WannaRace – WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition
WebApp intentionally made Four vouchers worth 400 units available for recharge Task is to buy Mega box (which is worth 401...
hacking
AvosLocker ransomware now targets Linux systems, including ESXi servers
AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its...
WordPress 5.8.3 Security Release fixes four vulnerabilities
WordPress maintainers have released WordPress 5.8.3 that addresses four vulnerabilities and recommend admins to update their sites immediately The WordPress...
Several EA Sports FIFA 22 players have been hacked
Several EA Sports FIFA 22 players claim to have been hacked, they say to have lost access to their personal...
PasteMonitor – Scrape Pastebin API To Collect Daily Pastes, Setup A Wordlist And Be Alerted By Email When You Have A Match
Scrape Before startBefore starting the tool, make sure to:Get a Pastebin PRO accountEnter the IP address of your machine in...
Abcbot and Xanthe botnets have the same origin, experts discovered
Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December...
Indian-linked Patchwork APT infected its own system revealing its ops
The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An...
LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host)...
New ZLoader malware campaign hit more than 2000 victims across 111 countries
A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft...
Cyber Defense Magazine – January 2022 has arrived. Enjoy it!
Cyber Defense Magazine January 2022 Edition has arrived. We hope you enjoy this month’s edition…packed with 155 pages of excellent...
Shellcode-Encryptor – A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus
A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the...
US NCSC and DoS share best practices against surveillance tools
The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. The US...
Swiss army asks its personnel to use the Threema instant-messaging app
The Swiss army has banned all instant messaging apps, including Signal, Telegram, and WhatsApp, recommending the use of the Threema...
Russian submarines threatening undersea cables, UK defence chief warns
Russian submarines threatening undersea network of undersea cables, says UK defence chief Sir Tony Radakin UK defence chief Sir Tony...
RCLocals – Linux Startup Analyzer
Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan...
Security Affairs newsletter Round 348
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Unauthenticated RCE in H2 Database Console is similar to Log4Shell
Researchers disclosed a critical RCE flaw in the H2 open-source Java SQL database which is similar to the Log4J vulnerability....
FluBot malware continues to evolve. What’s new in Version 5.0 and beyond?
Researchers warn of new campaigns distributing a new improved version of the FluBot malware posing as Flash Player. Researchers from...
Alfer Microsoft, also SonicWall confirmed that its products were affected by Y2K22 bug
SonicWall confirmed that some of its Email Security and firewall products have been impacted by the Y2K22 bug. Security vendor...
FIN7 group continues to target US companies with BadUSB devices
The Federal Bureau of Investigation (FBI) warns US companies that the FIN7 cybercriminals group is targeting the US defense industry...
How to secure QNAP NAS devices? The vendor’s instructions
QNAP is warning customers of ransomware attacks targeting network-attached storage (NAS) devices exposed online. Taiwanese vendor QNAP has warned customers...
Threat actor targets VMware Horizon servers using Log4Shell exploits, UK NHS warns
A threat actor attempted to exploit the Log4Shell vulnerability to hack VMWare Horizon servers at UK NHS and deploy web...
Mortar – Evasion Technique To Defeat And Divert Detection And Prevention Of Security Products (AV/EDR/XDR)
red teaming evasion technique to defeat and divert detection and prevention of security products.Mortar Loader performs encryption and decryption of...
Norton Crypto, the controversial cryptomining feature of Norton 360
Experts warn that the popular antivirus product Norton 360 has installed a cryptocurrency miner on its customers’ computers. Many users...
