SuperVPN & GeckoVPN – 20,339,937 breached accounts
In February 2021, a series of "free" VPN services were breached including SuperVPN and GeckoVPN, exposing over 20M records. The...
Security
Tibetan Organizations Targeted in a Chinese Sponsored Phishing Campaign
Cybersecurity experts from Proofpoint have unearthed a Chinese-sponsored phishing campaign and published a report on Thursday; as per the findings,...
American Telecommunications Firm, T-Mobile Confirmed Data Breach and Sim Swapping Attacks
After an undisclosed number of subscribers were reportedly hit by SIM swap attacks, American telecommunications company T-Mobile has announced a...
IBM: Cyber attacks on Linux systems of Russian government agencies will increase
The problem will also affect Russian government agencies, which are switching to domestic Linux operating systems as part of import...
Alexa Skills can Easily Bypass Vetting Process
Researchers have uncovered gaps in Amazon's skill vetting process for the Alexa voice assistant ecosystem that could permit a threat...
WdToggle – A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching
A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and...
Gargamel – A Forensic Evidence Acquirer
A Forensic Evidence AcquirerCompileAssuming you have Rust 1.41+ installed. Open terminal in the project directory and to compile a release...
New Zealand-based cryptocurrency exchange Cryptopia hacked again
The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019...
Security Affairs newsletter Round 303
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Experts found a critical authentication bypass flaw in Rockwell Automation software
A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical...
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha
‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group...
To pay, or not to pay? That is the VPN question
VPNs have been a subject of deliberation for a long time. Is it even important to use one? I think...
Steris Corporation, The Latest Victim of Ransomware Gang Called ‘Clop’.
Data related to a customer of a recently targeted California-based private cloud solutions firm Accellion is being published online...
SQL Triggers Used by Hackers to Compromise User Database
Over the past year, a broader pattern of WordPress malware with SQL triggers has occurred within infected databases to mask...
Pillager – Filesystems For Sensitive Information With Go
Pillager is designed to provide a simple means of leveraging Go's strong concurrency model to recursively search directories for sensitive...
Gatekeeper – First Open-Source DDoS Protection System
Gatekeeper is the first open source DoS protection system. It is designed to scale to any peak bandwidth, so it...
T-Mobile customers were hit with SIM swapping attacks
The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks....
New Ryuk ransomware implements self-spreading capabilities
French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks....
Microsoft releases open-source CodeQL queries to assess Solorigate compromise
Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack...
TikTok pays $92 million to end data theft lawsuit
TikTok, the now widely popular social media platform that allows users to create, share, and discover, short video clips has...
Unprotected Private Key Allows Remote Hacking of PLCs
Industrial associations have been cautioned for this present week that a critical authentication bypass vulnerability can permit hackers to remotely...
AIVD says they face cyber attacks from Russia and China every day
According to the head of the country's General Intelligence and Security Service, these hackers break into the computers of companies...
Google Reveals Details of a Recently Patched Windows Flaw
Google Project Zero team disclosed the details of a recently fixed Windows flaw, tracked as CVE-2021-24093, that can be compromised...
15,000 Clients Data Leaked Accidently by a Turkish Firm
Accidentally, a law firm has disclosed client data of 15,000 incidents in which individuals have been killed and wounded after...
