Cybercriminals Deliver IRS Tax Scams & Phishing Campaigns By Mimicking Government Vendors
Threat intelligence firm Resecurity details how crooks are delivering IRS tax scams and phishing attacks posing as government vendors. Cybercriminals...
hacking
Jfscan – A Super Fast And Customisable Port Scanner, Based On Masscan And NMap
Killing features Scan with nmap fast! Allows you to scan targets with Masscan and run Nmap on discovered ports...
Static SSH host key in Cisco Umbrella allows stealing admin credentials
Cisco addressed a high severity vulnerability in the Cisco Umbrella Virtual Appliance (VA) that could allow stealing admin credentials. Cisco...
CVE-2022-20685 flaw in the Modbus preprocessor of the Snort makes it unusable
CVE-2022-20685 flaw in the Modbus preprocessor of the Snort detection engine could trigger a DoS condition and make it ineffective...
US, Australia, Canada, New Zealand, and the UK warn of Russia-linked threat actors’ attacks
Cybersecurity agencies of the Five Eyes intelligence alliance warn of cyberattacks conducted by Russia-linked threat actors on critical infrastructure. Cybersecurity...
Ma2Tl – macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
This is a DFIR tool for generating a macOS Presentation This tool was published on Japan Security Analyst Conference 2022...
Russian Gamaredon APT continues to target Ukraine
Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon, Primitive Bear, and...
Anonymous hacked other Russian organizations, some of the breaches could be severe
The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked...
DumpSMBShare – A Script To Dump Files And Folders Remotely From A Windows SMB Share
A script to Contributing Pull requests are welcome. Feel free to open an issue if you want to add other...
CISA adds Windows Print Spooler to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds a Windows Print Spooler vulnerability to its Known Exploited Vulnerabilities Catalog. The Cybersecurity...
New BotenaGo variant specifically targets Lilin security camera DVR devices
Researchers spotted a new variant of the BotenaGo botnet malware that is considered highly evasive and has a zero-detection rate....
QNAP users are recommended to disable UPnP port forwarding on routers
QNAP urges customers to disable Universal Plug and Play (UPnP) port forwarding on their routers to secure their NAS devices....
Smap – A Drop-In Replacement For Nmap Powered By Shodan.Io
Smap is a replica of Nmap which uses shodan.io's free API for port scanning. It takes same command line arguments...
ESET warns of three flaws that affect over 100 Lenovo notebook models
Lenovo warns of vulnerabilities in its Unified Extensible Firmware Interface (UEFI) shipped with at least 100 notebook models. Lenovo has...
Kaspersky releases a free decryptor for Yanluowang ransomware
Kaspersky discovered a flaw in the encryption process of the Yanluowang ransomware that allows victims to recover their files for...
ADReaper – A Fast Enumeration Tool For Windows Active Directory Pentesting Written In Go
ADReaper is a tool written in Golang which enumerate a Active Directory environment with LDAP queries within few seconds. Installation...
NSO Group Pegasus spyware leverages new zero-click iPhone exploit in recent attacks
Researchers reported that threat actors leveraged a new zero-click iMessage exploit to install NSO Group Pegasus on iPhones belonging to Catalans....
New SolarMarker variant upgrades evasion abilities to avoid detection
Researchers disclosed a new variant of the SolarMarker malware that implements new techniques to avoid detection. Cybersecurity researchers from Palo...
Crooks steal $182 million from Beanstalk DeFi platform
Credit-based stablecoin protocol Beanstalk discloses a security breach that resulted in the loss of all of its $182 million. The...
KrbRelay – Framework For Kerberos Relaying
Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There...
Experts spotted Industrial Spy, a new stolen data marketplace
A new marketplace named Industrial Spy that focuses on the sale of stolen data appeared in the threat landscape. Malware...
Zircolite – A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in...
CISA adds VMware, Chrome flaws to its Known Exploited Vulnerabilities Catalog
US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities...
Apr 10 – Apr 16 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
