Microsoft Discovered a Massive Phishing-as-a-Service Operation
On September 21, Microsoft's security team announced that it has discovered a huge operation that delivers phishing services to cybercrime...
threatintel
Wake me up till SAS summit ends
What do cyberthreats, Kubernetes and donuts have in common – except that all three end in “ts”, that is? All...
JSPanda – Client-Side Prototype Pullution Vulnerability Scanner
Source code analysis - Screenshot Supporting Materials : https://twitter.com/har1sec/status/1314469278322655233 https://github.com/BlackFan/client-side-prototype-pollution https://github.com/ThePacketBender/notes/blob/01c0b834f6e3ee4d934b087b2d92c9e484dc2a50/web/prototype_pollution.txt https://habr.com/ru/company/huawei/blog/547178/ https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2 https://github.com/securitum/research/tree/master/r2020_prototype-pollution Learn Prototype Pollution in Series -...
Wordlistgen – Quickly Generate Context-Specific Wordlists For Content Discovery From Lists Of URLs Or Paths
wordlistgen is a tool to pass a list of URLs and get back a list of relevant words for your...
BulletProofLink, a large-scale phishing-as-a-service active since 2018
Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. Microsoft researchers...
Crystal Valley hit by ransomware attack, it is the second farming cooperative shut down in a week
Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture...
CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution
CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security...
US CISA, FBI, and NSA warn an escalation of Conti ransomware attacks
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US...
Hikvision cameras could be remotely hacked due to critical flaw
A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over...
MSHTML attack targets Russian state rocket centre and interior ministry
Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities. The...
Patch now! Insecure Hikvision security cameras can be taken over remotely
In a detailed post on Github, security researcher Watchful_IP describes how he found that the majority of the recent camera...
Patch vCenter Server “right now”, VMWare expects CVE-2021-22005 exploitation within minutes of disclosure
VMware is urging users of vCenter server to patch no fewer than 19 problems affecting its products. These updates fix...
No, Colonel Gaddafi’s daughter isn’t emailing to give you untold riches
It’s not every day you receive a big money offer from someone claiming to sit in political asylum, but here...
Google, geofence warrants, and you
Another day, another example of how the data sharing choices we make can come back to haunt us. The Guardian...
IT expert warned about the danger of pirated files downloaded via torrent
Sergey Ivanov, Director of Product Strategy at T1 Group, said that pirated files downloaded by users via torrent trackers may...
Anonymous Hacking Group Targets Controversial Web Hoster Epik
US-based web host and domain registrar Epik has confirmed an “unauthorized intrusion” in its systems, a week after members of...
pNetwork Suffered Loss In Bitcoins Worth $12 Million
While Hackers allegedly violated the protocol and seized $12.7 million in Bitcoin, pNetwork thus became the newest victim of the...
Russian Electronic Voting System Struck by 19 DDoS Attacks in One Day
Yandex, the Russian technology and search engine powerhouse, disclosed last week that it had been hit by one of the...
FTC: Health App and Device Makers Should Comply With Health Breach Notification Rule
The Federal Trade Commission on 15th September authorized a policy statement reminding makers of health applications and linked devices that...
AES256_Passwd_Store – Secure Open-Source Password Manager
This script securely encrypts or decrypts passwords on disk within a custom database file. It also features functionality to retrieve...
DirSearch – A Go Implementation Of Dirsearch
This software is a Go implementation of the original dirsearch tool written by Mauro Soria. DirSearch is the very first...
Conti Ransomware Victim: Marans_Weisz_Newman_LLC
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Flaws in Nagios Network Management systems pose risk to companies
Researchers found multiple flaws in widely used network management products from Nagios that pose serious risk to organizations. Researchers from...
VMware addressed a critical flaw in vCenter Server. Patch it now!
VMware addressed a critical arbitrary file upload vulnerability that affects the default configuration of vCenter Server 6.7 and 7.0 deployments....
