Rekono – Execute Full Pentesting Processes Combining Multiple Hacking Tools Automatically
Rekono combines other hacking tools and its results to execute complete pentesting processes against a target in an automated way....
hacking
Unprecedented cyber attack hit State Infrastructure of Montenegro
The state Infrastructure of Montenegro was hit by a massive and “unprecedented” cyber attack, authorities announced. An unprecedented cyber attack...
Threat actor abuses Genshin Impact Anti-Cheat driver to disable antivirus
Threat actors abused a vulnerable anti-cheat driver for the Genshin Impact video game to disable antivirus software. Threat actors abused...
Critical flaw impacts Atlassian Bitbucket Server and Data Center
Atlassian addressed a critical vulnerability in Bitbucket Server and Data Center that could lead to malicious code execution on vulnerable instances. Atlassian...
Iran-linked Mercury APT exploited Log4Shell in SysAid Apps for initial access
An Iran-linked Mercury APT group exploited the Log4Shell vulnerability in SysAid applications for initial access to the targeted organizations. The Log4Shell...
ReconPal – Leveraging NLP For Infosec
Recon is one of the most important phases that seem easy but takes a lot of effort and skill to...
GoldDragon campaign: North-Korea linked Kimsuky APT adopts victim verification technique
The North Korea-linked Kimsuky APT is behind a new campaign, tracked as GoldDragon, targeting political and diplomatic entities in South...
0ktapus phishing campaign: Twilio hackers targeted other 136 organizations
The threat actors behind Twilio and Cloudflare attacks have been linked to a phishing campaign that targeted other 136 organizations. The threat actors...
LastPass data breach: threat actors stole a portion of source code
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password...
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered...
dBmonster – Track WiFi Devices With Their Recieved Signal Strength
With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength (dBm) of...
GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular...
Threat actors are using the Tox P2P messenger as C2 server
Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a...
Plex discloses data breach and urges password reset
The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database....
AiTM phishing campaign also targets G Suite users
The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign now target Google G Suite users The threat actors behind a large-scale...
Ox4Shell – Deobfuscate Log4Shell Payloads With Ease
Deobfuscate Log4Shell payloads with ease. Description Since the release of the Log4Shell vulnerability (CVE-2021-44228), many tools were created to obfuscate...
VMware fixed a privilege escalation issue in VMware Tools
VMware this week released patches to address an important-severity vulnerability in the VMware Tools suite of utilities. The virtualization giant...
France hospital Center Hospitalier Sud Francilien suffered ransomware attack
A French hospital, the Center Hospitalier Sud Francilien (CHSF), suffered a cyberattack on Sunday and was forced to refer patients...
Microsoft publicly discloses details on critical ChromeOS flaw
Microsoft shared technical details of a critical ChromeOS flaw that could be exploited to trigger a DoS condition or for...
GitLab fixed a critical Remote Code Execution (RCE) bug in CE and EE releases
DevOps platform GitLab fixed a critical remote code execution flaw in its GitLab Community Edition (CE) and Enterprise Edition (EE)...
Over 80,000 Hikvision cameras can be easily hacked
Experts warn that over 80,000 Hikvision cameras are vulnerable to a critical command injection vulnerability. Security researchers from CYFIRMA have...
System Informer – A Free, Powerful, Multi-Purpose Tool That Helps You Monitor System Resources, Debug Software And Detect Malware
System Informer A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. Brought to...
CISA adds Palo Alto Networks PAN-OS to its Known Exploited Vulnerabilities Catalog
US Cybersecurity and Infrastructure Security Agency (CISA) added a flaw, tracked as CVE-2022-0028, affecting Palo Alto Networks PAN-OS to its...
Counterfeit versions of popular mobile devices target WhatsApp and WhatsApp Business
Experts found backdoors in budget Android device models designed to target WhatsApp and WhatsApp Business messaging apps. Researchers from Doctor...
