AlanFramework – A Post-Exploitation Framework
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
OSINT
Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers
Threat actors behind the Magniber Ransomware are using PrintNightmare exploits in attacks aimed at Windows servers. Threat actors behind the...
Microsoft warns of a new unpatched Windows Print Spooler RCE zero-day
Microsoft is warning of another zero-day Windows print spooler vulnerability, tracked as CVE-2021-36958, that could allow local attackers to gain...
Threat actors behind the Poly Network hack are returning stolen funds
The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds....
Accenture has been hit by a LockBit 2.0 ransomware attack
Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT...
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing...
Twitter says it out loud: Removing anonymity will not stop online abuse
An investigation by Twitter into racist tweets levied against three Black players on the English football team following the national...
If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam
Rogue QR code antics have been back in the news recently. They’re not exactly a mainstay of fakery, but they...
Thief pulls off colossal, $600m crypto-robbery …and gives the money back
The largest crypto-robbery in history is rapidly turning into the most bizarre as well. Let’s start at the beginning… In...
PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday
The sheer number of patches (44 security vulnerabilities) should be enough to scare us, but unfortunately we have gotten used...
Cinobi Banking Malware Targets Japanese Cryptocurrency Exchange Users via Malvertising Campaign
Researchers at Trend Micro discovered a new social engineering-based malvertising campaign targeting Japanese users with a malicious application disguised as...
Android Malware ‘FlyTrap’ Hacks Facebook Accounts
A new Android trojan has been discovered to breach the Facebook accounts of over 10,000 people in at least 144...
IISpy: Installs Backdoor on Microsoft’s Web Server Software
Cybersecurity investigators have detected malware that could deploy backdoor Internet Information Services (IIS) on Microsoft's Web server software. Labeled IISpy,...
FBI Told Congress That Ransomware Payments Shouldn’t be Prohibited
After meeting with the business sector and cybersecurity experts, the Biden administration backed away from the concept of barring ransomware...
Wsh – Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Jarm – Active Transport Layer Security (TLS) server fingerprinting tool
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Adobe fixes critical flaws in Magento, patch it immediately
Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security...
Microsoft patch Tuesday security updates fix PrintNightmare flaws
Microsoft released patch Tuesday security updates for August that address 120 CVEs in Microsoft products including a zero-day actively exploited...
$611 million stolen in Poly Network cross-chain hack
The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to...
Check your passwords! Synology NAS devices under attack from StealthWorker
Synology PSIRT (Product Security Incident Response Team) has put out a warning that it has recently seen and received reports...
Ransomware turncoat leaks Conti data, lifts the lid on the ransomware business
Last week, The Record broke the news that a self-described “pen tester” for the infamous Conti ransomware gang, who goes...
Researchers Reveal DBREACH as New Attack Against Databases
In reference to the past record, many organizations have observed that databases are critical applications for any organization, which give...
Credential Leak Detection Device Scrapesy Limits Incident of Data Breaches
Red team analysts at Standard Industries, have designed an open-source device to assist organizations to detect incidents of the data...
Black Hat 2021: Zero-days, Ransoms and Supply Chains
During Black Hat 2021, Corellium COO Matt Tait warned that the amount of zero-days exploited in the open is "off...
