CISA and FBI warn of potential data wiping attacks spillover
US CISA and the FBI warned US organizations that data wiping attacks targeting Ukraine entities could spill over to targets...
hacking
FoxBlade malware targeted Ukrainian networks hours before Russia’s invasion
Microsoft revealed that Ukrainian entities were targeted with a previous undetected malware, dubbed FoxBlade, several hours before the invasion. The...
Anonymous hit Russian Nuclear Institute and leak stolen data
Anonymous and other hacker groups that responded to the call to war against Russia continue to launch cyberattacks on gov...
Toyota Motors halted production due to a cyber attack on a supplier
Japanese carmaker Toyota Motors was forced to stop car production due to a cyberattack against one of its suppliers. Japanese...
Researcher leaked Conti’s internal chat messages in response to its support to Russia
A Ukrainian researcher leaked tens of thousands of internal chat messages belonging to the Conti ransomware operation. A Ukrainian researcher leaked 60,694...
Security Affairs newsletter Round 355
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Iran-linked UNC3313 APT employed two custom backdoors against a Middle East gov entity
An Iran-linked threat actor, tracked as UNC3313, was observed using two custom backdoor against an unnamed Middle East government entity....
Anonymous breached the internal network of Belarusian railways
The Anonymous hacker collective claims to have breached the Belarusian Railway’s data-processing network. The Anonymous collective announced that the internal...
DRAKVUF Sandbox – Automated Hypervisor-Level Malware Analysis System
DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an...
Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective....
Ukraine: Volunteer IT Army is going to hit tens of Russian targets from this list
Ukraine is recruiting a volunteer IT army composed of white hat hackers to launch attacks on a list of Russian...
StayKit – Cobalt Strike Kit For Persistence
StayKit is an extension for Cobalt Strike persistence by leveraging the execute_assembly function with the SharpStay .NET assembly. The aggressor...
Chipmaker giant Nvidia hit by a ransomware attack
The chipmaker giant Nvidia was the victim of a ransomware attack that took down some of its systems for two...
Katoolin3 – Get Your Favourite Kali Linux Tools On Debian/Ubuntu/Linux Mint
Katoolin3 brings all programs available in Kali Linux to Debian and Ubuntu. Description This program is a port of katoolin...
Fileless SockDetour backdoor targets U.S.-based defense contractors
Researchers provided details about a stealthy custom malware dubbed SockDetour that targeted U.S.-based defense contractors. Cybersecurity researchers from Palo Alto Networks’ Unit...
Russia restricts Twitter in the country amid conflict with Ukraine
Global internet monitor working group NetBlocks reported that Twitter has been restricted in Russia amid conflict with Ukraine. Global internet...
Anonymous hacked the Russian Defense Ministry and is targeting Russian companies
Anonymous collective has hacked the Russian Defense Ministry and leaked the data of its employees in response to the Ukraine...
NTLMRecon – Enumerate Information From NTLM Authentication Enabled Web Endpoints
A fast and flexible NTLM TODO Implement aiohttp based solution for sending requests Integrate a spraying library Add other authentication...
UK’s NHS Digital warns of an RCE in Okta Advanced Server Access client
The UK’s NHS Digital agency warns of an RCE in the Windows client for the Okta Advanced Server Access authentication...
Ukraine calls on independent hackers to defend against Russia, Russian underground responds
While Ukraine calls for hacker underground to defend against Russia, ransomware gangs make their moves. Ukraine’s government is asking for...
openSquat – Detection Of Phishing Domains And Domain Squatting. Supports Permutations Such As Homograph Attack, Typosquatting And Bitsquatting
What is openSquat openSquat is an opensource Intelligence (OSINT) security tool to identify cyber squatting threats to specific companies or...
Ukraine: Belarusian APT group UNC1151 targets military personnel with spear phishing
The CERT of Ukraine (CERT-UA) warned of a spear-phishing campaign targeting Ukrainian armed forces personnel. The Computer Emergency Response Team...
Anonymous launched its offensive on Russia in response to the invasion of Ukraine
The popular collective Anonymous declared war on Russia for the illegitimate invasion of Ukraine and announced a series of cyber...
JNDI-Injection-Exploit – A Tool Which Generates JNDI Links Can Start Several Servers To Exploit JNDI Injection Vulnerability
JNDI-Injection-Exploit is a tool for generating workable JNDI links and provide background services by starting RMI server,LDAP server and HTTP...
