Phishing campaign goes old school, dusts off Morse code
In an extensive report about a phishing campaign, the Microsoft 365 Defender Threat Intelligence Team describes a number of encoding...
OSINT
Crypto-scams you should be steering clear of in 2021
A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical...
VPN Test: How to check if your VPN is working or not
The primary function of a Virtual Private Network (VPN) is to enhance your online privacy and security. It should do...
Cyberbullying 101: A Primer for kids, teens, and parents
At some point in our lives, we have likely either been bullied, stood back and watched others bullying, or participated...
Phishing Attackers Spotted Using Morse Code to Avoid Detection
Microsoft has revealed details of a deceptive year-long social engineering campaign in which the operators changed their obfuscation and encryption...
Russia has developed a virtual reality helmet for recruitment
Researchers from Samara State University have developed a technology to assess the psychological qualities of a job seeker using a...
Underground Criminals Selling Stolen Network Access to Third Parties for up to $10,000
Cybersecurity firm Intsights published a new report that highlights the vibrant marketplaces on the dark web where attackers can buy...
Cyber Firm: Ransomware Group Demanding $50M in Accenture Security Breach
The hacking group behind a ransomware attack on global solution provider powerhouse Accenture has demanded $50 million in ransom, as...
St. Joseph’s/Candler (SJ/C) Suffered a Data Breach
A ransomware attack on one of the leading healthcare organizations in southeast Georgia compromised personnel and patients' protected health information...
Nimplant – A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and...
jwtXploiter – A Tool To Test Security Of Json Web Token
A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token...
Google open-sourced Allstar tool to secure GitHub repositories
Google has open-sourced the Allstar tool that can be used to secure GitHub projects and prevent security misconfigurations. Google has open-sourced the Allstar tool...
Microsoft warns of a evasive year-long spear-phishing campaign targeting Office 365 users
Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft...
Trend Micro warns customers of zero-day attacks against its products
Security firms Trend Micro is warning its customers of attacks exploiting zero-day vulnerabilities in its Apex One and Apex One...
Microsoft’s PrintNightmare continues, shrugs off Patch Tuesday fixes
I doubt if there has ever been a more appropriate nickname for a vulnerable service than PrintNightmare. There must be...
Russian scientists have launched the first quantum network with open access in Moscow
Russian scientists have launched in Moscow the first quantum network with open access, in which all interested organizations will be...
Crytek Confirms Data Theft After Egregor Ransomware Attack
German game developer and publisher Crytek has accepted that its encrypted systems containing customers’ private details were breached by a...
Master Key for Decryption of Kaseya, Leaked on Hacking Forum
The universal decryption key for Kaseya has been leaked on a Russian hacking forum by hackers. An Ekranoplan-named user shared...
Conti Group Exploited Vulnerable Microsoft Exchange Servers
According to cybersecurity consultancy firm Pondurance, the Conti ransomware gang is now using backdoors that are still active. On-premises Microsoft...
Microsoft Released Security Updates that Block PetitPotam NTLM Relay Attacks
The PetitPotam NTLM relay exploit, which allows a threat actor to take over a Windows domain, has been blocked by...
IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools...
IT threat evolution in Q2 2021. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
IT threat evolution in Q2 2021. PC statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
Http-Request-Smuggling – HTTP Request Smuggling Detection Tool
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
