VMware fixes flaws demonstrated at Chinese Tianfu Cup hacking contest
VMware addressed several high-severity flaws that were disclosed during China’s Tianfu Cup hacking contest. VMware addressed several high-severity vulnerabilities that...
hacking
Kali Linux 2022.1 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2022.1. This release has various impressive updates.The summary of the changelog...
Ukraine: Military defense agencies and banks hit by cyberattacks
Ukraine ‘s defense agencies and two state-owned banks were hit by Distributed Denial-of-Service (DDoS) attacks. The Ministry of Defense and...
QNAP extends security Updates for some EOL devices
Taiwanese vendor QNAP extended the security update window for some devices that have reached end-of-life (EOL). Taiwanese vendor QNAP extended...
Shellcodetester – An Application To Test Windows And Linux Shellcodes
This tools test generated ShellCodes. ShellCode Tester Linux Instalation git clone https://github.com/helviojunior/shellcodetester.gitcd shellcodetester/Linuxmake Usage Without break-point: shellcodetester With break-point (INT3)....
BlackCat gang claimed responsibility for Swissport ransomware attack
The BlackCat ransomware group (aka ALPHV), claimed responsibility for the attack on Swissport that interfered with its operations. The BlackCat ransomware group (aka ALPHV), has...
Flare-Qdb – Command-line And Python Debugger For Instrumenting And Modifying Native Software Behavior On Windows And Linux
flare-qdb is a command-line and scriptable Python-based tool for evaluating and manipulating native program state. It uses Vivisect to set...
Google fixes a Chrome zero-day flaw actively exploited in attacks
Google fixed a high-severity zero-day flaw actively exploited with the release of Chrome emergency update for Windows, Mac, and Linux....
Remote sex toys might spice up your love life – but crooks could also get a kick out of them
A CyberNews investigation has revealed that Lovense remote sex toy users might be at risk from threat actors, due to...
SSU: Russia-linked actors are targeting Ukraine with ‘massive wave of hybrid warfare’
The Security Service of Ukraine (SSU) said the country is the target of an ongoing “wave of hybrid warfare.” The...
BlackByte ransomware breached at least 3 US critical infrastructure organizations
The US Federal Bureau of Investigation (FBI) said that the BlackByte ransomware gang has breached at least three organizations from US...
Droopescan – A Plugin-Based Scanner That Aids Security Researchers In Identifying Issues With Several CMSs, Mainly Drupal And Silverstripe
A plugin-based scanner that aids security researchers in identifying issues with several CMS. Usage of droopescan for attacking targets without...
European Central Bank tells banks to step up defences against nation-state attacks
The European Central Bank is warning banks of possible Russia-linked cyber attack amid the rising crisis with Ukraine. The European...
Autotimeliner – Automagically Extract Forensic Timeline From Volatile Memory Dump
Automagically extract forensic timeline from volatile memory dumps. Requirements Python 3 Volatility mactime (from SleuthKit) (Developed and tested on Debian...
Critical Magento zero-day flaw CVE-2022-24086 actively exploited
Adobe addressed a critical vulnerability (CVE-2022-24086) impacting Magento Open Source products that is being actively exploited in the wild. Adobe...
Alleged ransomware attack disrupted operations at Slovenia’s Pop TV station
Last week, a cyberattack hit Pop TV, Slovenia’s most popular TV channel, disrupting the operations. Last week, a cyber-attack has...
Exrop – Automatic ROP Chain Generation
Exrop is automatic ROP chains generator tool which can build gadget chain automatically from given binary and constraints Requirements :...
Organizations paid at least $602 million to ransomware gangs in 2021
Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. Last week,...
San Francisco 49ers NFL team discloses BlackByte ransomware attack
A ransomware attack hit the corporate IT network of the San Francisco 49ers NFL team, The Record reported. The San...
Get-RBCD-Threaded – Tool To Discover Resource-Based Constrained Delegation Attack Paths In Active Directory Environments
Tool to discover Resource-Based Constrained Delegation attack paths in Active Directory Environments Based almost entirely on wonderful blog posts "Wagging...
Analyzing Phishing attacks that use malicious PDFs
Cybersecurity researchers Zoziel Pinto Freire analyzed the use of weaponized PDFs in phishing attacks Every day everybody receives many phishing...
Security Affairs newsletter Round 353
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Weaponizing WebDAV for Offensive Security
Today, we will talk about combining two fascinating Tactics, Techniques, and Procedures (TTPs) together for deploying Command and Control (C2):...
Organizations are addressing zero-day vulnerabilities more quickly, says Google
Organizations are addressing zero-day vulnerabilities more quickly, compared to last year, Google’s Project Zero reported. According to Google’s Project Zero...
