Sploit – Go Package That Aids In Binary Analysis And Exploitation
Sploit is a Go package that aids in binary analysis and exploitation. The motivating factor behind the development of sploit...
Fawkes – Tool To Search For Targets Vulnerable To SQL Injection (Performs The Search Using Google Search Engine)
Fawkes is a tool to search for targets vulnerable to SQL Injection. Performs the search using Google search engine.Options -q,...
COVID-19 themed attacks December 6 – December 19, 2020
This post includes the details of the COVID-19 themed attacks launched from December 6 – December 19, 2020. December 6...
NATO is checking its systems to determine the impact of SolarWinds hack
NATO announced it is assessing its systems after the SolarWinds supply chain attack that impacted multiple US government agencies. NATO...
What is “Sunburst”? A look into the Most Serious Cyberattack in American History
A number of organisations have been attacked by what has been chronicled as one of the most severe acts of...
UK Finance Body: Beware of Parcel Delivery Scam, Especially During Christmas Season
After months of lockdown, this Christmas season has become even more special to people but fraudsters are also beginning...
Active Cypher: “Great Deal of Orchestration of Our Intelligence in AI into Existing Systems”
Active Cypher: The company is built upon a socially responsible fabric, that provides information security for individuals and corporations...
Bheem – Simple Collection Of Small Bash-Scripts Which Runs Iteratively To Carry Out Various Tools And Recon Process
Project Bheem is a simple collection of small bash-scripts which runs iteratively to carry out various tools and recon process...
Bento – A Minimal Fedora-Based Container For Penetration Tests And CTF With The Sweet Addition Of GUI Applications
A bento (弁当, bentō) is a single-portion take-out or home-packed meal of Japanese origin. Bento Toolkit is a simple and...
NSA warns of cloud attacks on authentication mechanisms
The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks...
FBI and Interpol shut down some servers of Joker’s Stash carding marketplace
Joker’s Stash, the largest carding marketplace online, was shut down by a coordinated operation conducted by the FBI and the...
Hackers target COVID-19 vaccine supply chain and sell the vaccine in Darkweb
Threat actors continue to trade critical medical data in the Dark Web while organizations are involved in the response to the COVID-19 pandemic. Cybercrime organizations...
The many ways you can be scammed on Facebook, part II
In part 1 of this article series, we looked at data mining schemes, scam ad campaigns, concert tickets scams, and...
The European Commission added VKontakte and Telegram to the list of pirate sites
VKontakte is surprised by the decision of the European Commission to include the social network in the list of resources...
Massive Cyberattack On US Government Exposes Shortcomings, Russia Named Top Suspect
Not long ago, US agencies had confirmed a massive data breach that compromised their networks. The problem persists, and US...
Putin: the US State Department and the US intelligence agencies come up with fake about Russian hackers
According to the Russian President, he is counting on the experience of the President-elect of the United States, which will...
Sunburst: connecting the dots in the DNS requests
On December 13, 2020 FireEye published important details of a newly discovered supply chain attack. An unknown attacker, referred to...
The future of cyberconflicts
The ever-increasing role of technology in every aspect of our society has turned cybersecurity into a major sovereignty issue for...
Scilla – Information Gathering Tool (DNS/Subdomain/Port Enumeration)
Information Gathering Tool - Dns/Subdomain/Port EnumerationInstallationFirst of all, clone the repo locally git clone https://github.com/edoardottt/scilla.git Scilla has external dependencies, so...
Go365 – An Office365 User Attack Tool
Go365 is a tool designed to perform user enumeration* and password guessing attacks on organizations that use Office365 (now/soon Microsoft365)....
Defense in depth — the Microsoft way (part 68): where compatibility means vulnerability
Posted by Stefan Kanthak on Dec 18Hi @ll, this post is a shortened version of <https://skanthak.homepage.t-online.de/detour.html> With Windows 2000 and...
Rocket.Chat quietly patches XSS vulnerability
Posted by Moe Szyslak on Dec 18Rocket.Chat has quietly fixed a stored XSS vulnerability in the following commits:https://github.com/RocketChat/Rocket.Chat/commit/96d3155245ec65f681664b48b6dafc94c1ea021chttps://github.com/RocketChat/Rocket.Chat/commit/43fe12d775b2329e780a1369a1b2c25070cdcab9 Exploitation of...
CA20201215-01: Security Notice for CA Service Catalog
Posted by Kevin Kotas via Fulldisclosure on Dec 18CA20201215-01: Security Notice for CA Service Catalog Issued: December 15, 2020 Last...
Programi Bilanc – Build 007 Release 014 31.01.2020 – Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718]
Posted by Georg Ph E Heise via Fulldisclosure on Dec 18Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update...
