PoC exploit for CVE-2021-1675 RCE started circulating online
Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the...
threatintel
Fired by algorithm: The future’s here and it’s a robot wearing a white collar
Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when...
5G Security Vulnerabilities Concern Mobile Operators
As 5G private networks become more widely available in the next years, security may become a major concern for businesses....
Indian Origin Woman Rewarded with Rs 22 Lakh Bounty by Microsoft
Aditi Singh, a 20-year-old Delhi-based ethical hacker, was awarded $30,000 (Rs 22 lakh roughly) for detecting a bug in the...
Data of 700 Million LinkedIn Users Has Been Compromised
A massive breach has purportedly compromised the data of over 700 million LinkedIn users. LinkedIn has a total of 756...
Russia intends to sign agreements with a number of countries in the field of cybersecurity
Deputy Secretary of the Security Council of the Russian Federation Oleg Khramov named several countries with which Moscow plans to...
Microsoft Admits of Signing a Rootkit Malware
Earlier this month, Microsoft signed a driver called Netfilter that turned out to be a malicious network filter rootkit. Krasten...
Remote dating: How do the apps safeguard our data?
The pandemic and the restrictions that came with it have led to an increase in the popularity of dating apps....
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller...
Linux version of REvil ransomware targets ESXi VM
The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware...
Experts developed a free decryptor for the Lorenz ransomware
Researchers analyzed a recently discovered threat, the Lorenz ransomware, and developed a free decryptor for the victims of this new...
GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020
Code repository hosting service GitHub announced that it has paid out more than $1.5 million through its bug bounty program since...
Binance receives the ban hammer from UK’s FCA
Binance, the world’s largest and most popular cryptocurrency exchange network, has had a rough few days. First, Japan’s financial regulator,...
What is the WireGuard VPN protocol?
In layman’s terms, a VPN uses encryption to create a private online connection between a device and a VPN server....
Lil’ skimmer, the Magecart impersonator
This blog post was authored by Jérôme Segura A very common practice among criminals consists of mimicking legitimate infrastructure when...
Is it game over for VR advergaming?
We’ve been warning about advergaming—the combination of virtual reality (VR) and ads—for years on the Labs Blog. I’ve given a...
REvil Hits Brazilian Healthcare Giant Grupo Fleury
São Paulo-based medical diagnostic firm Grupo Fleury has suffered a ransomware attack that has impaired business operations after the company...
Zyxel Warns Customers About Hackers Targeting its Firewalls & VPN Devices
Zyxel, a manufacturer of enterprise routers and VPN devices, has issued a notification that attackers are targeting its devices and...
Detecting unknown threats: a honeypot how-to
Catching threats is tricky business, especially in today’s threat landscape. To tackle this problem, for many years сybersecurity researchers have...
AWS Pen-Testing Laboratory – Pentesting Lab With A Kali Linux Instance Accessible Via Ssh And Wireguard VPN And With Vulnerable Instances In A Private Subnet
PenTesting laboratory deployed as IaC with Terraform on AWS. It deploys a Kali Linux instance accessible via ssh & wireguard...
Heappy – A Happy Heap Editor To Support Your Exploitation Process
Heappy is an editor based on gdb/gef that helps you to handle the heap during your exploitation development. The project...
Microsoft investigates threat actor distributing malicious Netfilter Driver
Microsoft is investigating an strange attack, threat actor used a driver signed by the company, the Netfilter Driver, to implant...
The builder for Babuk Locker ransomware was leaked online
The builder for the Babuk Locker ransomware was leaked online, threat actors can use it to create their own ransomware...
