Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College....
hacking
Frelatage – The Python Fuzzer That The World Deserves
pip3 install frelatageCurrent release : Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code....
Russia-linked Fronton botnet could run disinformation campaigns
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed...
A flaw in PayPal can allow attackers to steal money from users’ account
A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from...
Findwall – Check If Your Provider Is Blocking You!
FindWall is Python script that allows to understand if your network provider is limiting your access to the Internet by...
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers...
Threat actors target the infoSec community with fake PoC exploits
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon....
RedTeam-Physical-Tools – Red Team Toolkit – A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry
Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to...
Security Affairs newsletter Round 366 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North...
Fb_Friend_List_Scraper – OSINT Tool To Scrape Names And Usernames From Large Friend Lists On Facebook, Without Being Rate Limited
OSINT tool to scrape names and usernames from large friend lists on Facebook, without being rate limited. Getting started: Install...
The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000
The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During...
Zphisher-GUI-Back_office – A Zphisher GUI Back-Office Plugin
DISCLAIMER This toolkit contains materials that can be potentially damaging or dangerous for social media. Refer to the laws in...
Asian media company Nikkei suffered a ransomware attack
The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The...
Russia-linked Sandworm continues to conduct attacks against Ukraine
Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported...
Tetanus – Mythic C2 Agent Targeting Linux And Windows Hosts Written In Rust
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set...
Cisco fixes an IOS XR flaw actively exploited in the wild
Cisco addressed a medium-severity vulnerability affecting IOS XR Software, the company warns that the flaw is actively exploited in the...
QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices
Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest...
Xepor – Web Routing Framework For Reverse Engineers And Security Researchers, Brings The Best Of Mitmproxy And Flask
Xepor (pronounced /ˈzɛfə/, zephyr), a web routing framework for reverse engineers and security researchers. It provides a Flask-like API for...
Pwn2Own Vancouver 2022 D2
During the second day of the Pwn2Own Vancouver 2022 hacking competition, contestants demonstrated a working exploit for Microsoft Windows 11....
The activity of the Linux XorDdos bot increased by 254% over the last six months
Microsoft researchers have observed a spike in the activity of the Linux bot XorDdos over the last six months. XORDDoS,...
Octopus – Open Source Pre-Operation C2 Server Based On Python And Powershell
Octopus is an open source, pre-operation C2 server based on python which can control an Octopus powershell agent through HTTP/S....
Conti ransomware is shutting down operations, what will happen now?
The Conti ransomware gang shut down its operation, and some of its administrators announced a branding of the gang. Advanced...
C2concealer – Command Line Tool That Generates Randomized C2 Malleable Profiles For Use In Cobalt Strike
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike. Installation chmod u+x...
