RESim – Reverse Engineering Software Using A Full System Simulator
Reverse engineering using a full system simulator. Dynamic analysis by instrumenting simulated hardware using Simics Trace process trees, system calls...
hacking
Apple fixes multiple flaws in iOS, iPadOS, macOS, tvOS, and watchOS devices
Apple released security updates to address multiple vulnerabilities that affect iOS, iPadOS, macOS, tvOS, and watchOS devices. Apple released security...
8220 Gang Cloud Botnet infected 30,000 host globally
The crimeware group known as 8220 Gang expanded over the last month their Cloud Botnet to roughly 30,000 hosts globally. ...
New Luna ransomware targets Windows, Linux and ESXi systems
Kaspersky researchers discovered a new ransomware family written in Rust, named Luna, that targets Windows, Linux, and ESXi systems. Researchers...
Million of vehicles can be attacked via MiCODUS MV720 GPS Trackers
Multiple flaws in MiCODUS MV720 Global Positioning System (GPS) trackers shipped with over 1.5 million vehicles can allow hackers to remotely...
Cdb – Automate Common Chrome Debug Protocol Tasks To Help Debug Web Applications From The Command-Line And Actively Monitor And Intercept HTTP Requests And Responses
Pown CDB is a Chrome Debug Protocol utility. The main goal of the tool is to automate common tasks to...
EU warns of risks of spillover effects associated with the ongoing war in Ukraine
The Council of the European Union (EU) warns of malicious cyber activities conducted by threat actors in the context of...
Belgium claims China-linked APT groups hit its ministries
The Minister for Foreign Affairs of Belgium blames multiple China-linked threat actors for attacks against The country’s defense and interior...
CloudMensis spyware went undetected for many years
Researchers spotted previously undocumented spyware, dubbed CloudMensis, that targets the Apple macOS systems. Researchers from ESET discovered a previously undetected...
Russia-linked APT29 relies on Google Drive, Dropbox to evade detection
Russia-linked threat actors APT29 are using the Google Drive cloud storage service to evade detection. Palo Alto Networks researchers reported...
Pinecone – A WLAN Red Team Framework
Pinecone is a WLAN networks auditing tool, suitable for red team usage. It is extensible via modules, and it is...
Crooks create rogue cryptocurrency-themed apps to steal crypto assets from users
The U.S. FBI has warned of crooks developing malicious cryptocurrency-themed apps to steal crypto assets from the users. The U.S....
Several apps on the Play Store used to spread Joker, Facestealer and Coper malware
Google blocked dozens of malicious apps from the official Play Store that were spreading Joker, Facestealer, and Coper malware families....
MLNK Builder 4.2 released in Dark Web – malicious shortcut-based attacks are on the rise
Cybercriminals released a new MLNK Builder 4.2 tool for malicious shortcuts (LNK) generation with an improved Powershell and VBS Obfuscator...
Tor Browser 11.5 is optimized to automatically bypass censorship
The Tor Project team has announced the release of Tor Browser 11.5, which introduces functionalities to automatically bypass censorship. The...
Koh – The Token Stealer
Koh is a C# and Beacon Object File (BOF) toolset that allows for the capture of user credential material via...
A massive cyberattack hit Albania
A synchronized criminal attack from abroad hit Albania over the weekend, all Albanian government systems shut down following the cyberattack....
Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw
Researchers published an analysis of the Windows remote code execution vulnerability CVE-2022-30136 impacting the Network File System. Trend Micro Research...
Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment
The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September...
Crooks stole $375k from Premint NFT, it is one of the biggest NFT hacks ever
Threat actors hacked the popular NFT platform, Premint NFT and stole 314 NFTs. The popular NFT platform, Premint NFT, was...
Google is going to remove App Permissions List from the Play Store
Google is going to remove the app permissions list from the official Play Store for both the mobile app and...
Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as...
Security Affairs newsletter Round 374 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
APT groups target journalists and media organizations since 2021
Researchers from Proofpoint warn that various APT groups are targeting journalists and media organizations since 2021. Proofpoint researchers warn that...
