Experts warn of ransomware attacks against government organizations of small states
Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed...
hacking
Labtainers – A Docker-based Cyber Lab Framework
Labtainers include more than 50 cyber lab exercises and tools to build your own. Import a single VM appliance or...
Three Nigerian men arrested in INTERPOL Operation Killer Bee
Interpol arrested three Nigerian men in Lagos, who are suspected of using the Agent Tesla RAT to reroute financial transactions...
A new WhatsApp OTP scam could allow the hijacking of users’ accounts
Experts warn of a new ongoing WhatsApp OTP scam that could allow attackers to hijack users’ accounts through phone calls....
Multiple Microsoft Office versions impacted by an actively exploited zero-day
A zero-day flaw in Microsoft Office that could be exploited by attackers to achieve arbitrary code execution on Windows systems....
PersistBOF – Tool To Help Automate Common Persistence Mechanisms
A tool to help automate common persistence mechanisms. Currently supports Print Monitor (SYSTEM), Time Provider (Network Service), Start folder shortcut...
GoodWill Ransomware victims have to perform socially driven activities to decryption their data
Researchers discovered a new ransomware family called GoodWill that asks victims to donate the ransom for social causes. CloudSEK’s Threat Intelligence Research...
EnemyBot malware adds new exploits to target CMS servers and Android devices
The operators of the EnemyBot botnet added exploits for recently disclosed flaws in VMware, F5 BIG-IP, and Android systems. Operators...
Mitmproxy2Swagger – Automagically Reverse-Engineer REST APIs Via Capturing Traffic
A tool for automatically converting Run the first pass of mitmproxy2swagger: $ mitmproxy2swagger -i <path_to_mitmptoxy_flow> -o <path_to_output_schema> -p <api_prefix> Please...
Pro-Russian hacker group KillNet plans to attack Italy on May 30
Pro-Russian hacker group KillNet is threatening again Italy, it announced a massive and unprecedented attack on May 30. Pro-Russian hacker...
Security Affairs newsletter Round 367 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
US man sentenced to 4 years in prison for his role in Infraud scheme
A man from New York was sentenced to four years in prison for trading stolen credit card data and assisting...
Hakoriginfinder – Tool For Discovering The Origin Host Behind A Reverse Proxy. Useful For Bypassing Cloud WAFs!
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing WAFs and other reverse proxies. How does...
BinAbsInspector – Vulnerability Scanner For Binaries
BinAbsInspector (Binary Abstract Inspector) is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a...
Experts believe that Russian Gamaredon APT could fuel a new round of DDoS attacks
360 Qihoo reported DDoS attacks launched by APT-C-53 (aka Gamaredon) conducted through the open-source DDoS Trojan program LOIC. Researchers at 360 Qihoo observed...
The strange link between Industrial Spy and the Cuba ransomware operation
The recently launched Industrial Spy data extortion marketplace has now started its ransomware operation. In April, Malware HunterTeam and Bleeping...
Reuters: Russia-linked APT behind Brexit leak website
Russia-linked threat actors are behind a new website that published leaked emails from leading proponents of Britain’s exit from the...
Stunner – Tool To Test And Exploit STUN, TURN And TURN Over TCP Servers
Stunner is a tool to test and exploit STUN, TURN and TURN over TCP servers. TURN is a protocol mostly...
GitHub: Nearly 100,000 NPM Users’ credentials stolen in the April OAuth token attack
GitHub provided additional details into the theft of its integration OAuth tokens that occurred in April, with nearly 100,000 NPM users’ credentials....
Android pre-installed apps are affected by high-severity vulnerabilities
Microsoft found several high-severity vulnerabilities in a mobile framework used in pre-installed Android System apps. The Microsoft 365 Defender Research...
LEAF – Linux Evidence Acquisition Framework
Linux Evidence Acquisition Framework (LEAF) acquires artifacts and evidence from Linux EXT4 systems, accepting user input to customize the functionality...
GhostTouch: how to remotely control touchscreens with EMI
Security researchers devised a technique, dubbed GhostTouch, to remotely control touchscreens using electromagnetic signals. A team of researchers from Zhejiang...
FBI: Compromised US academic credentials available on various cybercrime forums
The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors...
Ransomware-Simulator – Ransomware Simulator Written In Golang
The goal of this repository is to provide a simple, harmless way to check your AV's protection on ransomware. This...
