Ukrainian telecommunications operators hit by DarkCrystal RAT malware
The Ukrainian CERT-UA warns of attacks against Ukrainian telecommunications operators involving the DarkCrystal RAT. The Governmental Computer Emergency Response Team...
hacking
Threat actors stole $100M in crypto assets from Harmony
Threat actors have stolen $100 million in cryptocurrency from the Blockchain company Harmony on Thursday evening. Last week threat actors...
Sealighter – Easy ETW Tracing for Security Research
I created this project to help non-developers dive into researching Event Tracing for Windows (ETW) and Windows PreProcessor Tracing (WPP)....
Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day
A threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence...
Security Affairs newsletter Round 371 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
China-linked APT Bronze Starlight deploys ransomware as a smokescreen
China-linked APT Bronze Starlight is deploying post-intrusion ransomware families as a diversionary action to its cyber espionage operations. Researchers from...
Scout – Lightweight URL Fuzzer And Spider: Discover A Web Server’S Undisclosed Files, Directories And VHOSTs
Scout is a URL fuzzer and spider for discovering undisclosed VHOSTS, files and directories on a web server. A full...
Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas
Russian threat actors may be behind the explosion at a liquefied natural gas plant in Texas, the incident took place...
DFSCoerce – PoC For MS-DFSNM Coerce Authentication Using NetrDfsRemoveStdRoot Method
PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method (and probably more but am lazy and its just PoC :P )....
Oracle spent 6 months to fix ‘Mega’ flaws in the Fusion Middleware
Researchers disclose technical details of a critical flaw in Fusion Middleware, tracked as CVE-2022–21445, that Oracle took six months to...
Multiple malicious packages in PyPI repository found stealing AWS secrets
Researchers discovered multiple malicious Python packages in the official PyPI repository stealing AWS credentials and other info. Sonatype researchers discovered...
Nim-Loader – WIP Shellcode Loader In Nim With EDR Evasion Techniques
a very rough work-in-progress adventure into learning nim by cobbling resources together to create a shellcode loader that implements common...
Attackers exploited a zero-day in Mitel VOIP devices to compromise a networkÂ
Experts warn threat actors have exploited a zero-day vulnerability in a Mitel VoIP appliance in a ransomware attack. CrowdStrike researchers...
Authcov – Web App Authorisation Coverage Scanning
Web app authorisation coverage scanning. Introduction AuthCov crawls your web application using a Chrome headless browser while logged in as...
Threat actors continue to exploit Log4Shell in VMware Horizon Systems
The U.S. CISA and the Coast Guard Cyber Command (CGCYBER) warn of attacks exploiting the Log4Shell flaw in VMware Horizon...
Vulnerabilities in the Jacuzzi SmartTub app could allow to access users’ data
Researchers discovered multiple vulnerabilities in Jacuzzi SmartTub app web interface that can expose private data. Multiple vulnerabilities in Jacuzzi SmartTub...
Norimaci – Simple And Lightweight Malware Analysis Sandbox For macOS
"Norimaci" is a simple and lightweight Installation git clone https://github.com/mnrkbys/norimaci.git Future Work YARA scanning VirusTotal scanning Author Minoru Kobayashi License...
Google TAG argues surveillance firm RCS Labs was helped by ISPs to infect mobile users
Google’s Threat Analysis Group (TAG) revealed that the Italian spyware vendor RCS Labs was supported by ISPs to spy on...
TrelloC2 – Simple C2 Over The Trello API
Simple C2 over Trello's API (Proof-of-Concept) By: Fabrizio Siciliano (@0rbz_) Update 12/30/2019 Removed hardcoded API key and Token, use input()...
Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor
China-linked APT group Tropic Trooper has been spotted previously undocumented malware written in Nim language. Check Point Research uncovered an activity...
NSO Group told lawmakers that Pegasus spyware was used by at least 5 European countries
The Israeli surveillance firm NSO Group revealed that its Pegasus spyware was used by at least five European countries. The...
WEF – Wi-Fi Exploitation Framework
A fully offensive framework to the 802.11 networks and protocols with different types of attacks for WPA and WEP, Created...
QNAP warns of a critical PHP flaw that could lead to remote code execution
Taiwanese company QNAP is addressing a critical PHP vulnerability that could be exploited to achieve remote code execution. Taiwanese vendor...
Researchers found flaws in MEGA that allowed to decrypt of user data
Researchers at ETH Zurich discovered several critical flaws in the MEGA cloud storage service that could have allowed the decryption...
