Request for full disclosure of CVE-2020-25889 & CVE-2020-25955
Posted by krishna yadav on Dec 07Dear Team, Please find attached POC and detailed information for CVE-2020-25889 & CVE-2020-25955. For...
Security
Baphomet – Basic Concept Of How A Ransomware Works
This is a proof of concept of how a ransomware works, and some techniques that we usually use to hijack...
Js-X-Ray – JavaScript And Node.js Open-Source SAST Scanner (A Static Analysis Of Detecting Most Common Malicious Patterns)
JavaScript AST analysis. This package has been created to export the Node-Secure AST Analysis to enable better code evolution and...
Congrats to the winners of the 2020 December Metasploit community CTF
Thank you all that participated in the 2020 December Metasploit community CTF! The four day CTF was well received by...
NICER Protocol Deep Dive: Internet Exposure of memcached
Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet...
Russia-linked hackers actively exploit CVE-2020-4006 VMware flaw, NSA warns
The National Security Agency (NSA) warns that Russia-linked hackers are exploiting a recently patched VMware flaw in a cyberespionage campaign. The...
US Cyber Command and Australian IWD to develop shared cyber training range
US Cyber Command and the Information Warfare Division (IWD) of the Australian Defense Force to develop a virtual cyber training...
LockBit Ransomware operators hit Swiss helicopter maker Kopter
LockBit ransomware operators have compromised the systems at the helicopter maker Kopter and published them on their darkweb leak site....
Peatix – 4,227,907 breached accounts
In January 2019, the event organising platform Peatix suffered a data breach. The incident exposed 4.2M email addresses, names and...
Facial recognition payments(Face ID) to be introduced in Moscow metro in 2021
Deputy Mayor for Transport Maxim Liksutov said that paying for public transport in Moscow using facial recognition technology (Face ID)...
Data Breach: HR Consulting Giant Randstad Hit by Egregor Ransomware
Randstad NV, a multinational Human Resource consulting firm announced that they were hit by Windows Egregor ransomware. Ransomware operators while...
Hijackthis – A Free Utility That Finds Malware, Adware And Other Security Threats
HiJackThis Fork is a free utility for Microsoft Windows that scans your computer for settings changed by adware, spyware, malware...
Karkinos – Penetration Testing And Hacking CTF’s Swiss Army Knife With: Reverse Shell Handling – Encoding/Decoding – Encryption/Decryption – Cracking Hashes / Hashing
Karkinos is a light-weight 'Swiss Army Knife' for penetration testing and/or hacking CTF's. Currently, Karkinos offers the following: Encoding/Decoding characters...
Drug dealers are selling Pfizer COVID vaccines on the darkweb
While the United Kingdom announced the distribution of the COVID-19 vaccine to the population drug dealers is selling ‘Pfizer COVID...
Security Affairs newsletter Round 292
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
COVID-19 themed attacks October 1 – December 5, 2020
This post includes the details of the COVID-19 themed attacks launched from October 1 to December 5, 2020. Threat actors...
Police arrest two people over stealing sensitive data from defense giant
Italian police arrested two people that have stolen 10 GB of confidental and alleged secret data from the defense company...
COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks
Healthcare organizations like Johnson & Johnson are observing a surge of cyber attacks carried by state-sponsored hackers during COVID-19 pandemic....
Human resource consulting giant Randstad hit by Egregor ransomware
Multinational human resource consulting firm Randstad NV announced that they were a victim of the Egregor ransomware. Egregor ransomware operators have...
Pluto TV – 3,225,080 breached accounts
In October 2018, the internet television service Pluto TV suffered a data breach which was then shared extensively in hacking...
U.S Files Lawsuit Against Facebook For Discriminatory Recruitment Process Against U.S Workers
On Thursday, the U.S. Department of Justice (DOJ) sued F.B., asserting that the company held positions for temporary visa holders...
Acronis reports India to be third highest in terms of Malware attacks, after US and Japan
Acronis, a Switzerland based IT and cybersecurity company surveyed 3,400 IT managers from 17 countries across four continents: Australia, Bulgaria,...
Iranian Hackers Attack Israel Water Facility, Gain Access To HMI Systems
An Iranian hacking group gained passage to an unsafe Israeli water facility ICS. The hackers also posted the video on...
ADSearch – A Tool To Help Query AD Via The LDAP Protocol
A tool written for cobalt-strike's execute-assembly command that allows for more efficent querying of AD. Key FeaturesList all Domain Admins...
