This repository includes two utilities NTLMParse and ADFSRelay. NTLMParse is a utility for decoding base64-encoded NTLM messages and printing information...
The U.S. Department of Justice (DoJ) seized forty-eight domains that offered DDoS-for-Hire Service Platforms to crooks. The U.S. Department of...
Talos researchers uncovered a phishing campaign distributing the QBot malware to Windows systems using SVG files. Talos researchers uncovered a...
Researchers discovered a new Go-based botnet, dubbed GoTrim, attempting to brute force WordPress websites. Fortinet FortiGuard Labs researchers spotted a...
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates...
Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856)....
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an...
The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a...
VMware fixed three flaws in multiple products, including a virtual machine escape issue exploited at the GeekPwn 2022 hacking competition....
Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges...
LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit...
A new Python backdoor is targeting VMware ESXi servers, allowing attackers to take over compromised systems. Juniper Networks researchers spotted...
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and The command generator's output format can...
Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022....
Fortinet fixed an actively exploited FortiOSÂ SSL-VPN flaw that could allow a remote, unauthenticated attacker to execute arbitrary code on devices....
The Cybernews research team reported that India’s government platform Global Pravasi Rishta Portal was leaking sensitive user data. Original post...
Researchers spotted a cryptocurrency mining campaign targeting Linux users with Go-based CHAOS malware (Trojan.Linux.CHAOSRAT). In November 2022, Trend Micro researchers...
A hack-for-hire group dubbed Evilnum is targeting travel and financial entities with the new Janicab malware variant. Kaspersky researchers reported that...
Strengthen the security posture of your GitHub organization! Detect and remediate misconfigurations, security and compliance issues across all your GitHub...
Researchers reported an increase in TrueBot infections, attackers have shifted from using malicious emails as their primary delivery method to other techniques....
The Pwn2Own Toronto 2022 is ended, and the participants earned a total of $989,750 for 63 unique zero-day exploits. The...
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
What is it Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs....
The Iran-linked MuddyWater APT is targeting countries in the Middle East as well as Central and West Asia in a new campaign....
