Revolut security breach: data of +50,000 users exposed
Revolut has suffered a cyberattack, threat actors have had access to personal information of tens of thousands of customers. The financial...
hacking
CATS – REST API Fuzzer And Negative Testing Tool For OpenAPI Endpoints
REST API fuzzer and negative testing tool. Run thousands of self-healing API tests within minutes with no coding effort!Comprehensive: tests...
Alleged Grand Theft Auto 6 (GTA6) gameplay videos and source code leaked online
Threat actors leaked source code and gameplay videos of Grand Theft Auto 6 (GTA6) after they have allegedly breached Rockstar...
TeamTNT is back and targets servers to run Bitcoin encryption solvers
AquaSec researchers observed the cybercrime gang TeamTNT hijacking servers to run Bitcoin solver since early September. In the first week...
Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes
Researchers discovered two critical vulnerabilities (CVE–2022–36158 and CVE–2022–36159) in Flexlan devices that provide WiFi on airplanes. Researchers from Necrum Security...
Netgear Routers impacted by FunJSQ Game Acceleration Module flaw
Multiple Netgear router models are impacted by an arbitrary code execution via FunJSQ, which is a third-party module for online...
Uber says there is no evidence that users’ private information was compromised
Uber hack update: There is no evidence that users’ private information was compromised in the data breach. Uber provided an...
FISSURE – Frequency Independent SDR-based Signal Understanding and Reverse Engineering
Frequency Independent SDR-based Signal Understanding and Reverse EngineeringFISSURE is an open-source RF and reverse engineering framework designed for all skill...
Security Affairs newsletter Round 384
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
LastPass revealed that intruders had internal access for four days during the August hack
The Password management solution LastPass revealed that the threat actors had access to its systems for four days during the...
CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the bug...
DeathSleep – A PoC Implementation For An Evasion Technique To Terminate The Current Thread And Restore It Before Resuming Execution, While Implementing Page Protection Changes During No Execution
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing...
Bitdefender releases Universal LockerGoga ransomware decryptor
Bitdefender has released a free decryptor to allow the victims of the LockerGoga ransomware to recover their files without paying...
North Korea-linked APT spreads tainted versions of PuTTY via WhatsApp
North Korea-linked threat actor UNC4034 is spreading tainted versions of the PuTTY SSH and Telnet client. In July 2022, Mandiant...
XLL_Phishing – XLL Phishing Tradecraft
With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers...
Uber hacked, internal systems and confidential documents were allegedly compromised
Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on...
Akamai mitigated a new record-breaking DDoS attack against a Europen customer
Akamai announced to have recently blocked a new record-breaking distributed denial-of-service (DDoS) attack. On Monday, September 12, 2022, Akamai mitigated...
Experts warn of self-spreading malware targeting gamers looking for cheats on YouTube
Threat actors target gamers looking for cheats on YouTube with the RedLine Stealer information-stealing malware and crypto miners Researchers from...
Russia-linked Gamaredon APT target Ukraine with a new info-stealer
Russia-linked Gamaredon APT targets employees of the Ukrainian government, defense, and law enforcement agencies with a custom information-stealing malware. Russia-linked...
SharpImpersonation – A User Impersonation Tool – Via Token Or Shellcode Injection
This was a learning by doing project from my side. Well known techniques are used to built just another impersonation...
FBI: Millions in Losses resulted from attacks against Healthcare payment processors
The FBI has issued an alert about threat actors targeting healthcare payment processors in an attempt to hijack the payments....
Crooks are using lures related to Her Majesty Queen Elizabeth II in phishing attacks
Threat actors are exploiting the death of Queen Elizabeth II as bait in phishing attacks to steal Microsoft account credentials...
CISA added 2 more security flaws to its Known Exploited Vulnerabilities Catalog
CISA added more security flaws to its Known Exploited Vulnerabilities Catalog, including Windows and iOS flaws. The U.S. Cybersecurity and Infrastructure...
SparklingGoblin APT adds a new Linux variant of SideWalk implant to its arsenal
China-linked SparklingGoblin APT was spotted using a Linux variant of a backdoor known as SideWalk against a Hong Kong university....
