Tuf – A Framework For Securing Software Update Systems
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
hacking
SecretScanner – Find Secrets And Passwords In Container Images And File Systems
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets?Secrets are any kind of...
Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools
Ransomware gang demanded a $40,000,000 ransom to the Broward County Public Schools district, Florida. It is just the last attack...
Airlift Express Fixes Vulnerabilities in Its E-commerce Store
PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A...
DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5
The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in...
Man indicted for tampering with public water system in Kansas
The United States Department of Justice (DoJ) charged a Kansas man, for accessing and tampering with a public water system....
VMware fixes authentication bypass in Carbon Black Cloud Workload appliance
VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
DeepDotWeb admin pleads guilty to money laundering conspiracy
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the...
VMware fixed flaws in vROps that can be chained to compromise organizations
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks...
Akamai dealt with an 800Gbps ransom DDoS against a gambling company
Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked...
Ubiquiti security breach may be a catastrophe
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could...
US CISA warns of DoS flaws in Citrix Hypervisor
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to...
North Korea-linked hackers target security experts again
Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The...
Rubeus – C# Toolset For Raw Kerberos Interaction And Abuses
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project...
InveighZero – Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to...
5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter
Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter....
Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape
Researchers have reported to Google a sandbox escape vulnerability in the Chrome web browser to Google that awarded them $20,000....
Email accounts of DHS members were compromised in the SolarWinds hack
Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds...
IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions
IETF has formally deprecated the TLS 1.0 and TLS 1.1 cryptographic protocols because they lack support for recommended cryptographic algorithms...
VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials
VMware addressed a high severity vulnerability in vRealize Operations that could allow stealing admin credentials from vulnerable servers. VMware has published...
ClearURLs – An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This...
Android_Hid – Use Android As Rubber Ducky Against Another Android Device
Use Android as Rubber Ducky against another Android device HID attack using AndroidUsing Android as Rubber Ducky against Android. This...
