Threat Actor Targets Outsourcing Firm Serco Via Babuk Ransomware
The outsourcing company responsible for NHS Test and Trace system in the UK confirmed this week that it was targeted...
FBI Warns Victims Against Scammers Threating with Jail Time
Recently the US FBI has noted an increase in phone calls that usually spoof the Bureau’s telephone number. The actors...
Uroboros – A GNU/Linux Monitoring And Profiling Tool Focused On Single Processes
Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall...
BurpMetaFinder – Burp Suite Extension For Extracting Metadata From Files
Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains...
Kobalos, a complex Linux malware targets high-performance computing clusters
ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed...
Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs
Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning...
CISA: Many victims of SolarWinds hackers had no direct connection to SolarWinds
The U.S. CISA reveals that many of the victims of the SolarWinds hackers had no direct connection to SolarWinds. The...
Experts discovered a new Trickbot module used for lateral movement
Experts spotted a new Trickbot module that is used to scan local networks and make lateral movement inside the target...
Operation NightScout: supply chain attack on NoxPlayer Android emulator
Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and...
CVE-2020-6105
Summary: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs...
CVE-2020-35459
Summary: An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is...
CVE-2021-3309
Summary: packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust...
CVE-2020-26278
Summary: Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and...
CVE-2021-3164
Summary: ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission...
StoryBird – 1,047,200 breached accounts
In August 2015, the storytelling service StoryBird suffered a data breach exposing 4 million records with 1 million unique email...
Fonix ransomware gives up life of crime, apologizes
Ransomware gangs deciding to pack their bags and leave their life of crime is not new, but it is a...
Users on Alert as Text Scamming Attack on The Rise
The fear of scam messages may seem far now, and even distant. With the rise of well-engineered and sophisticated attacks...
USCellular Hit by a Data Breach After Hackers Access CRM Software
US Cellular, which is a mobile network operator, has suffered a data breach after threat actors gained access to...
Cybersecurity Researchers Identifies an Updated Variant of ‘Pro-Ocean’ Malware
Cybersecurity experts have discovered an updated version of ‘Pro-Ocean malware’, this malware was used as a weapon by a cybercriminal...
DDoS Attacks increase by 154% in 2020 states Neustar
DDoS- Distributed Denial of Service is a cyber attack on a specific server or network. It attempts to disrupt the...
Lebanese Cedar Targeted Telecoms, Hosting’s, ISPs Worldwide
A "persistent attacker group" with supposed connections to Hezbollah has retooled its malware arsenal with a new version of a...
Flawfinder – A Static Analysis Tool For Finding Vulnerabilities In C/C++ Source Code
This is "flawfinder" by David A. Wheeler. Flawfinder is a simple program that scans C/C++ source code and reports potential...
Web-Brutator – Modular Web Interfaces Bruteforcer
Fast Modular Web Interfaces BruteforcerInstallpython3 -m pip install -r requirements.txt Usage$ python3 web-brutator.py -h __ __ ___. __________ __ __...
Addressing the OT-IT Risk and Asset Inventory Gap
Cyber-espionage and exploitation from nation-state-sanctioned actors have only become more prevalent in recent years, with recent examples including the SolarWinds...
