Critical flaws in Orbit Fox WordPress plugin allows site takeover
Two vulnerabilities in the Orbit Fox WordPress plugin, a privilege-escalation issue and a stored XSS bug, can allow site takeover....
hacking
Security Affairs newsletter Round 297
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Two kids found a screensaver bypass in Linux Mint
The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass...
SysWhispers2 – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. All core syscalls are...
ByteDance-HIDS – A Cloud-Native Host-Based Intrusion Detection Solution Project To Provide Next-Generation Threat Detection And Behavior Audition With Modern Architecture
ByteDance-HIDS is a Cloud-Native Host-Based Intrusion Detection solution project to provide next-generation Threat Detection and Behavior Audition with modern architecture....
Siemens fixed tens of flaws in Siemens Digital Industries Software products
Siemens has addressed tens of vulnerabilities in Siemens Digital Industries Software products that can allow arbitrary code execution. Siemens has...
Joker’s Stash, the largest carding site, is shutting down
Joker’s Stash to shut down on February 15, 2021. Joker’s Stash, the largest carding marketplace online announced that it was...
Signal is down for multiple users worldwide
The popular signal messaging app Signal is currently facing issues around the world, users are not able to make calls and...
Expert launched Malvuln, a project to report flaws in malware
The researcher John Page launched malvuln.com, the first website exclusively dedicated to the research of security flaws in malware codes....
Ssh-Mitm – Ssh Mitm Server For Security Audits Supporting Public Key Authentication, Session Hijacking And File Manipulation
ssh-mitm is an intercepting (mitm) proxy server for security audits. Redirect/mirror Shell to another ssh client supported in 0.2.8 Replace...
Stegbrute – Fast Steganography Bruteforce Tool Written In Rust Useful For CTF’s
stegbrute is a fast steganography brute force tool written in Rust using also threads to achieve a faster executionDependenciesStegbrute cannot...
Winnti APT continues to target game developers in Russia and abroad
A Chinese Threat actor targeted organizations in Russia and Hong Kong with a previously undocumented backdoor, experts warn. Cybersecurity researchers...
Cisco says its RV routers will no longer receive updates
Cisco announced it will no longer release firmware updates to fix 74 vulnerabilities affecting its RV routers, which reached end-of-life...
Expert discovered a DoS vulnerability in F5 BIG-IP systems
A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks....
Operation Spalax, an ongoing malware campaign targeting Colombian entities
Security experts from ESET uncovered an ongoing surveillance campaign, dubbed Operation Spalax, against Colombian government institutions and private companies. Malware...
Pineapple-MK7-REST-Client – WiFi Hacking Workflow With Pineapple Mark 7 API
PINEAPPLE MK7 REST CLIENTThe leading rogue access point and WiFi pentest toolkit for close access operations. Passive and active attacks...
K55 – Linux X86_64 Process Injection Utility | Manipulate Processes With Customized Payloads
(pronounced: "kay fifty-five") The K55 payload injection tool is used for injecting x86_64 shellcode payloads into running processes. The utility...
CAPCOM: 390,000 people impacted in the recent ransomware Attack
Capcom revealed that the recent ransomware attack has potentially impacted 390,000 people, an increase of approximately 40,000 people from the...
Classiscam expands to Europe: Russian-speaking scammers lure Europeans to pages mimicking classifieds
Russian-speaking scammers started targeting users of European marketplaces and classifieds is a criminal scheme dubbed Classiscam. Group-IB, a global threat...
Cisco addresses a High-severity flaw in CMX Software
Cisco addressed tens of high-severity flaws, including some flaws in the AnyConnect Secure Mobility Client and in its small business...
CISA warns of recent successful cyberattacks against cloud service accounts
The US CISA revealed that several recent successful cyberattacks against various organizations’ cloud services. The Cybersecurity and Infrastructure Security Agency...
Attackers targeted Accellion FTA in New Zealand Central Bank attack
The root cause for the hack of the New Zealand Central Bank was the Accellion FTA (File Transfer Application) file...
Rogue Android RAT emerges from the darkweb
Experts discovered an Android Remote Access Trojan, dubbed Rogue, that can allow to take over infected devices and steal user...
Umbrella_android – Digital And Physical Security Advice App
Umbrella is an Android mobile app developed by Security First that provides human rights defenders with the information on what...
