Looking into Attacks and Techniques Used Against WordPress Sites
By David Fiser (Senior Cyber Threat Researcher) WordPress is a well-known open-source content management system (CMS) used for creating websites...
Security
Russian quality system made recommendations for the safe use of IP cameras
The Russian Quality System study says that wireless IP cameras that are used at home, in cafes and other public...
Attackers hacked a Spanish TV channel and showed an interview with the separatist leader of Catalonia
Spanish state television company TVE on Wednesday said that last Thursday unknown attackers used an open portal on its website...
Businesses over Various Countries become Victims of Threat ‘APT20’
An Advanced Persistent Threat (APT) player expected to work from China from the last 2 years is silently targeting companies...
Automotive Giant Honda Exposes 26,000 Vehicle Owner Records Containing Personally Identifiable Information of North American Customers
Subsequent to misconfiguring an 'Elasticsearch cluster' on October 21, the multinational conglomerate Honda exposed around 26,000 vehicle owner records containing...
Spraykatz – A Tool Able To Retrieve Credentials On Windows Machines And Large Active Directory Environments
Spraykatz is a tool without any pretention able to retrieve credentials on Windows machines and large Active Directory environments.It simply...
BetterBackdoor – A Backdoor With A Multitude Of Features
A backdoor is a tool used to gain remote access to a machine.Typically, backdoor utilities such as NetCat have 2...
Google Releases Chrome 79, Warns Users of Data Breach
Tech giant Google has issued warning of data leak for Indian and global users, after fixing Chrome 79 bug and...
OKadminFinder – Admin Panel Finder / Admin Login Page Finder
OKadminFinder: Easy way to find admin panel of site.RequirementsLinuxsudo apt install torsudo apt install python3-socks (optional)pip3 install --user -r requirements.txtWindows...
Findomain v0.9.3 – The Fastest And Cross-Platform Subdomain Enumerator
The fastest and cross-platform subdomain enumerator.What Findomain can do?It table gives you a idea why you should use findomain and...
Cisco Self-Signed Certificate Expiration on Jan. 1, 2020: What You Need to Know
What’s up?Cisco released Field Notice 70489 this week making owners of a wide range of Cisco devices of an impending...
Zeppelin Is Back! Ransomware Stealing Data Via Remote Management Software
Hackers are employing remote management software to steal data and exploit networks only to install “Zeppelin” ransomware on compromised devices.Reportedly,...
Lazyrecon – Script To Automate Your Reconnaissance Process In An Organized Fashion
LazyRecon is a script written in Bash, it is intended to automate some tedious tasks of reconnaissance and information gathering....
PathAuditor – Detecting Unsafe Path Access Patterns
The PathAuditor is a tool meant to find file access related vulnerabilities by auditing libc functions.The idea is roughly as...
Why Running a Privileged Container in Docker Is a Bad Idea
By David Fiser and Alfredo Oliveira Privileged containers in Docker are, concisely put, containers that have all of the root...
Multiple-malware dropper ‘Legion Loader’ dissected
The insidious nature of difficult-to-detect, multiple strains of malware working in tandem to unleash complete obliteration is on full display...
It’s a trap! Cybercriminals use Star Wars: Rise of Skywalker as bait
Star Wars: The Rise of Skywalker is just being released into theaters today but cybercriminals were already assembling fake websites...
A decade in cybersecurity fails: the top breaches, threats, and ‘whoopsies’ of the 2010s
This post was co-authored by Wendy Zamora and Chris Boyd. All opinions expressed belong to your mom. Back in the...
Insider Threat : Employees of Russian banks are massively recruited to get data
In Russia, there are 73 services that recruit insiders in Russian banks. This information was shared by Darknet researcher Anton...
Twitter Followers of the Epilepsy Foundation Targeted by a Mass Strobe Cyber attack
A series of mass cyber-attack occurred during the National Epilepsy Awareness Month, as the hackers circulated videos and pictures of...
Data leak- Thousands of US defense contractors’ data leaked !
A digital consultancy firm accidentally leaked personal information of thousands of defense contractor employees of United States due to A...
TP-Link Routers Vulnerable Again; Voids Passwords! Patching Highly Suggested!
A “zero-day vulnerability” was recently discovered in the “TP-Link Archer C5v4 routers” with the firmware version 3.16.0 0.9.1 v600c and...
Automatic API Attack Tool – Customizable API Attack Tool Takes An API Specification As An Input, Generates And Runs Attacks That Are Based On It As An Output
Imperva's customizable API attack tool takes an API specification as an input, and generates and runs attacks that are based...
Silver – Mass Scan IPs For Vulnerable Services
masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows...
