Malwarebytes detects leaked tools from FireEye breach
Hello folks! If you have not heard yet, the security firm FireEye has had a breach of many red team...
Security
Buying COVID-19 vaccines from the Dark Web? No thanks!
Even though we hope that this is an unnecessary warning, we do want to put it out there. As soon...
Russian embassy responds to Norwegian allegations of cyberattack
Hacker groups APT28 and Fancy Bear may have been involved in a cyber attack on the Norwegian Parliament in August...
Sensitive Data of 7 Million Indian Cardholders Circulating On Dark Web
There is a rapid increase in the number of data breaches last year, jumping by 17%, which has become an...
Spy Campaign: SideWinder APT Leverages South Asian Border Disputes
The SideWinder advanced persistent threat (APT) group, which seems to be active since 2012, now has started a new malicious...
The story of the year: remote work
The coronavirus pandemic has caused sudden, sweeping change around the world. The necessary social distancing measures are having an impact...
Sak1To-Shell – Multi-threaded C2 Server And Reverse Shell Client Written In Pure C
Multi-threaded c2 server and reverse TCP shell client written in pure C (Windows). Command list: list: list available connections. interact...
DarkSide – Tool Information Gathering And Social Engineering
Features:Hacker DashboardHacker News New Exploits Hacking Tutorials Video The Latest Prices OF Digital Currencies Information GatheringBypass Cloud Flare Cms Detect...
NICER Protocol Deep Dive: Internet Exposure of etcd
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
njRAT RAT operators leverage Pastebin C2 tunnels to avoid detection
Threat actors behind the njRAT Remote Access Trojan (RAT) are leveraging active Pastebin Command and Control Tunnels to avoid detection....
Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware
Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is...
Attack on Vermont Medical Center is costing the hospital $1.5M a day
The attack that hit the University of Vermont Medical Center at the end of October is costing the hospital about $1.5 million...
European Medicines Agency targeted by cyber attack
The European Medicines Agency (EMA) announced it has been targeted by a cyber attack. The European Medicines Agency (EMA) announced...
VideoBytes: Ryuk Ransomware Targeting US Hospitals
Hello Folks! In this Videobyte, we’re talking about why hospitals are being targeted by the Ryuk ransomware, what tricks they...
RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding...
Depix – Recovers Passwords From Pixelized Screenshots
Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with...
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
Just using InsightAppSec and still want access to the new executive reports? Don’t worry—we have you covered. Check out your...
Crooks hide software skimmer inside CSS files
Security researchers have uncovered a new technique to inject a software skimmer onto websites, the malware hides in CSS files....
Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical
Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December...
The importance of computer identity in network communications: how to protect it and prevent its theft
The importance of computer identity in network communications: how to protect it and prevent threat actors from spying or stealing...
Apache Software Foundation fixes code execution flaw in Apache Struts 2
The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The...
Top cybersecurity firm FireEye hacked by a nation-state actor
The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The cybersecurity firm...
OpenSSL is affected by a ‘High Severity’ security flaw, update it now
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL...
Huawei HedEx Lite (DM) – Path Traversal Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== Huawei HedEx Lite (DM) - Path Traversal Web Vulnerability References (Source):...
