“LinkedIn Private Shared Document” Shared Via Phishing Email by Hackers
LinkedIn seems to have become a popular destination for phishing attacks and users have been attacked with phishing emails in...
Security
Masslogger Campaigns Exfiltrates Clients Credentials
Assailants are continually reinventing approaches to monetize their tools. Cisco Talos as of late found an intriguing campaign affecting Windows...
SSRFuzz – A Tool To Find Server Side Request Forgery Vulnerabilities, With CRLF Chaining Capabilities
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?I wanted to write a...
Galer – A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In
A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to...
Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning
Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are...
Hackers steal credit card data abusing Google’s Apps Script
Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development...
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA
RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for...
SolarWinds hackers had access to components used by Azure, Intune, and Exchange
Microsoft announced that SolarWinds hackers could have had access to repositories containing some components used by Azure, Intune, and Exchange....
WatchDog botnet targets Windows and Linux servers in cryptomining campaign
PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency....
Second malware strain primed to attack Apple’s new M1 chip identified
Along with the Pirrit Mac adware identified earlier this week, researchers from Red Canary identified Thursday a different malware strain...
Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy
What game caused some players to experience seizures, allows you to have unauthorized sex with Keanu Reeves, features a lead...
Romance scams: FTC reveals $304 million of heartache
In 2020, reported losses to the FTC for romance scams went up by 50% from 2019, totalling $304 million. And...
Ukrainian police arrested members of a well-known cyber ransomware group
Members of the Egregor group, which provides the service using the Ransomware-as-a-Service (RaaS) model, have been arrested by the Ukrainian...
Cybercriminal Gang Clop Attacked an International Law Firm Jones Day For Ransom
Jones Day, a U.S.-based international law firm has suffered a major ransomware attack, and the allegedly stolen files from Jones...
Data of 14 Million Amazon and eBay Accounts Leaked on Hacking Websites
An anonymous user offered 14 million data from Amazon and eBay accounts on a prominent hacking website for dissemination. The...
WireBug – A Toolset For Voice-over-IP Penetration Testing
WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to...
Ghidra_Kernelcache – A Ghidra Framework For iOS Kernelcache Reverse Engineering
This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in...
Securing Your Web App, One Robot at a Time
Modern web apps are two things: complex, and under persistent attack. Any publicly accessible web application can receive up to...
The OpenSSL Project addressed three vulnerabilities
The OpenSSL Project addressed three vulnerabilities, including two denial-of-service (DoS) issues and a bug in the SSLv2 rollback protection. The...
US DoJ charges three members of the North Korea-linked Lazarus APT group
The US DOJ charged three members of the North Korea-linked Lazarus Advanced Persistent Threat (APT) group. The U.S. Justice Department...
ScamClub malvertising gang abused WebKit zero-day to redirect to online gift card scams
Malvertising gang ScamClub has exploited an unpatched zero-day vulnerability in WebKit-based browsers in a campaign aimed at realizing online gift...
Clubhouse under scrutiny for sending data to Chinese servers
The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now...
Yandex sysadmin caught selling access to email accounts
Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had...
Lithuanian Police Investigate Leak of 110,000 User Records of CityBee
Police in Lithuania is investigating after the personal information of 110,000 individuals was leaked to an online hacker site. The...
