ForceAdmin – Create Infinite UAC Prompts Forcing A User To Run As Admin
ForceAdmin is a c# payload builder, creating infinate UAC pop-ups until the user allows the program to be ran. The...
hacking
Cisco will not fix the authentication bypass flaw in EoL routers
Cisco fixed new security flaws affecting its products, including a recently disclosed high-severity issue in NVIDIA Data Plane Development Kit. The most...
Ex-members of the Conti ransomware gang target Ukraine
Some members of the Conti ransomware gang were involved in financially motivated attacks targeting Ukraine from April to August 2022....
Albania interrupted diplomatic ties with Iran over the mid-July attack
Albania interrupted diplomatic ties with Iran and expelled the country’s embassy staff over the mid-July attack. Albanian Prime Minister Edi...
Experts spotted a new stealthy Linux malware dubbed Shikitega
A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs...
Coercer – A Python Script To Automatically Coerce A Windows Server To Authenticate On An Arbitrary Machine Through 9 Methods
A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods. FeaturesAutomatically detects...
Challenges of User Authentication: What You Need to Know
In the digital age, authentication is paramount to a strong security strategy. Which are the challenges of user authentication? In...
Zyxel addressed a critical RCE flaw in its NAS devices
Networking equipment vendor Zyxel addressed a critical vulnerability impacting its network-attached storage (NAS) devices. Zyxel addressed a critical vulnerability, tracked...
Moobot botnet is back and targets vulnerable D-Link routers
The Moobot botnet is behind a new wave of attacks that started in early August and that target vulnerable D-Link...
The Los Angeles Unified School District hit by a ransomware attack
One of the US largest School districts, the Los Angeles Unified School District, suffered a ransomware attack during the weekend....
A new Android malware used to spy on the Uyghur Community
Experts spotted new Android spyware that was used by China-linked threat actors to spy on the Uyghur community in China. Researchers from...
Experts discovered TeslaGun Panel used by TA505 to manage its ServHelper Backdoor
Researchers discovered a previously undocumented software control panel, named TeslaGun, used by a cybercrime gang known as TA505. Researchers from...
noPac – Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 +...
China accuses the US of cyberattacks
China accuses the United States of conducting tens of thousands of cyberattacks on its country, including cyberespionage campaigns. The Government...
Interpol dismantled sextortion ring in Asia
Interpol arrested 12 individuals which are suspected to be core members of a transnational sextortion ring. Interpol announced the arrest...
QNAP warns new Deadbolt ransomware attacks exploiting zero-day
QNAP warns customers of ongoing DeadBolt ransomware attacks that are exploiting a zero-day vulnerability in Photo Station. QNAP warns customers...
TikTok denies data breach following leak of user data
Threat actors published a sample of data allegedly stolen from TikTok, but the company denies it was breached. The hacking...
Windows Defender identified Chromium, Electron apps as Hive Ransomware
Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware...
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web
Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack...
A new SharkBot variant bypassed Google Play checks again
Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT...
A new phishing scam targets American Express cardholders
Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American...
Anonymous hacked Yandex taxi causing a massive traffic jam in Moscow
The popular collective Anonymous and the IT Army of Ukraine hacked the Yandex Taxi app causing a massive traffic jam...
BeatRev – POC For Frustrating/Defeating Malware Analysts
BeatRev Version 2Disclaimer/LiabilityThe work that follows is a POC to enable malware to "key" itself to a particular victim in...
IRS mistakenly published confidential info for roughly 120K taxpayers
The Internal Revenue Service (IRS) mistakenly leaked confidential information for approximately 120,000 taxpayers. Bad news for approximately 120,000 taxpayers who...
