CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw
US CISA ordered federal agencies to patch their systems against actively exploited CVE-2022-21882 Windows flaw. The Cybersecurity and Infrastructure Security...
hacking
Over 500,000 people were impacted by a ransomware attack that hit Morley
Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services...
SQLRecon – A C# MS SQL Toolkit Designed For Offensive Reconnaissance And Post-Exploitation
A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the...
Ransomware attack hit Swissport International causing delays in flights
Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an...
A nation-state actor hacked media and publishing giant News Corp
American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat...
Retail giant Target open sources Merry Maker e-skimmer detection tool
Retail giant Target is going to open-source an internal tool, dubbed Merry Maker, designed to detect e-skimming attacks. Retail giant Target...
Russia-linked Gamaredon APT targeted a western government entity in Ukraine
The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42...
Elfloader – An Architecture-Agnostic ELF File Flattener For Shellcode
elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this...
Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor
An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An...
Microsoft blocked tens of billions of brute-force and phishing attacks in 2021
Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last...
Exclusive interview with the Powerful Greek Army (PGA) hacker group
Six years ago the Powerful Greek Army (PGA) appeared in the threat landscape. After a long breach the hacker collective...
Cisco fixes critical flaws in its Small Business Routers
Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers. Cisco...
wmiexec-RegOut – Modify Version Of Impacket Wmiexec.Py, Get Output(Data,Response) From Registry, Don’T Need SMB Connection, Also Bypassing Antivirus-Software In Lateral Movement Like WMIHACKER
Modify version of impacket wmiexec.py,wmipersist.py. Got output(data,response) from registry, don't need SMB connection, but I'm in the bad code :(...
Antlion APT group used a custom backdoor that allowed them to fly under the radar for months
A China-linked APT group tracked as Antlion used a custom backdoor called xPack that was undetected for months. A China-linked...
Oil terminals in Europe’s biggest ports hit by a cyberattack
A cyber attack hit the oil terminals of some of the biggest European ports impacting their operations. Some of the...
Heaptrace – Helps Visualize Heap Operations For Pwn And Debugging
heaptrace is a heap debugger for tracking glibc heap operations in ELF64 (x86_64) binaries. Its purpose is to help visualize...
Wormhole cryptocurrency platform hacked, crooks stole $326 million, the second-biggest hack of a DeFi platform
Threat actors have stolen $325 million in cryptocurrency leveraging a bug in the Wormhole communication bridge. Wormhole, one of the most...
Trend Micro fixed 2 flaws in Hybrid Cloud Security products
Trend Micro recently addressed two high-severity flaws affecting some of its hybrid cloud security products. Trend Micro released security updates...
Researcher found an Information Disclosure in the Brave browser
Security researcher discovered an Information Disclosure vulnerability in Brave browser and reported it through the HackerOne platform. Security researcher Kirtikumar...
Sugar Ransomware, a new RaaS in the threat landscape
Cyber security team at retail giant Walmart dissected a new ransomware family dubbed Sugar, which implements a ransomware-as-a-service model. The...
ESET releases fixes for local privilege escalation bug in Windows Applications
Antivirus firm ESET addressed a local privilege escalation vulnerability, tracked CVE-2021-37852, impacting its Windows clients. Antivirus firm ESET released security...
Experts warn of a spike in APT35 activity and a possible link to Memento ransomware op
The Cybereason Nocturnus Team reported a spike in the activity of the Iran-linked APT group APT35 (aka Phosphorus or Charming Kitten). The Cybereason...
Phant0m – Windows Event Log Killer
Svchost is essential in the implementation of so-called shared service processes, where a number of services can share a process...
Experts found 23 flaws in UEFI firmware potentially impact millions of devices
Researchers discovered tens of vulnerabilities in UEFI firmware code used by the major device manufacturers. Researchers at firmware security company...
