COVID-19 themed attacks December 19, 2020– January 02, 2021
This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021. 25 December,...
hacking
Ticketmaster will pay $10 Million fine over hacking a competitor
Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The...
Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly...
Byp4Xx – Simple Bash Script To Bypass “403 Forbidden” Messages With Well-Known Methods Discussed In #Bugbountytips
byp4xx.sh __ __ __ / /_ __ ______ / // / _ ___ __ / __ / / / /...
HyperDbg – The Source Code Of HyperDbg Debugger
HyperDbg is designed with a focus on using modern hardware technologies to provide new features to the reverse engineering world....
HaXmas Hardware Hacking
BinwalkWhen mucking about with firmware (the packaged operating system and applications that makes IoT devices go), Binwalk from Refirm Labs...
Predicting the Unpredictable: What Will the Cybersecurity Space Look Like in 2021?
Not to start off another blog post about how insane this year has been, but let’s just take a moment...
Top stories of 2020
Below the list of the top stories of 2020. December 21 – SUPERNOVA, a backdoor found while investigating SolarWinds hack...
FBI warns swatting attacks on owners of smart devices
The Federal Bureau Investigation (FBI) is warning owners of smart home devices with voice and video capabilities of ‘swatting’ attacks....
AutoHotkey-Based credential stealer targets bank in the US and Canada
Experts spotted a new credential stealer written in AutoHotkey (AHK) scripting language that is targeting the US and Canadian bank...
Facebook ads used to steal 615000+ credentials in a phishing campaign
Cybercriminals are abusing Facebook ads in a large-scale phishing scam aimed at stealing victims’ login credentials. Researchers from security firm...
Expert found a secret backdoor in Zyxel firewall and VPN
Zyxel addressed a critical flaw in its firmware, tracked as CVE-2020-29583, related to the presence of a hardcoded undocumented secret account....
Oblivion – Data Leak Checker And OSINT Tool
Oblivion is a tool focused in real time monitoring of new data leaks, notifying if the credentials of the user...
RogueWinRM – Windows Local Privilege Escalation From Service Account To System
RogueWinRM is a local privilege escalation exploit that allows to escalate from a Service account (with SeImpersonatePrivilege) to Local System...
Today Adobe Flash Player reached the end of life (EOL)
Today Adobe Flash Player has reached its end of life (EOL), its vulnerabilities were exploited by multiple threat actors in...
Alleged docs relating to Covid-19 vaccine leaked in darkweb
Experts from threat intelligence firm Cyble have found documents relating to Covid-19 vaccine of European Medicines Agency in the Darkweb...
SolarWinds hackers gained access to Microsoft source code
The threat actors behind the SolarWinds supply chain attack could have had access to the source code of several Microsoft...
Threat actor is selling 368.8 million records from 26 data breaches
A data breach broker is selling user records allegedly from twenty-six data breaches on a hacker forum. Security experts from...
New Golang-based Crypto worm infects Windows and Linux servers
Experts from Intezer discovered a new and self-spreading Golang-based malware that targets Windows and Linux servers. Experts from Intezer discovered...
Emotet campaign hits Lithuania’s National Public Health Center and several state institutions
An Emotet campaign hit Lithuania, the malware has infected systems at the National Center for Public Health (NVSC) and several...
T-Mobile data breach: CPNI (Customer Proprietary Network Information) exposed
T-Mobile has disclosed a data breach that exposed customers’ network information (CPNI), including phone numbers and calls records. T-Mobile has...
CISA demands US govt agencies to update SolarWinds Orion software
US Cybersecurity and Infrastructure Security Agency (CISA) urges US federal agencies to update the SolarWinds Orion software by the end...
Metasploit 2020 Wrap-Up
2020 was certainly an interesting year. There were quite a few newsworthy events and some fantastic exploit content released. Let’s...
Google Docs bug could have allowed hackers to hijack screenshots
Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view...
