Mar 20- Mar 26 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
hacking
Western Digital addressed a critical bug in My Cloud OS 5
Western Digital fixed a critical flaw affecting My Cloud OS 5 devices that allowed attackers to gain remote code execution...
Nimcrypt2 – .NET, PE, And Raw Shellcode Packer/Loader Written In Nim
Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with...
CISA adds 66 new flaws to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) added 66 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S....
Request_Smuggler – Http Request Smuggling Vulnerability Scanner
Based on the amazing research by James Kettle. The tool can help to find servers that may be vulnerable to...
FCC adds Kaspersky to Covered List due to unacceptable risks to national security
The Federal Communications Commission (FCC) added Kaspersky to its Covered List because it poses unacceptable risks to U.S. national security....
Zkar – A Java Serialization Protocol Analysis Tool Implement In Go
Tests ZKar is a well-tested tool that passed all ysoserial generated gadgets parsing and rebuilding tests. It means that gadget...
Anonymous leaked 28GB of data stolen from the Central Bank of Russia
Anonymous announced that the affiliate group Black Rabbit World has leaked 28 GB of data stolen from the Central Bank...
Chrome emergency update fixes actively exploited a zero-day bug
Google addresses an actively exploited zero-day flaw with the release of Chrome 99.0.4844.84 for Windows, Mac, and Linux. Google fixed...
SysWhispers3 – AV/EDR Evasion Via Direct System Calls
SysWhispers helps with evasion by generating header/ASM files implants can use to make direct system calls. Why on earth didn't...
Chinese threat actor Scarab targets Ukraine, CERT-UA warns
Ukraine CERT (CERT-UA) released details about a campaign that SentinelLabs linked with the suspected Chinese threat actor tracked as Scarab....
UK police arrested 7 alleged members of Lapsus$ extortion gang
UK police suspect that a 16-year-old from Oxford is one of the leaders of the popular Lapsus$ extortion group. The...
Factual-Rules-Generator – An Open Source Project Which Aims To Generate YARA Rules About Installed Software From A Machine
Factual-rules-generator is an open source project which aims to generate YARA rules about installed software from a running operating system....
US indicted 4 Russian government employees for attacks on critical infrastructure
The U.S. has indicted four Russian government employees for their involvement in attacks on entities in critical infrastructure. The U.S....
Experts explained how to hack a building controller widely adopted in Russia
A researcher discovered critical flaws that can be exploited by remote attackers to hack a building controller popular in Russia....
Tiktok-Scraper – TikTok Scraper. Download Video Posts, Collect User/Trend/Hashtag/Music Feed Metadata, Sign URL And Etc
Docker By using docker you won't be able to use --filepath and --historypath , but you can set volume(host path...
Anonymous targets western companies still active in Russia, including Auchan, Leroy Merlin e Decathlon
Anonymous launches its offensive against Wester companies still operating in Russia, it ‘DDoSed’ Auchan, Leroy Merlin e Decathlon websites. Since...
VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control
VMware addressed two critical arbitrary code execution vulnerabilities affecting its Carbon Black App Control platform. VMware released this week, software...
ADExplorerSnapshot.py – An AD Explorer Snapshot Parser. It Is Made As An Ingestor For BloodHound, And Also Supports Full-Object Dumping To NDJSON
ADExplorerSnapshot.py is an AD Notes This library is now supporting the BloodHound v4.1+ output format (JSON format v4). For the...
Anonymous claims to have hacked the Central Bank of Russia
The Anonymous hacker collective claims to have hacked the Central Bank of Russia and stole accessed 35,000 documents. Anonymous continues...
Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying
The provider of access management systems Okta confirmed the data breach and revealed that 2.5% of its customers were impacted....
Ukrainian enterprises hit with the DoubleZero wiper
Ukraine CERT-UA warns of cyberattack aimed at Ukrainian enterprises using the a wiper dubbed DoubleZero. Ukraine CERT-UA continues to observe...
FBI warns of growing risks of Russia-linked attacks on US energy firms
The FBI is warning of risks related to cyber attacks aimed at energy companies of Russia-linked threat actors. The FBI...
China-linked GIMMICK implant now targets macOS
Gimmick is a newly discovered macOS implant developed by the China-linked APT Storm Cloud and used to target organizations across...
