Scammers Use ‘IT Support-Themed Email’ to Target Organizations
Cybersecurity researchers at Cofense Phishing Defense Center (PDC) have unearthed a new phishing campaign that uses 'information technology (IT) support-themed...
OSINT
South Africa’s Department of Justice hit by a Ransomware Attack
South Africa's Justice Department was attacked earlier this month by a major ransomware attack and has been struggling since then...
A Look at the Triple Extortion Ransomware
Ransomware has traditionally concentrated on encryption, but one of the most common recent additions is the exfiltration and threatening disclosure...
BatchQL – GraphQL Security Auditing Script With A Focus On Performing Batch GraphQL Queries And Mutations
BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is...
Concealed Position – Bring Your Own Print Driver Privilege Escalation Tool
Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed...
Expert discloses details and PoC code for Netgear Seventh Inferno bug
A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and...
CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive...
Experts warn that Mirai Botnet starts exploiting OMIGOD flaw
The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a...
Facebook’s own research reveals the harm that Instagram can inflict
For years, people have accused social media, and particularly image-driven sites like Instagram, of being bad for young people, particularly...
FBI and CISA warn of APT groups exploiting ADSelfService Plus
In a joint advisory the FBI, the United States Coast Guard Cyber Command (CGCYBER), and the Cybersecurity and Infrastructure Security...
Severe Remote Code Execution Flaws Discovered in Motorola Halo+ Baby Monitors
On Tuesday, Randy Westergren, a cybersecurity expert, published his study on the Motorola Halo+, a popular baby monitor. He revealed...
Lenovo: No Fix for High-Severity Flaw in Legacy IBM System X Servers
Lenovo stated that two legacy IBM System x server models that were discontinued in 2019 are vulnerable to attack and...
Anonymous Hacktivists Leak 180 GB of Data from Web Host Epik
One of the most prominent hacktivists gangs, Anonymous, has returned. Security analysts have verified that the most recent attack by...
Years-Long Attack by Chinese-Linked APT Groups Discovered by McAfee
A cyber-attack that had been sitting on the target organization's network for years stealing data was discovered during a McAfee...
Exploitation of the CVE-2021-40444 vulnerability in MSHTML
Summary Last week, Microsoft reported the remote code execution vulnerability CVE-2021-40444 in the MSHTML browser engine. According to the company,...
Ntlm_Theft – A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files
A tool for generating multiple types of NTLMv2 hash theft files. ntlm_theft is an Open Source Python3 Tool that generates...
On-The-Fly – Tool Which Gives Capabilities To Perform Pentesting Tests In Several Domains (IoT, ICS & IT)
▒█████ ███▄ █ ▄▄▄█████▓ ██░ ██ ▓█████ █████ ██▓ ▓██ ██▓▒██▒ ██▒ ██ ▀█ █ ▓ ██▒ ▓▒▒▓██░ ██ ▓█...
German Election body hit by a cyber attack
A spokesman for the authority running Germany’s September 26 general election confirmed that hackers briefly disrupted its website last month....
New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems
A new malware written in Golang programming language, tracked as Capoae, is targeting WordPress installs and Linux systems. Akamai researchers...
A new Win malware uses Windows Subsystem for Linux (WSL) to evade detection
Security researchers spotted a new malware that uses Windows Subsystem for Linux (WSL) to evade detection in attacks against Windows...
FBI, CISA, and CGCYBER warn of nation-state actors exploiting CVE-2021-40539 Zoho bug
The FBI, CISA, and the Coast Guard Cyber Command (CGCYBER) warn of state-sponsored attacks that are actively exploiting CVE-2021-40539 Zoho...
Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug
Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444). Microsoft...
What is the Dark Web? The Dark Web explained
You may have seen the Dark Web referenced in popular TV shows and have gotten the wrong idea, or if...
What are computer cookies?
We all know cookies as tasty baked treats that we love to eat, but computer cookies are quite different. Although...
