OpenCVE – CVE Alerting Platform
OpenCVE, formerly known as Saucs, is a platform used to locally import the list of CVEs and perform searches on...
hacking
Experts explain how to bypass recent improvement of China’s Great Firewall
Experts from Great Firewall Report analyzed recent upgrades to China’s Great Firewall and revealed that it can be circumvented. Members...
Security Affairs newsletter Round 299
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs
The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target Apache ActiveMQ, Oracle WebLogic, and...
UScellular data breach: attackers ported customer phone numbers
US wireless carrier UScellular discloses data breach, personal information of customers may have been exposed and their phone numbers ported....
UK Research and Innovation (UKRI) discloses ransomware attack
A ransomware infected the systems at the UK Research and Innovation (UKRI), at leat two services were impacted. The UK...
PSC – E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions,...
SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request
SSRF plugin for burp that Automates SSRF Detection in all of the RequestUpcoming Features ChecklistIt will soon have a user...
Victims of FonixCrypter ransomware could decrypt their files for free
FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good...
Domain for programming website Perl.com hijacked
Threat actors took over the domain name perl.com and pointed it to an IP address associated with malware campaigns. Attackers...
Experts addressed flaws in Popup Builder WordPress plugin
Multiple issues in WordPress ‘Popup Builder’ Plugin could be exploited by hackers to perform various malicious actions on affected websites....
CSSG – Cobalt Strike Shellcode Generator
Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used...
Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux
Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows...
Microsoft: North Korea-linked Zinc APT targets security experts
Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT...
Oscorp, a new Android malware targets Italian users
Researchers at the Italian CERT warns of new Android malware dubbed Oscorp that abuses accessibility services for malicious purposes. Researchers...
Lebanese Cedar APT group broke into telco and ISPs worldwide
Clearsky researchers linked the Lebanese Cedar APT group to a cyber espionage campaign that targeted companies around the world. Clearsky...
JWT Key ID Injector – Simple Python Script To Check Against Hypothetical JWT Vulnerability
Simple python script to check against hypothetical JWT vulnerability. Let's say there is an application that uses JWT tokens signed...
Tritium – Password Spraying Framework
A tool to enumerate and spray valid Active Directory accounts through Kerberos Pre-Authentication. BackgroundAlthough many Kerberos password spraying tools currently...
TeamTNT group adds new detection evasion tool to its Linux miner
The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. The TeamTNT cybercrime group...
LogoKit, a new phishing kit that dynamically creates phishing forms
Researchers from RiskIQ have discovered a new phishing kit dubbed LogoKit that dynamically compose phishing content. Researchers from RiskIQ discovered...
CISA warns of high-severity flaws in Fuji Electric Tellus Lite V-Simulator and Server Lite
The U.S. CISA published a security advisory for High-Severity flaws in some SCADA/HMI products made by Japanese company Fuji Electric....
Law enforcement announced global action against NetWalker Ransomware
A joint operation of U.S. and EU law enforcement authorities allowed the seizure of the leak sites used by NetWalker...
Emotet Botnet dismantled in a joint international operation
A global operation of law enforcement has dismantled the infrastructure of the infamous Emotet botnet. A global operation of law...
Pwn2Own 2021, more than $1,500,000 in cash and prizes for contestants
Trend Micro’s Zero Day Initiative announced the Pwn2Own Vancouver 2021 hacking competition that will also cover Zoom, MS Teams Exploits....
