Cryptomining campaign targets Kubernetes via machine learning framework
A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto...
Gamaredon grows by targeting Microsoft Outlook and Office
ESET, an antivirus company has discovered that Gameradon has been growing fast by developing new tools that target Microsoft Office...
Users Might be Under Risk of DNS Vulnerability
What is DNS?It is an essential element in the network (online infrastructure) that allows users to watch or access content...
Attacker-Group-Predictor – Tool To Predict Attacker Groups From The Techniques And Software Used
The tool predicts attacker groups from techniques and softwares used. It searches based on the MITRE ATT&CK frameworkHow it works?1-...
EvilPDF – Embedding Executable Files In PDF Documents
Read the license before using any part from this code :)Hiding executable files in PDF documentsLegal disclaimer:Usage of EvilPDF for...
New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
By Ecular Xu and Joseph C. Chen While tracking Earth Empura, also known as POISON CARP/Evil Eye, we identified an...
VBA macro, remote template injectors included in Gamaredon post-compromise tool kit
The Gamaredon threat group has built a post-compromise tool arsenal that includes remote template injectors for Word and Excel documents...
Black Lives Matter phishing scam looks to spread TrickBot malware
Scammers often craft social engineering schemes around major crises and news events, as demonstrated by the wealth of coronavirus-themed phishing...
Search hijackers change Chrome policy to remote administration
The latest type of installer in the saga of search hijacking changes a Chrome policy which tells users it can’t...
Experts fear an increase in the number of cyber attacks after the end of self-isolation
As 62% of respondents answered, when companies transferred employees to remote work at the beginning of the pandemic, the most...
All Windows Versions Hit By A Vulnerability; Attackers Take Full Control Over Computer
A vulnerability that existed in every single current Window versions allowing an attacker to misuse the Windows Group Policy feature...
Needle – Instant Access To You Bug Bounty Submission Dashboard On Various Platforms + Publicly Disclosed Reports + #Bugbountytip
Chrome extension for Instant access to your bug bounty submission dashboard of various platforms + publicly disclosed reports + #bugbountytipNeedle...
RMIScout – Wordlist And Bruteforce Strategies To Enumerate Java RMI Functions And Exploit RMI Parameter Unmarshalling Vulnerabilities
RMIScout performs wordlist and bruteforce attacks against exposed Java RMI interfaces to safely guess method signatures without invocation.On misconfigured servers,...
Support FAQs: Managing Your Organization’s Security in Response to COVID-19
The security industry has always evolved rapidly, but we have never dealt with changes as drastic and unprecedented as we...
MSPs, know what you’re really looking for in an RMM platform
MSPs naturally adapt and mature as innovative technologies and more effective processes are introduced into the industry. But with ransomware...
UPnP Vulnerability Affects Billion of Devices Allowing DDoS Attacks, Data Exfiltration
A new security vulnerability affecting devices running UPnP protocol has been discovered by a researcher named Yunus Çadırcı; dubbed as...
Three defendants in the case of the hacker group Lurk released from jail
The court of Yekaterinburg replaced the preventive measures in the form of detention with house arrest for three defendants in...
Atlas – Quick SQLMap Tamper Suggester
Atlas is an open source tool that can suggest sqlmap tampers to bypass WAF/IDS/IPS, the tool is based on returned...
Stegcloak – Hide Secrets With Invisible Characters In Plain Text Securely Using Passwords
StegCloak is a pure JavaScript steganography module designed in functional programming style, to hide secrets inside text by compressing and...
How Team Collaboration Can Help You Scale the Vulnerability Mountain
“I feel like I’m buried under my growing mountain of vulnerabilities,” said every security professional ever. While this is a...
Patch Tuesday: Fixes for LNK, SMB, and SharePoint Bugs
This month’s Patch Tuesday had the highest number of entries so far in 2020 — a whopping 129, a continuation...
Honda and Enel impacted by cyber attack suspected to be ransomware
Car manufacturer Honda has been hit by a cyber attack, according to a report published by the BBC, and later...
ParetoLogic facing complaint of alleged wrongdoing
A short while ago we reported on the FTC ruling against payment provider RevenueWire. Now, another Canadian company is under...
Russians were warned about the danger of installing banking apps on the phones
In some situations, the use of the program could lead to leakage of personal information. The specialist gave advice on...
