Supply Chain Attacks Using Container Images
According to cybersecurity firm Aqua Security, a recently discovered crypto mining technique used malicious Docker images to takeover companies' computing...
Security
Researchers Uncovered Russian Spy Agencies Targeting Slovak Government
For months, the Slovak government has been targeted by a cyber-espionage group associated with a Russian intelligence agency, Slovak security...
Microsoft Azure Credentials Exposed in Plaintext by Windows 365
Mimikatz has been used by a vulnerability researcher to dump a user's unencrypted plaintext Microsoft Azure credentials from Microsoft's new...
Raider – Web Authentication Testing Framework
This is a framework designed to test authentication for web applications. While web proxies like ZAProxy and Burpsuite allow authenticated...
Tko-Subs – A Tool That Can Help Detect And Takeover Subdomains With Dead DNS Records
This tool allows: To check whether a subdomain can be taken over because it has: a dangling CNAME pointing to...
Security Affairs newsletter Round 327
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Glowworm Attack allows sound recovery via a device’s power indicator LED
The Glowworm attack leverages optical emanations from a device’s power indicator LED to recover sounds from connected peripherals and spy...
Four years after its takedown, AlphaBay marketplace revamped
The popular black marketplace AlphaBay is back, four years after law enforcement agencies took down the popular hidden service. The darknet marketplace...
Classified documents from Lithuanian Ministry of Foreign Affairs are available for sale
Emails allegedly stolen from the Lithuanian Ministry of Foreign Affairs are available for sale in a cybercrime forum, some emails...
‘DeepBlueMagic’ – Newly Discovered Ransomware With Unique Modus Operandi
Heimdal Security researchers have unearthed a new ransomware strain along with a ransomware note, signed by a group calling itself...
Cyber Criminals Using a New Darknet Tool to Escape Detection
There has been an ongoing war between criminals and authorities in cyberspace for years. Although cryptocurrencies are anonymous in nature,...
Snake Keylogger: Enters Top 10 List for the Most Prominent Malwares
Check Point Research reveals that for straight three months the Trickbot is by far the most common malware, whereas, for...
Bantam – A PHP Backdoor Management And Generation tool/C2 Featuring End To End Encrypted Payload Streaming Designed To Bypass WAF, IDS, SIEM Systems
An advanced PHP backdoor management tool, with a lightweight server footprint, multi-threaded communication, and an advanced payload generation and obfuscation...
NinjaDroid – Ninja Reverse Engineering On Android APK Packages
NinjaDroid is a simple tool to reverse engineering Android APK packages. Published at: https://snapcraft.io/ninjadroid $ snap install ninjadroid --channel=betaOverviewNinjaDroid uses...
Dumping user’s Microsoft Azure credentials in plaintext from Windows 365
A security expert devised a method to retrieve a user’s Microsoft Azure credentials in plaintext from Microsoft’s new Windows 365...
SynAck ransomware gang releases master decryption keys for old victims
The SynAck ransomware gang released the master decryption keys for their operations and rebranded as a new group dubbed El_Cometa...
Vice Society ransomware also exploits PrintNightmare flaws in its attack
Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice...
Phishing campaign goes old school, dusts off Morse code
In an extensive report about a phishing campaign, the Microsoft 365 Defender Threat Intelligence Team describes a number of encoding...
Crypto-scams you should be steering clear of in 2021
A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical...
VPN Test: How to check if your VPN is working or not
The primary function of a Virtual Private Network (VPN) is to enhance your online privacy and security. It should do...
Cyberbullying 101: A Primer for kids, teens, and parents
At some point in our lives, we have likely either been bullied, stood back and watched others bullying, or participated...
Phishing Attackers Spotted Using Morse Code to Avoid Detection
Microsoft has revealed details of a deceptive year-long social engineering campaign in which the operators changed their obfuscation and encryption...
Russia has developed a virtual reality helmet for recruitment
Researchers from Samara State University have developed a technology to assess the psychological qualities of a job seeker using a...
Underground Criminals Selling Stolen Network Access to Third Parties for up to $10,000
Cybersecurity firm Intsights published a new report that highlights the vibrant marketplaces on the dark web where attackers can buy...
