FBI warns of fraudulent schemes using cryptocurrency ATMs and QR for payments
The FBI warns of an increase of fraudulent schemes leveraging cryptocurrency ATMs and QR Codes to facilitate payment. The FBI...
OSINT
Hashdb-Ida – HashDB API Hash Lookup Plugin For IDA Pro
HashDB IDA PluginMalware string hash lookup Hash AlgorithmsClick Refresh Algorithms to pull a list of supported hash algorithms from...
Experts spotted a phishing campaign impersonating security firm Proofpoint
Threat actors are impersonating cybersecurity firm Proofpoint to trick victims into providing Microsoft Office 365 and Gmail credentials. Cybercriminals are...
New Magecart group uses an e-Skimmer that avoids VMs and sandboxes
A new Magecart group leverages a browser script to evade virtualized environments and sandboxes used by researchers. Malwarebytes researchers have...
Etl-Parser – Event Trace Log File Parser In Pure Python
Event Trace Log file reader in pure Python etl-parser is a pure Python 3 parser library for ETL Windows log...
Security Affairs newsletter Round 339
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Casinos of tribal communities are losing millions in Ransomware attacks
The FBI issued a private industry notification (PIN) to warn of ransomware attacks that hit several tribal-owned casinos last year....
Smuggler – An HTTP Request Smuggling / Desync Testing Tool
An HTTP Request Smuggling / Desync testing tool written in Python 3 AcknowledgementsA special thanks to James Kettle for his...
Threat actors stole $55 million worth of cryptocurrency from bZx DeFi platform
DeFi platforms are a privileged target for crooks, threat actors have stolen $55 million from bZx DeFi platform. Threat actors...
Philips Tasy EMR healthcare infomatics solution vulnerable to SQL injection
The Philips Tasy EMR comprehensive healthcare informatics solution is affected by two critical SQL injection vulnerabilities. The Philips Tasy EMR...
White hat hackers earn over $1 Million at Pwn2Own Austin 2021
The Zero Day Initiative’s Pwn2Own Austin 2021 hacking contest has ended, and participants earned $1,081,250 for 61 zero-day flaws. Trend...
Certipy – Python Implementation For Active Directory Certificate Abuse
Certipy is a Python tool to enumerate and abuse misconfigurations in Active Directory Certificate Services (AD CS). Based on the...
Empire 4.2
Empire 4.2 was just finalized over the weekend and we are excited to share some of the new features. This...
A drone was modified to disrupt U.S. Power Grid, says intelligence bulletin
US officials believe that a drone was employed in an attempted attack on a power substation in Pennsylvania last year. US...
US defense contractor Electronic Warfare Associates discloses data breach
US defense contractor Electronic Warfare Associates (EWA) was hit by a cyber attack, threat actors stole personal information from its...
Tor-Rootkit – A Python 3 Standalone Windows 10 / Linux Rootkit Using Tor
A Python 3 standalone Windows 10 / Linux Rootkit. The networking communication get's established over the tor network.DisclaimerUse for educational...
Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group
Ukraine’s premier law enforcement and counterintelligence revealed the real identities of five FSB members behind the Gamaredon cyberespionage group. Ukraine’s...
Wanted! US offers $10m bounty for ransomware kingpins
The US State Department is offering a massive $10 million reward if you can help bring DarkSide to justice. The...
Threat actor exploits MS ProxyShell flaws to deploy Babuk ransomware
A new threat actor is exploiting ProxyShell flaws in attacks aimed at Microsoft Exchange servers to deploy the Babuk Ransomware...
PyRDP – RDP Monster-In-The-Middle (Mitm) And Library For Python With The Ability To Watch Connections Live Or After The Fact
PyRDP is a Python Supported SystemsPyRDP should work on Python 3.6 and up on the x86-64, ARM and ARM64 platforms....
npm libraries coa and rc. have been hijacked to deliver password-stealing malware
Two popular npm libraries, coa and rc., have been hijacked, threat actors replaced them with versions laced with password-stealing malware. The security...
US Gov offers a reward of up to $10M for info on DarkSide leading members
The US government offers up to a $10,000,000 reward for information leading to the identification or arrest of DarkSide gang...
CISA recommends vendors to fix BrakTooth issues after the release of PoC tool
CISA urges vendors to address BrakTooth flaws after researchers have released public exploit code and a proof of concept tool...
CISA sets two week window for patching serious vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has issued binding directive 22-01 titled Reducing the Significant Risk of Known Exploited...
