hacking

FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares

May 3, 2022

FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and FirmWire...

China-linked Moshen Dragon abuses security software to sideload malware

May 3, 2022

A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A...

UNC3524 APT uses IP cameras to deploy backdoors and target Exchange

May 3, 2022

A new APT group, tracked as UNC3524, uses IP cameras to deploy backdoors and steal Microsoft Exchange emails. Mandiant researchers...

Package Analysis dynamic analyzes packages in open-source repositories

May 3, 2022

The Open Source Security Foundation (OpenSSF) is working on a tool to conduct a dynamic analysis of packages uploaded to...

Pybatfish – Python Client For Batfish (Network Configuration Analysis Tool)

May 2, 2022

Pybatfish is a Python client for The Batfish YouTube channel (which you can subscribe to for new content) illustrates many...

Car rental company Sixt hit by a cyberattack that caused temporary disruptions

May 2, 2022

The car rental company Sixt announced it was hit by a cyberattack that is causing temporary business disruptions at customer...

The mystery behind the samples of the new REvil ransomware operation

May 2, 2022

The REvil ransomware gang has resumed its operations, experts found a new encryptor and a new attack infrastructure. The REvil ransomware...

Moonwalk – Cover Your Tracks During Linux Exploitation By Leaving Zero Traces On System Logs And Filesystem Timestamps

May 2, 2022

Cover your tracks during Linux Once you get a shell into the target Unix machine, start a moonwalk session by...

Group-IB CEO remains in prison – the Russian-led company has been ‘blacklisted’ in Italy

May 2, 2022

The latest executive order from the Italian ACN agency banned Group-IB, a Russian-led cybersecurity firm from working in the government...

IoT and Cybersecurity: What’s the Future?

May 2, 2022

IoT gizmos make our lives easier, but we forget that these doohickeys are IP endpoints that act as mini-radios. They...

Russia-linked APT29 targets diplomatic and government organizations

May 2, 2022

Russia-linked APT29 (Cozy Bear or Nobelium) launched a spear-phishing campaign targeting diplomats and government entities. In mid-January 2022, security researchers...

Nanodump – A Crappy LSASS Dumper With No ASCII Art

May 1, 2022

A flexible tool that creates a minidump of the LSASS process. 1. Features It uses syscalls (with SysWhispers2) for most...

Synology and QNAP warn of critical Netatalk flaws in some of their products

May 1, 2022

Synology warns customers that some of its NAS devices are affected by multiple critical Netatalk vulnerabilities. Synology has warned customers...

Hackers stole +80M from DeFi platforms Rari Capital and Fei Protocol

May 1, 2022

Threat actors exploited a bug in the Fuse protocol used by DeFi platforms Rari Capital and Fei Protocol and stole...

BackupOperatorToDA – From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller

May 1, 2022

If you compromise an account member of the group Backup Operators you can become the Domain Admin without RDP or...

Apr 24 – Apr 30 Ukraine – Russia the silent cyber conflict

May 1, 2022

This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....

Security Affairs newsletter Round 363 by Pierluigi Paganini

May 1, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...

Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

April 30, 2022

Researchers discovered flaws in the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in...

Dora – Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found

April 30, 2022

Features Blazing fast as we are using ripgrep in backend Exploit/PoC steps for many of the API key, allowing to...

Emotet tests new attack chain in low volume campaigns

April 30, 2022

Emotet operators are testing new attack techniques in response to Microsoft’s move to disable Visual Basic for Applications (VBA) macros...

Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites

April 30, 2022

A series of DDoS attacks launched by Russian hacktivists are targeting several Romanian government websites. The Romanian national cyber security...

Requests-Ip-Rotator – A Python Library To Utilize AWS API Gateway’s Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing

April 30, 2022

A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web...

Osinteye – Username Enumeration And Reconnaisance Suite

April 29, 2022

Username Enumeration And Reconnaisance Suite Supported sites PyPI Github TestPypi About.me Instagram DockerHub Installation Clone project: $ git clone...

Lupo – Malware IOC Extractor. Debugging Module For Malware Analysis Automation

April 29, 2022

Debugging module for Malware Analysis Automation For a step by step post on how to use Lupo, with images and...

hacking

FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares

China-linked Moshen Dragon abuses security software to sideload malware

UNC3524 APT uses IP cameras to deploy backdoors and target Exchange

Package Analysis dynamic analyzes packages in open-source repositories

Pybatfish – Python Client For Batfish (Network Configuration Analysis Tool)

Car rental company Sixt hit by a cyberattack that caused temporary disruptions

The mystery behind the samples of the new REvil ransomware operation

Moonwalk – Cover Your Tracks During Linux Exploitation By Leaving Zero Traces On System Logs And Filesystem Timestamps

Group-IB CEO remains in prison – the Russian-led company has been ‘blacklisted’ in Italy

IoT and Cybersecurity: What’s the Future?

Russia-linked APT29 targets diplomatic and government organizations

Nanodump – A Crappy LSASS Dumper With No ASCII Art

Synology and QNAP warn of critical Netatalk flaws in some of their products

Hackers stole +80M from DeFi platforms Rari Capital and Fei Protocol

BackupOperatorToDA – From An Account Member Of The Group Backup Operators To Domain Admin Without RDP Or WinRM On The Domain Controller

Apr 24 – Apr 30 Ukraine – Russia the silent cyber conflict

Security Affairs newsletter Round 363 by Pierluigi Paganini

Microsoft Azure flaws could allow accessing PostgreSQL DBs of other customers

Dora – Find Exposed API Keys Based On RegEx And Get Exploitation Methods For Some Of Keys That Are Found

Emotet tests new attack chain in low volume campaigns

Pro-Russian group Killnet launched DDoS attacks on Romanian govt sites

Requests-Ip-Rotator – A Python Library To Utilize AWS API Gateway’s Large IP Pool As A Proxy To Generate Pseudo-Infinite IPs For Web Scraping And Brute Forcing

Osinteye – Username Enumeration And Reconnaisance Suite

Lupo – Malware IOC Extractor. Debugging Module For Malware Analysis Automation

Fake Job Offers from CrowdStrike Used by Cybercriminals to Distribute Cryptominer

CISA: Microsoft Releases December 2024 Security Updates

CISA: Cisco Releases Security Updates for NX-OS Software

CISA: Ivanti Releases Security Updates for Multiple Products

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

You may have missed