A small number of Crypto.com users reported suspicious activity on their wallet
Several Crypto.com users reported suspicious transactions that stole thousands of dollars in Ethereum (ETH) from their wallets. Several Crypto.com users...
hacking
Oracle Critical Patch Update for January 2022 will fix 483 new flaws
The pre-release announcement for Critical Patch Update (CPU) for January 2022 states that Oracle will fix 483 new flaws. This...
Zoho fixes a critical vulnerability (CVE-2021-44757) in Desktop Central solutions
Zoho addressed a new critical severity flaw (CVE-2021-44757) that affects its Desktop Central and Desktop Central MSP unified endpoint management...
reFlutter – Flutter Reverse Engineering Framework
This framework helps with Flutter apps reverse engineering using the patched version of the Flutter library which is already compiled...
High-Severity flaw in 3 WordPress plugins impacts 84,000 websites
Researchers discovered a high-severity vulnerability in three different WordPress plugins that impact over 84,000 websites. Researchers from WordPress security company...
Inject-Assembly – Inject .NET Assemblies Into An Existing Process
This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into...
Experts warn of attacks using a new Linux variant of SFile ransomware
The operators of the SFile ransomware (aka Escal) have developed a Linux version of their malware to expand their operations....
Kyiv blames Belarus-linked APT UNC1151 for recent cyberattack
Ukrainian government attributes the recent attacks against tens of Ukrainian government websites to Belarusian APT group UNC1151. The government of...
Registry-Spy – Cross-platform Registry Browser For Raw Windows Registry Files
Registry Spy is a free, open-source cross-platform Windows Registry viewer. It is a fast, modern, and versatile explorer for raw...
European Union simulated a cyber attack on a fictitious Finnish power company
The European Union simulated a cyber attack on a fictitious Finnish power company to test its cyber-defense capabilities. Cyber drills...
Microsoft spotted a destructive malware campaign targeting Ukraine
Microsoft spotted a new destructive malware operation targeting government, non-profit, and IT entities in Ukraine. Microsoft spotted a destructive attack...
A new wave of Qlocker ransomware attacks targets QNAP NAS devices
QNAP NAS devices are under attack, experts warn of a new Qlocker ransomware campaign that hit devices worldwide. A new...
TokenUniverse – An Advanced Tool For Working With Access Tokens And Windows Security Policy
Token Universe is an advanced tool that provides a wide range of possibilities to research Windows security mechanisms. It has...
Security Affairs newsletter Round 349
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Threat actors stole $18.7M from the Lympo NTF platform
Threat actors hacked the hot wallet of the NFT platform Lympo and managed to steal 165.2 Million LMT (worth $18.7...
Iptable_Evil – An Evil Bit Backdoor For Iptables
When connecting to the backdoored VM from a VM that does not set the evil bit, the SSH connection will...
Prominent Carding Marketplace UniCC announced it’s shutting down
One of the biggest underground carding marketplaces, UniCC, announced it’s shutting down its operations. UniCC, one of the biggest underground...
One of the REvil members arrested by FSB was behind Colonial Pipeline attack
A senior Biden administration official said that the one of the Russian hacker arrested by FSB was behind the Colonial...
Narthex – Modular Personalized Dictionary Generator
Narthex (Greek: Νάρθηξ, νάρθηκας) is a modular & minimal dictionary generator for Unix and Unix-like operating system written in C...
Threat actors defaced Ukrainian government websites
Threat actors defaced multiple Ukrainian government websites after talks between Ukrainian, US, and Russian officials hit a dead this week. Threat...
Lorenz ransomware gang stolen files from defense contractor Hensoldt
German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by Lorenz ransomware. Hensoldt, a multinational...
Espoofer – An Email Spoofing Testing Tool That Aims To Bypass SPF/DKIM/DMARC And Forge DKIM Signatures
espoofer is an open-source testing tool to bypass SPF, DKIM, and DMARC authentication in email systems. It helps mail server...
Russian government claims to have dismantled REvil ransomware gang
Russia’s FSB announced to have dismantled the REvil ransomware gang, the infamous group behind Kaseya and JBS USA. The Russian...
North Korea-linked APT BlueNoroff focuses on crypto theft
The North Korea-linked APT group BlueNoroff has been spotted targeting cryptocurrency startups with fake MetaMask browser extensions. The North Korea-linked...
