BeaconEye – Hunts Out CobaltStrike Beacons And Logs Operator Command Output
BeaconEye scans running processes for active CobaltStrike beacons. When processes are found to be running beacon, BeaconEye will monitor each...
Security
Dorkify – Perform Google Dork Search
Perform Google Dork search with Dorkify Google DorkingGoogle dorking is a hacker technique that uses Google Search to find security...
Personal Data and docs of Swiss town Rolle available on the dark web
Documents and personal details of residents of the small Swiss town Rolle, on the shores of Lake Geneva, were stolen...
VMware addressed 4 High-Severity flaws in vRealize Operations
VMware released security patches to address multiple vulnerabilities in vRealize Operations, including four high severity flaws. VMware addressed multiple vulnerabilities...
F5 addressed a flaw in BIG-IP devices rated as critical severity under specific conditions
F5 has addressed more than a dozen severe vulnerabilities in its BIG-IP networking device, including one rated as critical severity...
FIN8 group used a previously undetected Sardonic backdoor in a recent attack
Financially motivated threat actor FIN8 employed a previously undocumented backdoor, tracked as ‘Sardonic,’ in recent attacks. The financially motivated threat...
Imavex – 878,209 breached accounts
In August 2021, the website development company Imavex suffered a data breach that exposed 878 thousand unique email addresses. The...
The best browsers for privacy and security
Unfortunately there is a low correlation factor between what most people find the best browsers and what are the best...
Mice “taking over the world!”, one Windows machine at a time
Famously, Pinky and the Brain were a pair of animated mice that wanted to take over the world. Of course...
COVID19 Vaccine Fraudsters Targeted Health Authorities in 40 Countries
INTERPOL has issued a global alert regarding organized criminal organizations approaching governments and peddling COVID-19 vaccinations through fraudulent offers. After INTERPOL...
Joker Virus is Back, Targeting Android Devices
The notorious Joker has made a comeback, according to Belgian police, who cautioned about the Joker Virus that only targets...
Nigerian Threat Actor Offers $1 million to Insiders for Planting Ransomware
Researchers at Abnormal Security have identified a Nigerian threat actor attempting to recruit employees by offering them to pay $1...
ShadowPad Malware is Being Sold Privately to Chinese Espionage
Since 2017, five separate Chinese threat groups have used ShadowPad, an infamous Windows backdoor that allows attackers to download additional...
SLSA – Supply-chain Levels For Software Artifacts
SLSA (pronounced "salsa") is security framework from source to service, giving anyone working with software a common language for increasing...
PSPKIAudit – PowerShell toolkit for auditing Active Directory Certificate Services (AD CS)
PowerShell toolkit for auditing Active Directory Certificate Services (AD CS). It is built on top of PKISolution's PSPKI toolkit (Microsoft...
ShinyHunters group claims to have data of 70M AT&T customers
Threat actors claim to have a database containing private information on roughly 70 million AT&T customers, but the company denies...
Modified version of Android WhatsApp installs Triada Trojan
Experts spotted a modified version of WhatsApp for Android, which offers extra features, but that installs the Triada Trojan on...
Samsung could use a TV Block feature to disable any of its TVs worldwide
The South Korean multinational Samsung revealed that it can disable its Samsung TV sets remotely using the TV Block feature. Samsung...
CVE-2021-3711 in OpenSSL can allow to change an application’s behavior
The OpenSSL Project patched a high-severity vulnerability, tracked as CVE-2021-3711, that can allow an attacker to change an application’s behavior...
New zero-click exploit used to target Bahraini activists’ iPhones with NSO spyware
Citizen Lab uncovered a new zero-click iMessage exploit that was used to deploy the NSO Group’s Pegasus spyware on devices belonging...
SubaGames – 6,137,666 breached accounts
In November 2016, the game developer Suba Games suffered a data breach which led to the exposure of 6.1M unique...
Eatigo – 2,789,609 breached accounts
In October 2018, the restaurant reservation service Eatigo suffered a data breach that exposed 2.8 million accounts. The data included...
Criminals exploited weak checks and old tech to pull off vast COVID benefit fraud
In life, when you encounter something momentuous—a sudden job loss, a routine check-up that revealed an illness you can’t afford...
Realtek-based routers, smart devices are being gobbled up by a voracious botnet
A few weeks ago we blogged about a vulnerability in home routers that was weaponized by the Mirai botnet just...
