InfoSec News & Tutorials
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. Researchers from FireEye’s Mandiant revealed that…
UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes…
Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers from Microsoft’s Section 52 team recently uncovered several critical memory…
A vulnerability in the PHP Composer could have allowed an attacker to execute arbitrary commands and backdoor every PHP package. The maintainers of the PHP Composer package have addressed a…
Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks was hit by a ransomware attack. Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks,…
In March 2021, the mobile parking app service ParkMobile suffered a data breach which exposed 21 million customers' personal data. The impacted data included email addresses, names, phone numbers, vehicle…
Signal—the private, end-to-end encrypted messaging app that surged in popularity in recent months—once again reminded criminal investigators that it could not fully comply with a legal request for user records…
Smishing is a valuable tool in the scammer’s armoury. You’ve likely run into it, even if you didn’t know that is its name. It doesn’t arrive by email or social…
The Dutch information watchdog—the Autoriteit Persoonsgegevens (AP)—has fined the city of Enschede for € 600,000 for tracking its citizens’ movements without permission. It is the first time that a Dutch…
In today’s age, it is impossible to implement effective cybersecurity technology without depending on innovative technologies like machine learning and artificial intelligence. Machine learning in the field of cybersecurity is…
The .Net-based malware has recently been disguised as an installer of the popular secure messaging app, Telegram. Stealers are pieces of malicious code written with a hit-and-run mindset, intending to find…
Almost everybody by now is workings from home and 84 percent are worried that new security vulnerabilities have been generated with the quick move towards 100 percent remote working. Cloud service…
Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs. This tool is powered by Metasploit-Framework and amsi.failNotesNEVER UPLOAD THE…
The all_groups.py script allows to enumerate all Microsoft 365 Groups in a Azure AD tenant with their metadata: name visibility: public or private description email address owners members Teams enabled?…
An information disclosure issue in Linux Kernel allows KASLR bypass could be potentially exploited in attacks in the wild. An information disclosure flaw in the Linux kernel, tracked as CVE-2020-28588,…
Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS Central Intelligence Agency (CIA). Cybersecurity firm Kaspersky has discovered a…
Experts recently uncovered a Linux backdoor, dubbed RotaJakiro, that has flown under the radar for many years while harvest and exfiltrate sensitive information from the victims. RotaJakiro is a Linux…
China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years. The Naikon APT group is a China-linked cyber espionage group that has…
Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege escalation vulnerability that could allow an attacker to establish a connection…
HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the CRL. Fixed in 1.5.8, 1.6.4, and 1.7.1.
The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to gain privileges because this is arguably incompatible with the design of…
Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted MS-DOS device file, as demonstrated by use of "AUX" as the…
Assistant Attorney General for National Security John Demers, speaks during a virtual news conference at the Department of Justice on October 28, 2020 in Washington, D.C. Demers said at a…