LockBit 2.0 Ransomware Victim: beardowadams[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
OSINT
New AdLoad Malware Circumvents Apple’s XProtect to Infect macOS Devices
As part of multiple campaigns detected by cybersecurity firm SentinelOne, a new AdLoad malware strain is infecting Macs bypassing Apple's...
Critical Flaws Allowing Domain Hijacking Assaults Patched By Node.js Developers
A vulnerability in Node.js that would permit a remote actor to carry out domain hijacking assaults has been patched. Last week,...
Threat Group Aggah Targets Industries Via Spear-Phishing Campaigns
A spear-phishing attack that seems to have commenced in early July 2021, targeting various manufacturing industries in Asia has been...
Hackers can ‘Poison’ Open-source Code on the Internet
A Cornell University Tech team with researchers discovered a new kind of backdoor attack that can modify natural-language modelling systems...
Ficker – An Info-Stealer Malware Being Distributed by Russians
Threat actors are using the Malware-as-a-Service (MaaS) model to attack Windows users, according to researchers. The new info-stealer malware “Ficker”...
PickleC2 – A Post-Exploitation And Lateral Movements Framework
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
CamPhish – Grab Cam Shots From Target’S Phone Front Camera Or PC Webcam Just Sending A Link.
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
How to use n8n to automatically scrape Victims from Ransomware dark web onion blogs via TOR proxy
Step one, get n8n up and running. Step two, have a spare device to install tor on and use as...
US FINRA warns US brokerage firms and brokers of ongoing phishing attacks
The US FINRA warns US brokerage firms and brokers of an ongoing phishing campaign impersonating its representatives to steal sensitive info. The...
Threat actor claims to be selling data of more than 100 million T-Mobile customers
T-Mobile is investigating a possible data breach after a threat actor published a post on a forum claiming to be...
A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad
A job ad published by the UK’s Ministry of Defence has revealed the existence of a previously undisclosed secret SAS...
ESET: 77% of Russian residents believe they are being tracked via their smartphones
According to a survey conducted by ESET, a company specializing in anti-virus software development and protection against cyberthreats, most Russians...
Hackers Publish Classified Documents Stolen from Lithuanian Ministry of Foreign Affairs
The Lithuanian Ministry of Foreign Affairs has refused to comment regarding the credibility of e-mail files allegedly stolen from its...
Supply Chain Attacks Using Container Images
According to cybersecurity firm Aqua Security, a recently discovered crypto mining technique used malicious Docker images to takeover companies' computing...
Researchers Uncovered Russian Spy Agencies Targeting Slovak Government
For months, the Slovak government has been targeted by a cyber-espionage group associated with a Russian intelligence agency, Slovak security...
Microsoft Azure Credentials Exposed in Plaintext by Windows 365
Mimikatz has been used by a vulnerability researcher to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new...
Raider – Web Authentication Testing Framework
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
Tko-Subs – A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
Security Affairs newsletter Round 327
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Glowworm Attack allows sound recovery via a device’s power indicator LED
The Glowworm attack leverages optical emanations from a device’s power indicator LED to recover sounds from connected peripherals and spy...
Four years after its takedown, AlphaBay marketplace revamped
The popular black marketplace AlphaBay is back, four years after law enforcement agencies took down the popular hidden service. The darknet marketplace...
Classified documents from Lithuanian Ministry of Foreign Affairs are available for sale
Emails allegedly stolen from the Lithuanian Ministry of Foreign Affairs are available for sale in a cybercrime forum, some emails...
‘DeepBlueMagic’ – Newly Discovered Ransomware With Unique Modus Operandi
Heimdal Security researchers have unearthed a new ransomware strain along with a ransomware note, signed by a group calling itself...
