Korean cybersecurity agency released a free decryptor for Hive ransomware
Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions....
hacking
Experts blame North Korea-linked Lazarus APT for the Harmony hack
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat...
Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former...
SharpWSUS – CSharp tool for lateral movement through WSUS
SharpWSUS is a CSharp tool for lateral movement through WSUS. There is a corresponding blog (https://labs.nettitude.com/blog/introducing-sharpwsus/) which has more detailed...
YTStealer info-stealing malware targets YouTube content creators
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new...
Gallia – Extendable Pentesting Framework
Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration...
Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers....
Jwtear – Modular Command-Line Tool To Parse, Create And Manipulate JWT Tokens For Hackers
A modular command-line tool to parse, create and manipulate JSON Web Token(JWT) tokens for security testing purposes. Features Complete modularity....
Mitre shared 2022 CWE Top 25 most dangerous software weaknesses
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top...
RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD
The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company...
Nimc2 – A C2 Fully Written In Nim
nimc2 is a very lightweight C2 written fully in nim (implant & server). If you want to give it a...
NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE
This paper provides a taxonomic classification of non-state actors in the cyberspace, analyzing their role and impact on a state’s...
LockBit 3.0 introduces important novelties, including a bug bounty program
The LockBit ransomware operators released LockBit 3.0 with important novelties, including a bug bounty program and Zcash payments. The Lockbit...
secureCodeBox (SCB) – Continuous Secure Delivery Out Of The Box
secureCodeBox is a kubernetes based, modularized toolchain for continuous security scans of your software project. Its goal is to orchestrate...
Latest OpenSSL version is affected by a remote memory corruption flaw
Expert discovered a remote memory-corruption vulnerability affecting the latest version of the OpenSSL library. Security expert Guido Vranken discovered a...
Two critical flaws affect CODESYS ICS Automation Software
CODESYS addressed 11 security flaws in the ICS Automation Software that could lead to information disclosure and trigger a denial-of-service...
The government of Lithuania confirmed it had been hit by an intense cyberattack
Lithuania confirmed it had been hit by an “intense” cyberattack, after Vilnius imposed restrictions on the rail transit of certain...
New Matanbuchus Campaign drops Cobalt Strike beacons
Matanbuchus malware-as-a-service (Maas) has been observed spreading through phishing campaigns, dropping Cobalt Strike beacons. Threat intelligence firm Cyble has observed a...
Cyberattack halted the production at the Iranian state-owned Khuzestan Steel company
Iranian state-owned Khuzestan Steel Company was hit by a cyber attack that forced the company to halt its production. The Khuzestan Steel...
EmoCheck – Emotet Detection Tool For Windows OS
Emotet detection tool for Windows OS. How to use Download EmoCheck from the Releases page. Run EmoCheck on the host....
Ukrainian telecommunications operators hit by DarkCrystal RAT malware
The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team...
Threat actors stole $100M in crypto assets from Harmony
Threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony on Thursday evening. Last week threat actors...
Sealighter – Easy ETW Tracing for Security Research
I created this project to help non-developers dive into researching Event Tracing for Windows (ETW) and Windows PreProcessor Tracing (WPP)....
Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day
A threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence...
