DuplicateDump – Dumping LSASS With A Duplicated Handle From Custom LSA Plugin
DuplicateDump is a fork of MirrorDump with following modifications: DInovke implementation LSA plugin DLL written in C++ which could be...
hacking
Kubeclarity – Tool For Detection And Management Of Software Bill Of Materials (SBOM) And Vulnerabilities Of Container Images And Filesystems
KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and Features Dashboard Fixable vulnerabilities per...
Microsoft Patch Tuesday updates for May 2022 fixes 3 zero-days, 1 under active attack
Microsoft Patch Tuesday security updates for May 2022 address three zero-day vulnerabilities, one of them actively exploited. Microsoft Patch Tuesday...
EU condemns Russian cyber operations against Ukraine
The European Union condemns the cyberattacks conducted by Russia against Ukraine, which targeted the satellite KA-SAT network. The European Union...
Spring4Shell-Poc – Spring Core RCE 0-day Vulnerability
Description of the vulnerability: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html Construction of the POC: https://github.com/BobTheShoplifter/Spring4Shell-POC Steps to Build/Run Tested with JDK 11.0.14, Spring Boot 2.6.5,...
Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory
Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft...
Spring4Shell-POC – Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit
Run the exploit.py script: python exploit.py --url "http://localhost:8080/helloworld/greeting" Visit the created webshell! Modify the cmd GET parameter for your commands....
Hacktivists hacked Russian TV schedules during Victory Day and displayed anti-war messages
Hacktivists yesterday defaced the Russian TV with pro-Ukraine messages and took down the RuTube video streaming site. Hacktivists and white...
Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP
Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting...
Exclusive: Welcome “Frappo” – Resecurity identified a new Phishing-as-a-Service
The Resecurity HUNTER unit identified a new underground service called ‘Frappo’, which is available on the Dark Web. “Frappo” acts...
AutoResponder – Carbon Black Response IR Tool
What is it? AutoResponder is a tool aimed to help people to carry out their Incident Response tasks WITH the...
DCRat, only $5 for a fully working remote access trojan
Researchers warn of a remote access trojan called DCRat (aka DarkCrystal RAT) that is available for sale on Russian cybercrime...
CERT-UA warns of malspam attacks distributing the Jester info stealer
The Computer Emergency Response Team of Ukraine (CERT-UA) warns of attacks spreading info-stealing malware Jester Stealer. The Computer Emergency Response...
Experts developed exploits for CVE-2022-1388 RCE in F5 BIG-IP products
A few days after F5 addressed the critical CVE-2022-1388 Remote Code execution flaw in its BIG-IP products, researchers created exploits...
Experts uncovered a new wave of attacks conducted by Mustang Panda
China-linked Mustang Panda APT group targets entities in Asia, the European Union, Russia, and the US in a new wave of...
Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)
Conti Ransomware gang claims to have hacked the Peru MOF – Dirección General de Inteligencia (DIGIMIN) and stolen 9.41 GB....
May 01 – May 07 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to Russia invasion of Ukraine from the cyber security perspective. Below...
NIST published updated guidance for supply chain risks
The National Institute of Standards and Technology (NIST) has released updated guidance for defending against supply-chain attacks. The National Institute...
CVE-Tracker – With The Help Of This Automated Script, You Will Never Lose Track Of Recently Released CVEs
If you want to change these URLs to your desired ones, you can simply open the cve.ps1 file with an...
US agricultural machinery manufacturer AGCO suffered a ransomware attack
The American agricultural machinery manufacturer AGCO announced that has suffered a ransomware attack that impacted its production facilities. AGCO, one of the...
Security Affairs newsletter Round 364 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
US DoS offers a reward of up to $15M for info on Conti ransomware gang
The US Government offers up to $15 million for information that helps identify and locate leadership and co-conspirators of the...
Zi – A Swiss Army Knife for Zsh – Unix Shell
A Swiss Army Knife for Zsh - Unix Shell.RoadmapSee the open issues for a list of proposed features (and known...
Raspberry Robin spreads via removable USB devices
Researchers discovered a new Windows malware, dubbed Raspberry Robin, with worm-like capabilities that spreads via removable USB devices. Cybersecurity researchers...
