Experts spotted Syslogk, a Linux rootkit under development
Experts spotted a new Linux rootkit, dubbed ‘Syslogk,’ that uses specially crafted “magic packets” to activate a dormant backdoor on the...
hacking
SharpEventPersist – Persistence By Writing/Reading Shellcode From Event Log
Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:pathtoshellcode.bin" -instanceid 1337 -source...
Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability
Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s...
GALLIUM APT used a new PingPull RAT in recent campaigns
China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe,...
HelloXD Ransomware operators install MicroBackdoor on target systems
Experts observed the HelloXD ransomware deploying a backdoor to facilitate persistent remote access to infected hosts. The HelloXD ransomware first appeared...
confluencePot – Simple Honeypot For Atlassian Confluence (CVE-2022-26134)
ConfluencePot is a simple honeypot for the Atlassian Confluence unauthenticated and remote OGNL injection vulnerability (CVE-2022-26134). About the vulnerability You...
Using WiFi connection probe requests to track users
Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics...
Security Affairs newsletter Round 369 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
DOMDig – DOM XSS Scanner For Single Page Applications
DOMDig is a DOM XSS scanner that runs inside the Chromium web browser and it can scan single page applications...
Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers
Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware...
Exfilkit – Data Exfiltration Utility For Testing Detection Capabilities
Data exfiltration utility for testing detection capabilities Description Data exfiltration utility used for testing detection capabilities of security products. Obviously...
HID Mercury Access Controller flaws could allow to unlock Doors
Experts found vulnerabilities in HID Mercury Access Controllers can be exploited by attackers to remotely unlock doors. Researchers from security...
Pulsar – Data Exfiltration And Covert Communication Tool
Pulsar is a tool for data exfiltration and covert communication that enable you to create a secure data transfer, a...
Iran-linked Lyceum APT adds a new .NET DNS Backdoor to its arsenal
Iran-linked Lyceum APT group uses a new .NET-based DNS backdoor to target organizations in the energy and telecommunication sectors. The...
PACMAN, a new attack technique against Apple M1 CPUs
PACMAN is a new attack technique demonstrated against Apple M1 processor chipsets that could be used to hack macOS systems....
WhiteBeam – Transparent Endpoint Security
Transparent endpoint security Features Block and detect advanced attacks Modern audited cryptography: RustCrypto for hashing and encryption Highly compatible: Development...
Jeeves – Time-Based Blind SQLInjection Finder
Jeeves is made for looking to Time-Based Blind SQLInjection through recon. - Installation & Requirements: Installing Jeeves $ go...
Threat actors exploit recently disclosed Atlassian Confluence flaw in cryptomining campaign
Threat actors are exploiting the recently disclosed CVE-2022-26134 RCE in Atlassian Confluence servers to deploy cryptocurrency miners. CheckPoint researchers have...
Experts spotted a new variant of the Cuba Ransomware with optimized infection techniques
The Cuba ransomware operators are back and employed a new version of its malware in recent attacks. Cuba ransomware has...
PacketStreamer – Distributed Tcpdump For Cloud Native Environments
Deepfence PacketStreamer is a high-performance remote PacketStreamer sensors collect raw network packets on remote hosts. It selects packets to capture...
Vice Society ransomware gang adds the Italian City of Palermo to its data leak site
The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the...
Blackbird – An OSINT Tool To Search For Accounts By Username In 101 Social Networks
Blackbird An Setup Clone the repository git clone https://github.com/p1ngul1n0/blackbirdcd blackbird Install requirements pip install -r requirements.txt Usage Search by username...
Symbiote, a nearly-impossible-to-detect Linux malware
Researchers uncovered a high stealth Linux malware, dubbed Symbiote, that could be used to backdoor infected systems. Joint research conducted by...
Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia
Researchers spotted a previously undocumented Chinese-speaking APT, tracked as Aoqin Dragon, targeting entities in Southeast Asia and Australia. SentinelOne documented a...
