Lockbit leak sites hit by mysterious DDoS attack after Entrust hack
LockBit ransomware gang claims to have hacked the IT giant Entrust and started leaking the stolen files. Entrust Corp., provides...
hacking
European Cybersecurity in Context: A Policy-Oriented Comparative Analysis
I’m proud to have contributed to the “European Cybersecurity in Context: A Policy-Oriented Comparative Analysis“ Worldwide connectivity has unleashed global...
8-year-old Linux Kernel flaw DirtyCred is nasty as Dirty Pipe
Researchers shared details of an eight-year-old flaw dubbed DirtyCred, defined as nasty as Dirty Pipe, in the Linux kernel. Researchers...
Group-IB CEO will remain in jail – complaint denied
On August 18, a Russian judge decided that Ilya Sachkov, founder and CEO of the Russian-led Group-IB, will remain in...
RPCMon – RPC Monitor Tool Based On Event Tracing For Windows
A GUI tool for scanning RPC communication through Event Tracing for Windows (ETW). The tool was published as part of...
Escanor Malware delivered in Weaponized Microsoft Office Documents
Researchers spotted a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram called Escanor Resecurity, a Los Angeles-based...
Donot Team cyberespionage group updates its Windows malware framework
The Donot Team threat actor, aka APT-C-35, has added new capabilities to its Jaca Windows malware framework. The Donot Team has been active since...
Fake DDoS protection pages on compromised WordPress sites lead to malware infections
Threat actors compromise WordPress sites to display fake Cloudflare DDoS protection pages to distribute malware. DDoS Protection pages are associated with...
Threat actors are stealing funds from General Bytes Bitcoin ATM
Threat actors have exploited a zero-day vulnerability in the General Bytes Bitcoin ATM servers to steal BTC from multiple customers....
Concealed_Code_Execution – Tools And Technical Write-Ups Describing Attacking Techniques That Rely On Concealing Code Execution On Windows
Hunt & Hackett presents a set of tools and technical write-ups describing attacking techniques that rely on concealing code execution...
Grandoreiro banking malware targets Mexico and Spain
A new Grandoreiro banking malware campaign is targeting organizations in Mexico and Spain, Zscaler reported. Zscaler ThreatLabz researchers observed a...
White hat hackers broadcasted talks and hacker movies through a decommissioned satellite
Hackers took control of a decommissioned satellite and broadcasted hacking conference talks and hacker movies. During the latest edition of...
Security Affairs newsletter Round 380
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
CISA added 7 new flaws to its Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 7 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity...
dnsReaper – Subdomain Takeover Tool For Attackers, Bug Bounty Hunters And The Blue Team!
DNS Reaper is yet another sub-domain takeover tool, but with an emphasis on accuracy, speed and the number of signatures...
TA558 cybercrime group targets hospitality and travel orgs
TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America Researchers from Proofpoint...
Russia-linked Cozy Bear uses evasive techniques to target Microsoft 365 users
Russia-linked APT group Cozy Bear continues to target Microsoft 365 accounts in NATO countries for cyberespionage purposes. Mandiant researchers reported...
CISA added SAP flaw to its Known Exploited Vulnerabilities Catalog
US CISA added a critical SAP flaw to its Known Exploited Vulnerabilities Catalog after its details were disclosed at the...
crAPI – Completely Ridiculous API
completely ridiculous API (crAPI) will help you to understand the ten most critical API security risks. crAPI is vulnerable by...
A flaw in Amazon Ring could expose user’s camera recordings
Amazon addressed a high-severity flaw in its Ring app for Android that could have exposed sensitive information and camera recordings....
Cisco fixes High-Severity bug in Secure Web Appliance
Cisco addressed a high-severity escalation of privilege vulnerability (CVE-2022-20871) in AsyncOS for Cisco Secure Web Appliance. Cisco Secure Web Appliance (formerly Secure Web Appliance (WSA)) offers protection from...
Bumblebee attacks, from initial access to the compromise of Active Directory Services
Threat actors are using the Bumblebee loader to compromise Active Directory services as part of post-exploitation activities. The Cybereason Global Security...
Estonia blocked cyberattacks claimed by Pro-Russia Killnet group
Estonia announced to have blocked a wave of cyber attacks conducted by Russian hackers against local institutions. Undersecretary for Digital...
Safari 15.6.1 addresses a zero-day flaw actively exploited in the wild
Apple released Safari 15.6.1 for macOS Big Sur and Catalina to address a zero-day vulnerability actively exploited in the wild....
