Security Affairs newsletter Round 311
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Security
10,000+ unpatched ABUS Secvest home alarms can be deactivated remotely
10,000+ unpatched ABUS Secvest home alarm systems could be remotely disabled exposing customers to intrusions and thefts. Researchers from Eye Security have...
The cybersecurity researcher Dan Kaminsky has died
The cybersecurity community has lost its star, the popular hacker Dan Kaminsky has passed away. The popular cyber security researcher...
ToxicEye RAT exploits Telegram communications to steal data from victims
ToxicEye is a new Remote Access Trojan (RAT) that exploits the Telegram service as part of it command and control...
ShopBack – 20,529,819 breached accounts
In September 2020, the cashback reward program ShopBack suffered a data breach. The incident exposed over 20 million unique email...
Russian hackers reportedly stole secret device blueprints from Apple
Hackers reportedly gained access to blueprints of the latest Apple developments by attacking the servers of the Taiwanese company Quanta...
‘Sysrv’ – New Crypto-Mining Botnet is Silently Expanding it’s Reach
It appears that the developers of the ‘Sysrv’ botnet have been working hard in putting out a more sophisticated version...
Experts have warned of a cyberattack on Facebook Messenger users
Attackers distribute offers to install the "latest update" of the messenger disguised as official Facebook posts. Victims risk losing access...
ToxicEye: Trojan Abuses Telegram to Steal Data
The Telegram service is being exploited by operators of a new Remote Access Trojan (RAT) to keep control of their...
Ransomware Attack by REvil on Apple, Demands $50 Million
While Apple was working on the preparations for the 'Spring Loaded' event that went live on Tuesday, 20th April, the...
OverRide – Binary Exploitation And Reverse-Engineering (From Assembly Into C)
Explore disassembly, binary exploitation & reverse-engineering through 10 little challenges. In the folder for each level you will find: flag...
SlackPirate – Slack Enumeration And Extraction Tool – Extract Sensitive Information From A Slack Workspace
This is a tool developed in Python which uses the native Slack APIs to extract 'interesting' information from a Slack...
A new Linux Botnet abuses IaC Tools to spread and other emerging techniques
A new Linux botnet uses Tor through a network of proxies using the Socks5 protocol, abuses legitimate DevOps tools, and other emerging techniques....
Following similar move in US, Europol prepares coup de gras for Emotet’s remains
On Sunday, Europol will end a three-month-long process of dismantling the Emotet botnet by triggering a time-activated .dll to delete...
SUPERNOVA malware discovered on SolarWinds Orion server
The Cybersecurity and Infrastructure Security Agency (CISA) has reported finding the SUPERNOVA web shell collecting credentials on a SolarWinds Orion...
Artificial Intelligence ban slammed for failing to address “vast abuse potential”
A written proposal to ban several uses of artificial intelligence (AI) and to place new oversight on other “high-risk” AI...
How to choose the best VPN for you
If you’ve been shopping for a VPN service in 2021, you’ve probably noticed how many providers are available. Using a...
Here’s a Quick Look at Pros and Cons of ‘Cookies’ in Terms of Browsing Experience
Cookie – the term which most of you are familiar with. Every single time when you open a new website,...
Ransomware Qlocker Encrypts QNAP Devices with 7Zip
A huge ransomware campaign seems to be underway to attack QNAP devices globally and customers can now locate their files...
Trend Micro Flaw Being Actively Exploited
The cybersecurity firm Trend Micro disclosed that the threat actors are once again using security solutions as attack vectors and...
Ransomware by the numbers: Reassessing the threat’s global impact
Kaspersky has been following the ransomware landscape for years. In the past, we’ve published yearly reports on the subject: PC...
Empire Dropbox C2 Listener
One of the lesser-known features in Empire is the ability to use alternative Command and Control (C2) methods. Specifically, we...
IPCDump – Tool For Tracing Interprocess Communication (IPC) On Linux
Announcement post ipcdump is a tool for tracing interprocess communication (IPC) on Linux. It covers most of the common IPC...
CrossLinked – LinkedIn Enumeration Tool To Extract Valid Employee Names From An Organization Through Search Engine Scraping
CrossLinked is a LinkedIn enumeration tool that uses search engine scraping to collect valid employee names from a target organization....
