Experts listed the possible goals of cyber criminals who hack websites
According to Positive Technologies, in 2020, cybercriminals have become increasingly interested in hacking sites: in seven out of ten cases,...
New marketing campaign against UK subway by using TrickBot malware
UK subway market has disclosed that its marketing system has been hacked. The malicious actor was sending TrickBot malware-laden...
The Ministry of Internal Affairs of Russia is creating a cyber police
Deputy Interior Minister Igor Zubov noted that the number of cybercrimes has increased significantly in the context of the coronavirus...
iPhones of Al Jazeera Journalists Being Snooped On Via Israeli Firm’s Spyware
iPhones of around 36 Journalists at Al Jazeera news organisation have been hacked by nation-sponsored hackers who sent malware laden...
Grawler – Tool Which Comes With A Web Interface That Automates The Task Of Using Google Dorks, Scrapes The Results, And Stores Them In A File
Grawler is a tool written in PHP which comes with a web interface that automates the task of using google...
0D1N v3.4 – Tool For Automating Customized Attacks Against Web Applications (Full Made In C Language With Pthreads, Have A Fast Performance)
0d1n is a tool for automating customized attacks against web applications. This tool is very faster because uses thread pool...
AST-2020-004: Remote crash in res_pjsip_diversion
Posted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory - AST-2020-004 Product Asterisk Summary Remote crash in...
AST-2020-003: Remote crash in res_pjsip_diversion
Posted by Asterisk Security Team on Dec 22 Asterisk Project Security Advisory - AST-2020-003 Product Asterisk Summary Remote crash in...
UPnP With a Holiday Cheer
T'was the night before HaXmas,when all through the house,Not a creature was stirring, not even a mouse.The stockings were hung...
Set New InsightVM Goals and Share with Your Team for Increased Visibility and More Efficient Execution
Since 2018, thousands of enterprises have utilized InsightVM’s Goals and SLAs feature to build their organization-specific security goals. Through Goals...
Bulletproof VPN services took down in a global police operation
A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN...
VMware and Cisco also impacted by the SolarWinds hack
The IT giants VMware and Cisco revealed they were impacted by the recently disclosed SolarWinds supply chain attack. VMware and...
Dell Wyse ThinOS flaws allow hacking think clients
Multiple Dell Wyse thin client models are affected by critical vulnerabilities that could be exploited by a remote attacker to...
SUPERNOVA, a backdoor found while investigating SolarWinds hack
While investigating the recent SolarWinds Orion supply-chain attack security researchers discovered another backdoor, tracked SUPERNOVA. The investigation of the SolarWinds...
A week in security (December 14 – December 20)
Last week on Malwarebytes Labs we kept you updated on the SolarWinds attack, we warned about the special dangers that...
Trukno: “On A Mission To Deliver Cyber Intelligence, Not Cyber News”
Trukno: Virtual Threat Intelligence Analyst to launch their Broad Beta Version on 22nd. Every second a new attack in cybersecurity...
US Cyberattack: More than 50 Companies Suffer A Massive Breach
FireEye, the cybersecurity firm responsible for finding out about the massive hacking campaign against the US government says that 50...
Rocket.Chat Path Traversal
Posted by Moe Szyslak on Dec 21Rocket.Chat has fixed a server-side path traversal vulnerability that may be abused to write...
SharpMapExec – A Sharpen Version Of CrackMapExec
A sharpen version of CrackMapExec. This tool is made to simplify penetration testing of networks and to create a swiss...
Watcher – Open Source Cybersecurity Threat Hunting Platform
Watcher is a Django & React JS automated platform for discovering new potentially cybersecurity threats targeting your organisation. It should...
remote code execution when open a project in android studio that google refused to fix(still 0day)
Posted by houjingyi on Dec 21Video and POC here : https://www.youtube.com/watch?v=hAPkSGxh9H0 When you open a project in android studio, if...
SUPREMO Local privilege escalation
Posted by Adan Alvarez on Dec 21Details ======= Subject: Local Privilege Escalation Product: SUPREMO by Nanosystems S.r.l. Vendor Homepage: https://www.supremocontrol.com/...
Zero-day exploit used to hack iPhones of Al Jazeera employees
Tens of Al Jazeera employees were targeted in a cyber espionage campaign leveraging a zero-click iOS zero-day vulnerability to hack...
Clop ransomware gang paralyzed flavor and fragrance producer Symrise
Flavor and fragrance producer Symrise is the last victim of the Clop ransomware gang that claims to have stolen 500...
