Fawkes – Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.Options -q,...
hacking
COVID-19 themed attacks December 6 – December 19, 2020
This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 6...
NATO is checking its systems to determine the impact of SolarWinds hack
NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO...
Bheem – Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process
Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process...
Bento – A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications
A bento (弁当, bentō) is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and...
NSA warns of cloud attacks on authentication mechanisms
The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks...
FBI and Interpol shut down some servers of Joker’s Stash carding marketplace
Joker’s Stash, the largest carding marketplace online, was shut down by a coordinated operation conducted by the FBI and the...
Hackers target COVID-19 vaccine supply chain and sell the vaccine in Darkweb
Threat actors continue to trade critical medical data in the Dark Web while organizations are involved in the response to the COVID-19 pandemic. Cybercrime organizations...
Scilla – Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Information Gathering Tool - Dns/Subdomain/Port EnumerationInstallationFirst of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so...
Go365 – An Office365 User Attack Tool
Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365)....
All-source intelligence: reshaping an old tool for future challenges
An enhanced version of the old all-source intelligence discipline could serve the purpose. By Boris Giannetto Hybrid, interconnected and complex...
Microsoft confirms breach in SolarWinds hack, but denies its clients were affected
Microsoft confirms that it was also breached in the SolarWinds supply chain hack, but excluded that the attack impacted its...
Fake mobile version of Cyberpunk 2077 spreads ransomware
A threat actor is spreading ransomware dubbed CoderWare that masquerades as Windows and Android versions of the recent Cyberpunk 2077....
5 million WordPress sites potentially impacted by a Contact Form 7 flaw
The development team behind the Contact Form 7 WordPress plugin discloses an unrestricted file upload vulnerability. Jinson Varghese Behanan from Astra Security discovered...
DoppelPaymer ransomware gang now cold-calling victims, FBI warns
FBI says DoppelPaymer ransomware gang is harassing victims who refuse to pay, threatening to send individuals to their homes. FBI...
E9Patch – A Powerful Static Binary Rewriting Tool
E9Patch is a powerful static binary rewriting tool for x86_64 Linux ELF binaries. E9Patch is: Scalable: E9Patch can reliably rewrite...
PoshBot – Powershell-based Bot Framework
PoshBot is a chat bot written in PowerShell. It makes extensive use of classes introduced in PowerShell 5.0. PowerShell modules...
Help Others Be “Cyber Aware” This Festive Season—And All Year Round!
Are you tired of being the cybersecurity help desk for everyone you know? Are you frustrated with spending all your...
How to Gain Visibility Into Audit Logs for Policy Customization in InsightVM
Since the launch of InsightVM’s Custom Policy Builder in June of this year, hundreds of organizations have created and customized...
Experts spotted browser malicious extensions for Instagram, Facebook and others
Avast researchers reported that three million users installed 28 malicious Chrome or Edge extensions that could perform several malicious operations....
Launched OSSISNa, the Observatory for the Protection of the National Strategic Industrial System
On 11th December 2020, the Observatory for the Protection of the National Strategic Industrial System (OSSISNa) was officially announced. On...
Digging the recently leaked Chinese Communist Party database
KELA researchers analyzed a database recently leaked online that contains data for 1.9 million Chinese Communist Party members in Shanghai....
FireEye, GoDaddy, and Microsoft created a kill switch for SolarWinds backdoor
Microsoft, FireEye, and GoDaddy have partnered to create a kill switch for the Sunburst backdoor that was employed in the...
HPE discloses critical zero-day in Systems Insight Manager
HPE has disclosed a zero-day vulnerability in the latest versions of its HPE Systems Insight Manager (SIM) software for both...
