Snatch group claims to have hacked military provider HENSOLDT France
The Snatch ransomware group claims to have hacked HENSOLDT France, a company specializing in military and defense electronics. The Snatch ransomware group claims to...
hacking
GitHub flaw could have allowed attackers to takeover repositories of other users
A critical flaw in the cloud-based repository hosting service GitHub could’ve allowed attackers to takeover other repositories. The cloud-based repository...
Reverse_SSH – SSH Based Reverse Shell
Want to use SSH for reverse shells? Now you can. Manage and connect to reverse shells with native SSH syntax...
Malicious dropper apps on Play Store totaled 30.000+ installations
ThreatFabric researchers discovered five malicious dropper apps on Google Play Store with more than 130,000 downloads. Researchers at ThreatFabric have...
Former British Prime Minister Liz Truss ‘s phone was allegedly hacked by Russian spies
According to the Daily Mail, Former British Prime Minister Liz Truss ‘s personal phone was hacked by Russian spies. The...
German BKA arrested the alleged operator of Deutschland im Deep Web darknet market
German police arrested a student that is suspected of being the administrator of ‘Deutschland im Deep Web’ (DiDW) darknet marketplace....
BlackByte ransomware group hit Japanese beverage giant Asahi
The BlackByte ransomware group claims to have compromised the Japanese beer and beverage company Asahi. Asahi Group Holdings, Ltd. is a global Japanese beer,...
Air New Zealand warns of an ongoing credential stuffing attack
Air New Zealand suffered a security breach, multiple customers have been locked out of their accounts after the incident. Air...
Security Affairs newsletter Round 391
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Ermir – An Evil Java RMI Registry
Ermir is an Evil/Rogue RMI Registry, it public String list(): list() asks the registry for all the bound objects names,...
Twilio discloses another security incident that took place in June
Twilio suffered another brief security incident in June 2022, the attack was conducted by the same threat actor of the August hack....
A massive cyberattack hit Slovak and Polish Parliaments
The Slovak and Polish parliaments were hit by a massive cyber attack, and the voting system in Slovakia’s legislature was...
How will Twitter change under Elon Musk?
Cybhorus CEO Pierluigi Paganini talks to TRT World about Elon Musk completing his $44 billion deal to buy Twitter and...
Threatest – Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules
Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify...
Multiple vulnerabilities affect the Juniper Junos OS
Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered...
Google fixes a new actively exploited Chrome zero-day, it is the seventh one this year
Google Thursday released an emergency patch for Chrome 107 to address the actively exploited zero-day vulnerability CVE-2022-3723. Google released an...
Sandman – NTP Based Backdoor For Red Team Engagements In Hardened Networks
Sandman is a backdoor that is meant to work on hardened networks during red team engagements. Sandman works as a...
Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads
Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has...
New York Post hacked? No, the culprit is an employee
Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians....
Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs
DEV-0950 group used Clop ransomware to encrypt the network of organizations previously infected with the Raspberry Robin worm. Microsoft has...
Thomson Reuters collected and leaked at least 3TB of sensitive data
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at...
SiriSpy flaw allows eavesdropping on users’ conversations with Siri
SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy...
Whids – Open Source EDR For Windows
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
British hacker arraigned for running The Real Deal dark web marketplace
A popular British hacker was charged by the U.S. authorities for allegedly running the ‘The Real Deal’ dark web marketplace....
