403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory
An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned...
hacking
Security Affairs Newsletter is back!
Security Affairs newsletter is back, it is the right time to subscribe to it. Every day I receive several emails...
Security Affairs newsletter Round 293
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs
Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner....
NI CompactRIO controller flaw could allow disrupting production
A serious flaw in National Instruments CompactRIO controllers could allow remote attackers to disrupt production processes in an organization. A...
WordPress Easy WP SMTP zero-day potentially exposes hundreds of thousands of sites to hack
Threat actors are actively exploiting a zero-day vulnerability in the popular Easy WP SMTP WordPress plugin installed on more than...
Spotify reset user passwords after accidentally personal information exposure
Spotify is informing users that their personal information might have been accidentally shared with some of its business partners. Spotify...
Facebook links cyberespionage group APT32 to Vietnamese IT firm
Facebook has suspended some accounts linked to APT32 that were involved in cyber espionage campaigns to spread malware. Facebook has...
Gustave – Embedded OS kernel fuzzer
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its...
Carnivore – Tool For Assessing On-Premises Microsoft Servers Authentication Such As ADFS, Skype, Exchange, And RDWeb
Carnivore is an assessment tool for Skype for Business, Exchange, ADFS, and RDWeb servers as well as some O365 functionality....
Threat actors target K-12 distance learning education, CISA and FBI warn
The US Cybersecurity Infrastructure and Security Agency and the FBI warned about the increase in ransomware attacks targeting the US...
Interview with Massimiliano Brolli, Head of TIM Red Team Research
Interview with Massimiliano Brolli, Head of TIM Red Team Research, which is a team of experts that focus on zero-day...
Adrozek malware silently inject ads into search results in multiple browsers
Microsoft warns of a new malware named Adrozek that infects devices and hijacks Chrome, Edge, and Firefox browsers by changing...
Cisco addresses critical RCE vulnerability in Jabber
Cisco addressed a new critical RCE vulnerability that affects several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco...
Expert published PoC exploit code for Kerberos Bronze Bit attack
The proof-of-concept exploit code for the Kerberos Bronze Bit attack was published online, it allows intruders to bypass authentication and...
Sak1To-Shell – Multi-threaded C2 Server And Reverse Shell Client Written In Pure C
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact...
DarkSide – Tool Information Gathering And Social Engineering
Features:Hacker DashboardHacker News New Exploits Hacking Tutorials Video The Latest Prices OF Digital Currencies Information GatheringBypass Cloud Flare Cms Detect...
NICER Protocol Deep Dive: Internet Exposure of etcd
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
njRAT RAT operators leverage Pastebin C2 tunnels to avoid detection
Threat actors behind the njRAT Remote Access Trojan (RAT) are leveraging active Pastebin Command and Control Tunnels to avoid detection....
Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware
Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is...
Attack on Vermont Medical Center is costing the hospital $1.5M a day
The attack that hit the University of Vermont Medical Center at the end of October is costing the hospital about $1.5 million...
European Medicines Agency targeted by cyber attack
The European Medicines Agency (EMA) announced it has been targeted by a cyber attack. The European Medicines Agency (EMA) announced...
RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding...
Depix – Recovers Passwords From Pixelized Screenshots
Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with...
