Expert found multiple flaws in Cisco Small Business 220 series
A researcher discovered multiple vulnerabilities in smart switches of Cisco’s Small Business 220 series, including some issues rated as high...
Security
Two Google plans that could make open source code more secure
Recently Google announced that it will fund the further development of Rust. Rust is a low-level programming language that is...
The Polish Prime Minister asked the Sejm to hold a closed meeting on cyber attacks
The lower house of the bicameral parliament of Poland (Sejm) will hold a closed session on hacking attacks against representatives...
Threat Actors Use Google Drives and Docs to Host Novel Phishing Attacks
On Thursday, researchers at email and collaboration security firm Avanan revealed that attackers are using standard tools within Google Docs/Drive...
Fraudsters are Mailing Modified Ledger Devices to Steal Cryptocurrency
Scammers are mailing fraudulent replacement devices to Ledger customers who were recently exposed in a data breach, which are being...
Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config
MotivationThere are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros....
Joern – Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs
Joern's Documentation is available here: https://docs.joern.io/home Quick Installationwget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.shchmod +x ./joern-install.shsudo ./joern-install.shjoernCompiling (synthetic)/ammonite/predef/interpBridge.scCompiling (synthetic)/ammonite/predef/replBridge.scCompiling (synthetic)/ammonite/predef/DefaultPredef.scCompiling /home/tmp/shiftleft/joern/(console) ██╗ ██████╗ ███████╗██████╗ ███╗...
Cruise operator Carnival discloses a security breach
Carnival Corp. said that the data breach it has suffered in March might have impacted its customers and employees. Carnival...
Akamai outage was caused by an issue with its Prolexic DDoS protection service
An outage suffered by CDN, cybersecurity and cloud services provider Akamai was caused by an issue with its Prolexic DDoS...
The return of TA402 Molerats APT after a short pause
TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East....
Over a billion records belonging to CVS Health exposed online
Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records. This week WebsitePlanet...
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran
Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT...
Polazert Trojan using poisoned Google Search results to spread
Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan...
The 6 best Chrome extensions for privacy and security
While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals....
Supply Chain Attack Conducted by Darkside Operator
Mandiant researchers have identified a supply chain attack against a CCTV provider by a Darkside ransomware gang affiliate that has...
Tim Cook Claims Android has 47 Times the Amount of Malware as iOS
During a live chat, Apple CEO Tim Cook stated that Android has more malware than iOS and that "sideloading" mobile...
Putin called the accusations of launching a cyber war against the United States unsubstantiated
Russian President Vladimir Putin said that the US accusations against Russia, including cyber attacks and election interference, are groundless, the...
CVS Health Database Breach Left 1 Billion User Records Exposed Online
Security researchers have discovered an online database belonging to CVS Health which exposed over a billion records online.On March 21st,...
Growing Cyber-Underground Market for Initial-Access Brokers
Ransomware groups are increasingly purchasing access to corporate networks from "vendors" who have previously placed backdoors on targets. Email is a...
Black Kingdom ransomware
Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware...
PPLdump – Dump The Memory Of A PPL With A Userland Exploit
This tool implements a userland exploit that was initially discussed by James Forshaw (a.k.a. @tiraniddo) - in this blog post...
Volatility GUI – GUI For Volatility Forensics Tool
This is a GUI for Volatility forensics tool written in PyQT5Prerequisites:1- Installed version of Volatility. 2- Install PyQT5. sudo apt-get...
Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted
The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by...
Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet
Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg...
