
Hunting for Malicious StringsUsage:AMSI calls (xmas tree mode) -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater...
SQLFluff – A SQL Linter And Auto-Formatter For Humans
SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating...
CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers
The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10...
Security Affairs newsletter Round 315
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A malware attack hit the Alaska Health Department
The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of...
Qlocker ransomware leverages HBS flaw to infect QNAP NAS devices
QNAP warns customers of updating the HBS 3 disaster recovery app to prevent Qlocker ransomware attack. Taiwanese vendor QNAP is...
Charlotte – C++ Fully Undetected Shellcode Launcher
c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborndescription13/05/2021: c++ shellcode launcher, fully undetected...
GraphQLmap – A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.Install$ git clone https://github.com/swisskyrepo/GraphQLmap$ python graphqlmap.py _____...
Foreign hackers breached Russian federal agencies, said FSB
FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have breached networks of Russian federal agencies. A...
Conti Ransomware hit 16 US health and emergency Services, said FBI
Conti ransomware targeted over 400 organizations worldwide, 290 in the US, and at least 16 healthcare and first responder networks....
Air India suffered a data breach, 4.5 million customers impacted
Air India disclosed a data breach that impacted roughly 4.5 million of its customers, two months after its Passenger Service...
Report: how cybercriminals abuse API keys to steal millions
CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. Original post available here: https://cybernews.com/security/report-how-cybercriminals-abuse-api-keys-to-steal-millions/ CyberNews...
Indonesia ‘s government confirms social security data breach for some citizens
Indonesia has launched an investigation into a possible security incident that caused the leak of social security data for more...
DivideAndScan – Divide Full Port Scan Results And Use It For Targeted Nmap Runs
Divide Et Impera And Scan (and also merge the scan results) DivideAndScan is used to efficiently automate port scanning routine...
AutoPentest-DRL – Automated Penetration Testing Using Deep Reinforcement Learning
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate...
Insurance giant CNA Financial paid a $40 million ransom
The US insurance giant CNA Financial reportedly paid a $40 million ransom to restore access to its files following a...
Bitcoins of DarkSide ransomware gang still locked in hacker forum’s escrow
After DarkSide ransomware gang shut down operations, multiple affiliates have complained about not receiving the payments for successful breaches. The...
Microsoft SimuLand, an open-source lab environment to simulate attack scenarios
Microsoft released SimuLand, an open-source tool that can be used to build lab environments to simulate attacks and verify their...
