SonicWall Patches Critical CVE-2021-20026 Vulnerability in NSM Product
A researcher at Positive Technologies has provided details about the CVE-2021-20026 command injection flaw that exploits SonicWall’s Network Security Manager...
OSINT
Experts explained how and where confidential company data leaks
Despite the development of security tools, the number of leaks of confidential information of companies and individuals is not decreasing....
Ipa-Medit – Memory Search And Patch Tool For Resigned Ipa Without Jailbreak
Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security...
Cariddi – Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...PreviewInstallationYou need...
Tor Browser 10.5 is out, it includes a new anti-censorship feature
The Tor Project has released Tor Browser 10.5 which enhances an anti-censorship feature and warns of V2 onion URL deprecation....
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. A...
Experts bypassed Microsoft’s emergency patch for the PrintNightmare
The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an...
Wiregrass Electric Cooperative hit by a ransomware attack
Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama...
WildPressure APT expands operations targeting the macOS platform
WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware...
3 things the Kaseya attack can teach us about ransomware recovery
Only rarely do companies allow us a look inside their organization while they are recovering from a ransomware attack. Many...
Game over: Apex Legends players locked out by protest message
Messages placed directly in or around games is a common hack technique. It can be used for trolling, phishing, scams,...
Patch now! Emergency fix for PrintNightmare released by Microsoft
Last week we wrote about PrintNightmare, a vulnerability that was supposed to be patched but wasn’t. After June’s Patch Tuesday,...
Hackers Asking $70 Million in Ransom, Kaseya Confirmed
On Monday, U.S. information technology organization ‘Kaseya’ has reported a new ransomware attack that has targeted 800 to 1,500 businesses...
Healthcare Vendor Practicefirst Reveals It Suffered Cyberattack In 2020, No Data Lost
Practicefirst, a New York-based practice management vendor said that a cyberattack on healthcare that happened last year might have exposed...
Severe flaw Identified in OWASP ModSecurity Core Rule Set
The developers of the OWASP Foundation have admitted the breach in the Open Web Application Security Project (OWASP) ModSecurity Core...
GitLab Fixes Several Vulnerabilities Reported by Bug Bounty
With an update to its software development infrastructure, Gitlab has addressed numerous vulnerabilities — including two high-impact online security flaws. GitLab...
Leaked Infrastructure Secrets Costs Companies an Average of $1.2 Million in Revenue Annually
Developers typically have to pick between speed and security in order to meet these accelerated timelines. To make it simpler...
Quick look at CVE-2021-1675 & CVE-2021-34527 (aka PrintNightmare)
Summary Last week Microsoft warned Windows users about vulnerabilities in the Windows Print Spooler service – CVE-2021-1675 and CVE-2021-34527 (also...
WildPressure targets the macOS platform
New findings Our previous story regarding WildPressure was dedicated to their campaign against industrial-related targets in the Middle East. By...
FindObjects-BOF – A Cobalt Strike Beacon Object File (BOF) Project Which Uses Direct System Calls To Enumerate Processes For Specific Loaded Modules Or Process Handles
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific modules or...
GitDump – A Pentesting Tool That Dumps The Source Code From .Git Even When The Directory Traversal Is Disabled
GitDump dumps the source code from .git when the directory traversal is disabledRequirementsPython3 Tested onWindows Kali Linux What it doesDump...
Researchers uncovered the network infrastructure of REVil – The notorious ransomware group that hit Kaseya
Resecurity® HUNTER, cyber threat intelligence and R&D unit, identified a strong connection to a cloud hosting and IoT company servicing...
Microsoft rolled out emergency update for Windows PrintNightmare zero-day
Microsoft rolled out KB5004945 emergency update to address the actively exploited PrintNightmare zero-day vulnerability (CVE-2021-34527) in Print Spooler service. Microsoft...
Hacker leaks info of pro-Trump GETTR members online
A hacker has leaked claims to have breached pro-Trump GETTR and leaked the private information of almost 90,000 members on...
