Snuffleupagus – Security Module For Php7 And Php8 – Killing Bugclasses And Virtual-Patching The Rest!
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! Snuffleupagus is a PHP 7+ and 8+...
hacking
Cisco fixes AnyConnect Client VPN zero-day disclosed in November
Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code....
Biden signed executive order to improve the Nation’s Cybersecurity
President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks. President Biden signed...
US CISA and FBI publish joint alert on DarkSide ransomware
FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline....
How Companies Need to Treat User Data and Manage Their Partners
After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and...
Microsoft Patch Tuesday for May 2021 fix 4 critical flaws
Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities, four are rated as Critical. Microsoft Patch Tuesday for...
ByeIntegrity-UAC – Bypass UAC By Hijacking A DLL Located In The Native Image Cache
Bypass User Account Control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level. RequirementsAdministrator account...
APSoft-Web-Scanner-v2 – Powerful Dork Searcher And Vulnerability Scanner For Windows Platform
APSoft Webscanner Version 2new version of APSoft Webscanner Version 1Software picturesWhat can i do with this ?with this software, you...
FragAttacks vulnerabilities expose all WiFi devices to hack
Security researcher discovered a series of flaws, collectively tracked as FragAttacks, that impact the WiFi devices sold for the past...
Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities
Thousands of public-facing devices can be accessed anywhere in the world, from the US to Russia, from London to Johannesburg....
TeaBot Android banking Trojan targets banks in Europe
Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in...
NSA and ODNI analyze potential risks to 5G networks
U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence...
Hackers target Windows users exploiting a Zero-Day in Reader
Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks....
Researcher hacked Apple AirTag two weeks after its launch
Apple AirTag has been launched less than two weeks ago, but a security researcher already claims to have hacked them. The Apple...
Short story about Clubhouse user scraping and social graphs
TL;DRDuring this RedTeam testing, Hexway team used Clubhouse as a social engineering tool to find out more about their client’s...
VAST – Visibility Across Space And Time
The network telemetry engine for data-driven security investigations. Getting Started — Installation — Documentation — Development — Changelog — License...
Baserunner – A Tool For Exploring Firebase Datastores
A tool for exploring and exploiting Firebase datastores.Set upgit clone https://github.com/iosiro/baserunner.git cd baserunner npm install npm run build npm start...
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015
Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. Documents provided in...
Google open sources cosign tool for verifying containers
Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images....
FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks
The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The...
FBI confirmed that Darkside ransomware gang hit Colonial Pipeline
The U.S. FBI confirmed that the attack against the Colonial Pipeline over the weekend was launched by the Darkside ransomware...
DNSObserver – A Handy DNS Service Written In Go To Aid In The Detection Of Several Types Of Blind Vulnerabilities
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors...
CyberBattleSim – An Experimentation And Research Platform To Investigate The Interaction Of Automated Agents In An Abstract Simulated Network Environments
CyberBattleSim is an experimentation research platform to investigate the interaction of automated agents operating in a simulated abstract enterprise network...
City of Tulsa, is the last US city hit by ransomware attack
The city of Tulsa, Oklahoma, has been hit by a ransomware attack over the weekend that impacted its government’s network...
