Hackers are Selling Tool to Hide Malware in GPUs
Cybercriminals are moving towards malware attacks that can execute code from a hacked system's graphics processing unit (GPU). Although the...
OSINT
QakBot technical analysis
Main description QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a...
Community Contributors Program
Now that Defcon and Blackhat are checked off for the year, we can get back to real work the fun...
KnockOutlook – A Little Tool To Play With Outlook
"The best feeling is to win by knockout." - Nonito Donaire OverviewKnockOutlook is a C# project that interacts with Outlook's...
Assless-Chaps – Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes
Crack MSCHAPv2/NTLMv1 challenge/responses quickly using a database of NT hashes IntroductionAssless CHAPs is an efficient way to recover the NT...
Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE
Threat actors are actively exploiting a recently patched vulnerability in Atlassian’s Confluence enterprise collaboration product. Threat actors were spotted exploiting...
Cyber Defense Magazine – September 2021 has arrived. Enjoy it!
Cyber Defense Magazine September 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with 161 pages of excellent...
Cisco fixes a critical flaw in Enterprise NFVIS for which PoC exploit exists
Cisco released patches for a critical authentication bypass issue in Enterprise NFV Infrastructure Software (NFVIS) for which PoC exploit code...
Google paid over $130K in bounty rewards for the issues addressed with the release of Chrome 93
Google announced the release of Chrome 93 that addresses 27 security vulnerabilities, 19 issues were reported through its bug bounty...
Mozi infections will slightly decrease but it will stay alive for some time to come
The Mozi botnet continues to spread despite the arrest of its alleged author and experts believe that it will run...
QNAP will patche OpenSSL flaws in its NAS devices
Network-attached storage (NAS) appliance maker QNAP is working on security patches for its products affected by recently fixed OpenSSL flaws. Taiwanese...
FTC bans SpyFone and its CEO from continuing to sell stalkerware
Nearly two years after the US Federal Trade Commission first took aim against mobile apps that can non-consensually track people’s...
Google Play sign-ins can be abused to track another person’s movements
Even people that have been involved in cybersecurity for over 20 years make mistakes. I’m not sure whether that is...
Macs turn on apps signed by Symantec, treat them as malware
On August 23, following an update to Apple’s XProtect system—one of the security features built into macOS—some Mac users began...
Kaspersky Lab has reported about Android viruses designed to steal money automatically
Viktor Chebyshev, a leading researcher of mobile threats at Kaspersky Lab, spoke in an interview with Russian newspaper Izvestia about...
Experts Find Vulnerabilities in AMD Zen Processor
German cybersecurity experts at TU Dresden discovered that Zen processor of AMD is susceptible to data-bothering meltdown like attacks in...
Do Not Use Single-Factor Authentication on Internet-Exposed Systems, CISA Warns
The US Cybersecurity and Infrastructure Security Agency (CISA) this week added single-factor authentication (SFA) to a very short list of...
Credential Phishing and Brute Force Attacks Continue to Surge
Financial and reputational aspects of organizations across the globe are taking a severe hit as they witness advanced email threats...
Driver’s License Exploitation Scams Surge
The Covid epidemic has provided a ripe opportunity for cybercriminals, who are taking advantage of internet information from outdated driver's...
403Bypasser – Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages
403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and...
SigFlip – A Tool For Patching Authenticode Signed PE Files (Exe, Dll, Sys ..Etc) Without Invalidating Or Breaking The Existing Signature
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) in a way that doesn't affect...
SEC announces sanctions against entities over email account hacking
The U.S. Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. The U.S. Securities and...
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA
The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends...
LockBit ransomware operators leak 200GB of data belonging to Bangkok Airways
LockBit ransomware operators have breached Bangkok Airways, the airline confirmed it was the victim and discloses a data breach impacting...
