Surveillance vendor exploited Samsung phone zero-days
Google Project Zero researchers reported that a surveillance vendor is using three Samsung phone zero-day exploits. Google Project Zero disclosed...
hacking
Experts observed Amadey malware deploying LockBit 3.0 Ransomware
Experts noticed that the Amadey malware is being used to deploy LockBit 3.0 ransomware on compromised systems. Researchers from AhnLab Security Emergency...
Microsoft Patch Tuesday updates fix 6 actively exploited zero-days
Microsoft Patch Tuesday updates for November 2022 addressed 64 vulnerabilities, including six actively exploited zero-days. Microsoft Patch Tuesday updates for...
RDPHijack-BOF – Cobalt Strike Beacon Object File (BOF) That Uses WinStationConnect API To Perform Local/Remote RDP Session Hijacking
Cobalt Strike Beacon Object File (BOF) that uses WinStationConnect API to perform local/remote RDP session hijacking. With a valid access...
VMware fixes three critical flaws in Workspace ONE Assist
VMware address three critical bugs in the Workspace ONE Assist solution that allow remote attackers to bypass authentication and elevate...
Citrix ADC and Citrix Gateway are affected by a critical authentication bypass flaw
Citrix released security updates to address a critical authentication bypass vulnerability in Citrix ADC and Citrix Gateway. Citrix is urging...
SmokeLoader campaign distributes new Laplas Clipper malware
Researchers observed a SmokeLoader campaign that is distributing a new clipper malware dubbed Laplas Clipper that targets cryptocurrency users. Cyble...
Medibank confirms ransomware attack impacting 9.7M customers, but doesn’t pay the ransom
Australian health insurer Medibank confirmed that personal data belonging to around 9.7 million current and former customers were exposed as...
US DoJ seizes $3.36B Bitcoin from Silk Road hacker
The U.S. Department of Justice condemned James Zhong, a hacker who stole 50,000 bitcoins from the Silk Road dark net...
‘Justice Blade’ Hackers are Targeting Saudi Arabia
Threats actors calling themselves “Justice Blade” published leaked data from an outsourcing IT vendor. The group of threat actors calling...
Robin Banks phishing-as-a-service platform continues to evolve
The phishing-as-a-service (PhaaS) platform Robin Banks migrated its infrastructure to DDoS-Guard, a Russian bulletproof hosting service. The phishing-as-a-service (PhaaS) platform Robin...
Water sector in the US and Israel still unprepared to defeat cyber attacks
Expert warns that the US and Israel are still unprepared to defeat a cyber attack against organizations in the water...
Evilgophish – Evilginx2 + Gophish
Combination of Once you have run setup.sh, the next steps are: Configure SMS message template. You will use Text only...
UK NCSC govt agency is scanning the Internet for flawed devices in the UK
The UK National Cyber Security Centre (NCSC) announced that is scanning all Internet-exposed devices hosted in the UK for vulnerabilities....
Abusing Microsoft Dynamics 365 Customer Voice in phishing attacks
Researchers uncovered a campaign abusing Microsoft Dynamics 365 customer voice to steal credentials from the victims. Microsoft’s Dynamics 365 Customer...
LockBit 3.0 gang claims to have stolen data from Kearney & Company
The ransomware group LockBit claimed to have stolen data from consulting and IT services provider Kearney & Company. Kearney is...
A cyberattack blocked the trains in Denmark
At the end of October, a cyber attack caused the trains to stop in Denmark, the attack hit a third-party...
Collect-MemoryDump – Automated Creation Of Windows Memory Snapshots For DFIR
Collect-MemoryDump - Automated Creation of Windows Memory Snapshots for DFIR Collect-MemoryDump.ps1 is Fig 3: Automated Creation of Windows Memory Snapshot...
Security Affairs newsletter Round 392
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
29 malicious PyPI packages spotted delivering the W4SP Stealer
Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers’ systems. Cybersecurity researchers have discovered 29 packages...
Zero-day are exploited on a massive scale in increasingly shorter timeframes
Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital...
Prefetch-Hash-Cracker – A Small Util To Brute-Force Prefetch Hashes
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM
A new campaign spreading RomCom RAT impersonates popular software brands like KeePass, and SolarWinds. The threat actor behind the RomCom...
Appshark – Static Taint Analysis Platform To Scan Vulnerabilities In An Android App
Appshark is a static taint analysis platform to scan vulnerabilities in an Android app. Prerequisites Appshark requires a specific version...
