Several Critical Flaws Identified in WordPress Plugin
Wordfence researchers warned of multiple flaws in a popular WordPress plugin that allows an attacker to upload arbitrary files to...
Security
UN Security Council Talks Over Cyber threats, Where it Leads?
The world’s most important forum regarding well being of nations, the United Nations Security Council is going to carry out...
Do cybercriminals play cyber games in quarantine? A look one year later
Last year, we decided to take a look at how the pandemic influenced the gaming industry and what new threats...
Invoke-DNSteal – Simple And Customizable DNS Data Exfiltrator
Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over...
OpenAttack – An Open-Source Package For Textual Adversarial Attack
OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing...
Microsoft found auth bypass, system hijack flaws in Netgear routers
Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks...
US CISA releases a Ransomware Readiness Assessment (RRA) tool
The US CISA has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool. The US Cybersecurity...
Freshly scraped LinkedIn data of 88,000 US business owners shared online
About a week after scraped data from more than 700 million LinkedIn profiles were put for sale online, it seems that...
Hackers hit a televised phone-in between President Putin and citizens at a TV show
A massive cyber attack attempted to disrupt a televised phone-in between Russian President Vladimir Putin and the Rossiya 24 network....
Police seize DoubleVPN data, servers, and domain
A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised...
Babuk ransomware builder leaked following muddled “retirement”
In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding...
Second colossal LinkedIn “breach” in 3 months, almost all users affected
LinkedIn has reportedly been breached—again—following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the...
Logins and passwords of at least 1.2 million Russians have been leaked online
The credential verification service developed by cybersecurity company BI.ZONE (a subsidiary of Sberbank) has revealed that information about logins and...
Threat Actors Target Aviation Firms Via Spear Phishing Campaign
Fortinet researchers discovered a spear-phishing campaign targeting the aviation industry with malicious download links that distribute the AsyncRAT with a...
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
Colombian authorities arrested hacker behind the Gozi Virus
Colombian authorities arrested a Romanian hacker who is wanted in the U.S. for distributing the Gozi virus that already infected...
Russian-based DoubleVPN seized by law enforcement
Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious...
SolarWinds hackers remained hidden in Denmark’s central bank for months
Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected...
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92%...
PoC exploit for CVE-2021-1675 RCE started circulating online
Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the...
Fired by algorithm: The future’s here and it’s a robot wearing a white collar
Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when...
5G Security Vulnerabilities Concern Mobile Operators
As 5G private networks become more widely available in the next years, security may become a major concern for businesses....
Indian Origin Woman Rewarded with Rs 22 Lakh Bounty by Microsoft
Aditi Singh, a 20-year-old Delhi-based ethical hacker, was awarded $30,000 (Rs 22 lakh roughly) for detecting a bug in the...
