Experts warn of CVE-2022-42889 Text4Shell exploit attempts
Wordfence researchers warn of exploitation attempts targeting the recently disclosed flaw in Apache Commons Text dubbed Text4Shell. Experts at WordPress security firm...
hacking
CISA adds Linux kernel flaw CVE-2021-3493 to its Known Exploited Vulnerabilities Catalog
CISA added a Linux kernel vulnerability, tracked as CVE-2021-3493, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security...
MHDDoS – DDoS Attack Script With 56 Methods
OVH | Bypass OVH RHEX | Random HEX STOMP | Bypass chk_captcha STRESS | Send HTTP Packet With High Byte...
GUAC – A Google Open Source Project to secure software supply chain
Google launched the Graph for the Understanding Artifact Composition (GUAC) project, to secure the software supply chain. Google this week launched a...
News URSNIF variant doesn’t support banking features
A new variant of the popular Ursnif malware is used as a backdoor to deliver next-stage payloads and steal sensitive...
Healthcare system Advocate Aurora Health data breach potentially impacted 3M patients
Healthcare system Advocate Aurora Health (AAH) disclosed a data breach that exposed the personal data of 3,000,000 patients. The US-based...
Experts spotted a new undetectable PowerShell Backdoor posing as a Windows update
Cybersecurity researchers warn of a new PowerShell backdoor that disguises itself as part of the Windows update process to avoid...
BlueBleed: Microsoft confirmed data leak exposing customers’ info
Microsoft disclosed a data leak, sensitive data of some of its customers were exposed by a misconfigured Microsoft server accessible...
Internet disruptions observed as Russia targets critical infrastructure in Ukraine
While the Russian army is conducting coordinated missile and drone strikes in Ukraine experts observed Internet disruptions in the country....
PartyLoud – A Simple Tool To Generate Fake Web Browsing And Mitigate Tracking
PartyLoud is a highly configurable and straightforward free tool that helps you prevent tracking directly from your linux terminal, no...
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang
The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist...
Experts discovered millions of .git folders exposed to public
Nearly two million .git folders containing vital project information are exposed to the public, the Cybernews research team found. Original...
Text4Shell, a remote code execution bug in Apache Commons Text library
Researcher discovered a remote code execution vulnerability in the open-source Apache Commons Text library. GitHub’s threat analyst Alvaro Munoz discovered a remote...
Researchers share of FabriXss bug impacting Azure Fabric Explorer
Cybersecurity researchers published technical details about a now-patched FabriXss flaw that impacts Azure Fabric Explorer. Orca Security researchers have released technical...
The missed link between Ransom Cartel and REvil ransomware gangs
Researchers at Palo Alto Network’s Unit 42 linked the Ransom Cartel ransomware operation to the REvil ransomware operations. Researchers at...
PenguinTrace – Tool To Show How Code Runs At The Hardware Level
penguinTrace is intended to help build an understanding of how programs run at the hardware level. It provides a way...
Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality
A bug in the message encryption mechanism used by Microsoft in Office 365 can allow to access the contents of the...
Law enforcement arrested 31 suspects for stealing cars by hacking key fobs
An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal...
China-linked APT41 group targets Hong Kong with Spyder Loader
China-linked threat actors APT41 (a.k.a. Winnti) targeted organizations in Hong Kong, in some cases remaining undetected for a year. Symantec...
Critical Remote Code Execution issue impacts popular post-exploitation toolkit Cobalt Strike
HelpSystems, the company that developed the Cobalt Strike platform, addressed a critical remote code execution vulnerability in its software. HelpSystems,...
xnLinkFinder – A Python Tool Used To Discover Endpoints (And Potential Parameters) For A Given Target
About - v2.0 This is a tool used to discover ... Piped input and output: Good luck and good hunting!...
Over 17000 Fortinet devices exposed online are very likely vulnerable to CVE-2022-40684
Fortinet confirmed that many systems are still vulnerable to attacks exploiting the CVE-2022-40684 zero-day vulnerability. Fortinet is urging customers to address...
CVE-2022-28762: Zoom for macOS contains a debugging port misconfiguration
Video messaging company Zoom fixed a high-severity vulnerability, tracked as CVE-2022-28762, in Zoom Client for Meetings for macOS. Zoom Client...
Retail giant Woolworths discloses data breach of MyDeal online marketplace
Australian retail giant Woolworths disclosed a data breach that impacted approximately 2.2 million MyDeal customers. Bad news for the customers...
