Malicious code in APKPure app
Recently, we’ve found malicious code in version 3.17.18 of the official client of the APKPure app store. The app is...
Security
PoisonApple – macOS Persistence Tool
Command-line tool to perform various persistence mechanism techniques on macOS. This tool was designed to be used by threat hunters...
Redcloud – Automated Red Team Infrastructure Deployement Using Docker
Redcloud is a powerful and user-friendly toolbox for deploying a fully featured Red Team Infrastructure using Docker. Harness the cloud's...
Pwn2Own 2021: participants earned $1,2M of the $1.5M prize pool
The Pwn2Own 2021 hacking competition was concluded, participants earned more than $1.2 million, the greatest total payout ever. The Pwn2Own...
CISA releases post-compromise tool Aviary to review Microsoft 365
CISA released a Splunk-based dashboard for post-compromise activity in Microsoft Azure Active Directory (AD), Office 365, and MS 365 environments. The Cybersecurity...
330K stolen payment cards and 895K stolen gift cards sold on dark web
A threat actor has sold almost 900,000 gift cards and over 300,000 payment cards on a cybercrime forum on the...
Moodle flaw exposed users to account takeover
Wizcase experts discovered a security flaw in the open-source learning platform Moodle that could allow accounts takeover. At the beginning...
Zoom zero-day discovery makes calls safer, hackers $200,000 richer
Two Dutch white-hat security specialists entered the annual computer hacking contest Pwn2Own, managed to find a Remote Code Execution (RCE)...
Cring Ransomware Attacks Exploited Fortinet Flaw
Ransomware operators shut down two production facilities having a place with a European manufacturer in the wake of conveying a...
Cyber Criminals began to use a new scheme to defraud Russians
The classic scheme to defraud Russian bank clients with the help of malicious emails is experiencing a second birth. Now...
IT Services Remain Disrupted At Two Colleges Of Ireland After Ransomware Attacks
Two IT universities of Ireland the National College of Ireland (NCI) and the Technological University of Dublin have been hit...
German Company Hit By Supply Chain Attack, Only Few Device Affected
Gigaset, a German device maker, was recently hit with a supply chain attack, the hackers breached a minimum of one...
Threat Actors are Using Telegram & Google Forms to Obtain Stolen User Data
Security researchers have noted an increase in the misuse of legitimate services such as Google Forms and Telegram for gathering...
Max – Maximizing BloodHound
Maximizing BloodHound.DescriptionNew Release: dpat - The BloodHound Domain Password Audit Tool (DPAT) A simple suite of tools: get-info - Pull...
NtHiM – Super Fast Sub-domain Takeover Detection
NtHiM - Super Fast Sub-domain Takeover DetectionInstallationMethod 1: Using Pre-compiled BinariesThe pre-compiled binaries for different systems are available in the...
Attackers Targeting Fortinet Devices and SAP Applications
The following blog was co-authored by Caitlin Condon and Bob Rudis, also known (in his own words) as “some caveman...
Kubernetes Namespaces Are Not as Secure as You Think
In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes...
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
This blog post was co-authored by Jamie Gale and Charles Stokes. Done with Q1The DivvyCloud by Rapid7 team has had...
Swarmshop – What goes around comes around: hackers leak other hackers’ data online
Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked...
Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit
Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution. One...
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million...
Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE
Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software. Cisco has addressed multiple...
User database was also hacked in the recent hack of PHP ‘s Git Server
The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords....
Man arrested after hired a hitman on the dark web
A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national...
