Crooks claims to have stolen 4TB of data from TransUnion South Africa
TransUnion South Africa discloses a data breach, threat actors who stolen sensitive data, demanded a ransom payment not to release...
hacking
Exotic Lily initial access broker works with Conti gang
Google’s Threat Analysis Group (TAG) uncovered a new initial access broker, named Exotic Lily, that is closely affiliated with the Conti ransomware...
Ghostbuster – Eliminate Dangling Elastic IPs By Performing Analysis On Your Resources Within All Your AWS Accounts
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts. Ghostbuster obtains all the DNS...
Emsisoft releases free decryptor for the victims of the Diavol ransomware
Cybersecurity firm Emsisoft released a free decryptor that allows the victims of the Diavol ransomware to recover their files without...
China-linked threat actors are targeting the government of Ukraine
Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes. Google’s Threat Analysis Group...
S1EM – This Project Is A SIEM With SIRP And Threat Intel, All In One
Today, cyber attacks are more numerous and cause damage in companies. Nevertheless, many software products exist to detect cyber threats....
Caketap, a new Unix rootkit used to siphon ATM banking data
Experts spotted a new Unix rootkit, called Caketap, that was used to steal ATM banking data. Mandiant researchers discovered a...
Red TIM Research (RTR) team discovers a bug on Ericsson Network Manager
TIM Red Team Research (RTR) researchers discovered a new flaw on Ericsson Network Manager, aka Ericsson flagship network product. TIM...
Russia-linked Cyclops Blink botnet targeting ASUS routers
The recently discovered Cyclops Blink botnet, which is believed to be a replacement for the VPNFilter botnet, is now targeting the ASUS...
Epagneul – Graph Visualization For Windows Event Logs
Epagneul is a tool to visualize and investigate Deployment Requires docker and docker-compose to be installed. Installing make Offline deployment...
Microsoft releases open-source tool for checking MikroTik Routers compromise
Microsoft released an open-source tool to secure MikroTik routers and check for indicators of compromise for Trickbot malware infections. Microsoft...
node-ipc NPM Package sabotage to protest Ukraine invasion
The developer behind the popular “node-ipc” NPM package uploaded a destructive version to protest Russia’s invasion of Ukraine. RIAEvangelist, the...
Mip22 – An Advanced Phishing Tool
The program is made for educational purposes only for to see how the phishing method works. Any unnecessary use of...
Anonymous continues to support Ukraine against the Russia
The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations. The collective Anonymous, and...
SolarWinds Warns of Attacks Targeting Web Help Desk Users
SolarWinds warns customers of potential cyberattacks targeting unpatched installs of its Web Help Desk (WHD) product. SolarWinds has published a...
Ukraine SBU arrested a hacker who supported Russia during the invasion
The Security Service of Ukraine (SBU) announced the arrest of a “hacker” who helped Russian Army during the invasion. The...
B1txor20 Linux botnet use DNS Tunnel and Log4J exploit
Researchers uncovered a new Linux botnet, tracked as B1txor20, that exploits the Log4J vulnerability and DNS tunnel. Researchers from Qihoo...
PurplePanda – Identify Privilege Escalation Paths Within And Across Different Clouds
This tool fetches resources from different cloud/saas applications focusing on permissions in order to identify privilege escalation paths and dangerous...
Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms
Russian disinformation continues, this time it used a deepfake video of Zelenskyy inviting Ukrainians to ‘lay down arms.’ A deepfake...
CISA adds 15 new flaws to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S....
RefleXXion – A Utility Designed To Aid In Bypassing User-Mode Hooks Utilised By AV/EPP/EDR Etc
Introduction RefleXXion is a utility designed to aid in How to Use You can open and compile the project with...
Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud
FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the...
WMEye – A Post Exploitation Tool That Uses WMI Event Filter And MSBuild Execution For Lateral Movement
WMEye is an experimental tool that was developed when exploring about Windows WMI. The tool is developed for performing Lateral...
Hacker breaches key Russian ministry in blink of an eye
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of...
