Hackers breached the PHP ‘s Git Server and inserted a backdoor in the source code
Threat actors hacked the official Git server of the PHP programming language and pushed unauthorized updates to insert a backdoor...
Security
Ziggy ransomware admin announced it will refund victims who paid the ransom
Administrator of Ziggy ransomware recently announced the end of the operation, and now is promising that its victims will have...
New Purple Fox version includes Rootkit and implements wormable propagation
Researchers from Guardicore have spotted a new variant of the Purple Fox Windows malware that implements worm-like propagation capabilities. Researchers...
Experts found two flaws in Facebook for WordPress Plugin
A critical flaw in the official Facebook for WordPress plugin could be abused exploited for remote code execution attacks. Researchers...
Why you need to trust your VPN: Lock and Code S02E05
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we...
Ransomware Attacks Targeting UK’s Education Sector Increased, says NCSC
According to the warning by GCHQ's cybersecurity arm, NCSC, there has been a substantial spike in the number of ransomware...
Here are Some Interesting Facts About Website Hacking
How many websites are hacked every day? How frequently do hackers attack? Are there any solutions to fix the vulnerabilities?...
Great Britain named Russia as the main threat in cyberspace
Lindy Cameron, executive director of Britain's National Cyber Security Center (NCSC), said on Friday that the Russian Federation poses the...
BadOutlook – (Kinda) Malicious Outlook Reader
A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a...
CallObfuscator – Obfuscate Specific Windows Apis With Different APIs
Obfuscate (hide) the PE imports from static/dynamic analysis tools. TheoryThis's pretty forward, let's say I've used VirtualProtect and I want...
Hackers disrupted live broadcasts at Channel Nine. Is it a Russian retaliation?
A cyber attack has disrupted the Australian Channel Nine’s live broadcasts, the company was unable to transmit its Sunday morning news...
QNAP urges users to take action to protect devices against Brute-Force attacks
Taiwanese manufacturer QNAP published an alert urging its customers to secure their devices after a growing number of users reported...
Security Affairs newsletter Round 307
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
US Gov Executive Order would oblige to disclose security breach impacting gov users
According to a proposed executive order of the Biden administration, software vendors would have to disclose breaches to U.S. government...
Clop Ransomware gang now contacts victims’ customers to force victims into pay a ransom
Clop ransomware operators now email victim’s customers and ask them to demand a ransom payment to protect their privacy to...
Experts spotted a new advanced Android spyware posing as “System Update”
Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts...
Fleeceware apps earned over $400 million on Android and iOS
Researchers at Avast have found an aggregate of 204 fleece ware applications with over a billion downloads and more than...
Threat Actor Targets Guns.com, Spills Sensitive Information on Dark Web
As the domain name suggests, Guns.com is a major Minnesota, US-based platform to buy and sell guns online. It is...
Weintek’s HMI Found with Vulnerabilities which can Allow Attackers to Exploit Devices
Weintek's human-machine interface (HMI) products include three types of critical vulnerabilities, according to a cybersecurity researcher - who specializes in...
Hades Ransomware Attacks US Big Game
An obscure monetarily spurred threat group is utilizing the self-proclaimed Hades ransomware variant in cybercrime activities that have affected at...
Search-That-Hash – Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat
The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash?...
Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code
Automatically detect control-flow flattening and other state machines Author: Tim BlazytkoDescription:Scripts and binaries to automatically detect control-flow flattening and other state...
Apple released out-of-band updates for a new Zero‑Day actively exploited
Apple has released new out-of-band updates for iOS, iPadOS, macOS and watchOS to address another zero‑day flaw, tracked CVE-2021-1879, actively...
German Parliament Bundestag targeted again by Russia-linked hackers
Several members of the German Parliament (Bundestag) and other members of the state parliament were hit by a targeted attack...
