PSC – E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions,...
SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request
SSRF plugin for burp that Automates SSRF Detection in all of the RequestUpcoming Features ChecklistIt will soon have a user...
Victims of FonixCrypter ransomware could decrypt their files for free
FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good...
Domain for programming website Perl.com hijacked
Threat actors took over the domain name perl.com and pointed it to an IP address associated with malware campaigns. Attackers...
Experts addressed flaws in Popup Builder WordPress plugin
Multiple issues in WordPress ‘Popup Builder’ Plugin could be exploited by hackers to perform various malicious actions on affected websites....
CVE-2020-35679
Summary: smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory...
CVE-2020-35680
Summary: smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer...
CVE-2021-25126
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
CVE-2021-25125
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
CVE-2021-25124
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
Cleaning up after Emotet: the law enforcement file
This blog post was authored by Hasherezade and Jérôme Segura Emotet has been the most wanted malware for several years....
RDP abused for DDoS attacks
We have talked about RDP many times before. It has been a popular target for brute force attacks for a...
Open Source Software Vulnerabilities Leads to RCE
Various vulnerabilities in open source video platforms YouPHPTube and AVideo could be utilized to accomplish remote code execution (RCE) on...
Windows 7 Remain Vulnerable to Blind TCP/IP Hijacking Attacks
Adam Zabrocki, a security researcher warned window operating system users regarding the susceptibilities of Windows 7 to blind TCP/IP hijacking...
Node.js Detected with Vulnerability encountered by Captain Freak
Node.js is a cross-platform, open-source, JavaScript back-end operating environment running on Chrome V8 and running JavaScript programming from outside a...
LogoKit Can Manipulate Phishing Pages in Real Time
A recently uncovered phishing kit, named LogoKit, eliminates headaches for cybercriminals via automatically pulling victims' organization logos onto the phishing...
CSSG – Cobalt Strike Shellcode Generator
Adds Shellcode - Shellcode Generator to the Cobalt Strike top menu bar CSSG is an aggressor and python script used...
Arbitrium-RAT – A Cross-Platform, Fully Undetectable Remote Access Trojan, To Control Android, Windows And Linux
Arbitrium is a cross-platform is a remote access trojan (RAT), Fully UnDetectable (FUD), It allows you to control Android, Windows...
Microsoft: North Korea-linked Zinc APT targets security experts
Microsoft, like Google TAG, observed a cyber espionage campaign aimed at vulnerability researchers that attributed to North Korea-linked Zinc APT...
Oscorp, a new Android malware targets Italian users
Researchers at the Italian CERT warns of new Android malware dubbed Oscorp that abuses accessibility services for malicious purposes. Researchers...
Lebanese Cedar APT group broke into telco and ISPs worldwide
Clearsky researchers linked the Lebanese Cedar APT group to a cyber espionage campaign that targeted companies around the world. Clearsky...
CVE-2020-7384
Summary: Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and...
CVE-2020-27284
Summary: TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing...
CVE-2020-27288
Summary: An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker...
