CISA MAR report provides technical details of FiveHands Ransomware
U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago...
threatintel
DriveSure – 3,675,099 breached accounts
In December 2020, the car dealership service provider DriveSure suffered a data breach. The incident resulted in 26GB of data...
‘XcodeGhost’ Malware Infected Around 128M iOS Users
In a recent malware attack over 128 million iOS customers have been targeted. The malware employed by the attackers goes...
Ransomware Attack Shuts Down Top U.S. Fuel Pipeline Network
The operator of a major gasoline pipeline in the U.S. shut down operations late Friday following a ransomware attack pipeline...
Amazon Fake Reviews Scam Exposed in Data Breach
The identities of over 200,000 people who appear to be participating in Amazon fraudulent product review schemes have been exposed...
A Russian specialist warned of the deadly dangers of the smartphone
The most frequently smartphones of the company Samsung are exploded. There are also known cases when Apple products exploded in...
SolarWinds Hack Alarms US Spy Agencies to Inspect Software Suppliers’ Ties with Russia
US intelligence agencies have started to study supply chain threats from Russia, a top official within the Justice Department confirmed...
Lucifer – A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration And More…
A Powerful Penetration Tool For Automating Penetration Tasks Such As Local Privilege Escalation, Enumeration, Exfiltration and More... Use Or Build...
Waybackurls – Fetch All The URLs That The Wayback Machine Knows About For A Domain
Accept line-delimited domains on stdin, fetch known URLs from the Wayback Machine for *.domain and output them on stdout. Usage...
SQL injection issue in Anti-Spam WordPress Plugin exposes User Data
‘Spam protection, AntiSpam, FireWall by CleanTalk’ anti-spam WordPress plugin could expose user sensitive data to an unauthenticated attacker. A Time-Based...
Security Affairs newsletter Round 313
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
TsuNAME flaw exposes DNS servers to DDoS attacks
A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers....
A cyberattack shutdown US Colonial Pipeline
A cyberattack forced the shutdown of one of the largest pipelines in the United States, the Colonial Pipeline facility in...
Ransomware Hits US Defense Contractor BlueForce
A ransomware attack hit U.S defense contractor Blueforce, says Hatching Triage sample, and a Conti ransomware chat. Ransomware in the...
An Award-Winning iPhone Hack Used by China to Spy on Uyghur Muslims
According to a recent article, the Chinese government used an award-winning iPhone hack first uncovered three years ago at a...
Threat Actors Use Several New Advanced Techniques To Exploit Windows Services
According to the cybersecurity researchers, several fresh techniques, comparatively advanced — are being used by attackers, for exploiting legitimate Windows...
Workings of US Firms Disturbed Due to Covid Surge in Banglore
To say that Bengaluru’s epidemic is huge is an understatement. Bengaluru has more than 65 percent of all active cases...
TsuNAME: New DNS Bug could be used to DDoS Authoritative DNS Servers
Security researchers have found extreme domain name system (DNS) fixes that hackers may use to conduct constructive denial-of-service attacks on...
Kiterunner – Contextual Content Discovery Tool
For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective...
Red-Detector – Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.io
Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/). Audit your EC2 instance to find security misconfigurations using...
Microsoft warns of a large-scale BEC campaign to make gift card scam
Microsoft is warning of a large-scale BEC campaign that targeted hundreds of organizations leveraging typo-squatted domains registered days before the...
Russia-linked APT29 group changes TTPs following April advisories
The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka...
Buer malware rewritten in Rust language to curb detection
Ferris, the Rust mascot Developers of the malicious downloader Buer have taken the unusual step of rewriting the malware in...
Millions put at risk by old, out of date routers
Since the first stay-at-home measures were imposed by governments to keep everyone safe from the worsening COVID-19 pandemic, we at...
