Dumping user’s Microsoft Azure credentials in plaintext from Windows 365
A security expert devised a method to retrieve a user’s Microsoft Azure credentials in plaintext from Microsoft’s new Windows 365...
SynAck ransomware gang releases master decryption keys for old victims
The SynAck ransomware gang released the master decryption keys for their operations and rebranded as a new group dubbed El_Cometa...
Vice Society ransomware also exploits PrintNightmare flaws in its attack
Another ransomware gang, the Vice Society ransomware operators, is using Windows print spooler PrintNightmare exploits in its attacks. The Vice...
CVE-2015-2073
Summary: The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to read arbitrary files...
CVE-2021-21585
Summary: Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A...
CVE-2015-2074
Summary: The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote attackers to write to arbitrary...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2020-18694
Summary: Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via...
Phishing campaign goes old school, dusts off Morse code
In an extensive report about a phishing campaign, the Microsoft 365 Defender Threat Intelligence Team describes a number of encoding...
Crypto-scams you should be steering clear of in 2021
A fair few cryptocurrency scams have been doing the rounds across 2021. Most of them are similar if not identical...
VPN Test: How to check if your VPN is working or not
The primary function of a Virtual Private Network (VPN) is to enhance your online privacy and security. It should do...
Cyberbullying 101: A Primer for kids, teens, and parents
At some point in our lives, we have likely either been bullied, stood back and watched others bullying, or participated...
Phishing Attackers Spotted Using Morse Code to Avoid Detection
Microsoft has revealed details of a deceptive year-long social engineering campaign in which the operators changed their obfuscation and encryption...
Russia has developed a virtual reality helmet for recruitment
Researchers from Samara State University have developed a technology to assess the psychological qualities of a job seeker using a...
Underground Criminals Selling Stolen Network Access to Third Parties for up to $10,000
Cybersecurity firm Intsights published a new report that highlights the vibrant marketplaces on the dark web where attackers can buy...
Cyber Firm: Ransomware Group Demanding $50M in Accenture Security Breach
The hacking group behind a ransomware attack on global solution provider powerhouse Accenture has demanded $50 million in ransom, as...
St. Joseph’s/Candler (SJ/C) Suffered a Data Breach
A ransomware attack on one of the leading healthcare organizations in southeast Georgia compromised personnel and patients' protected health information...
Nimplant – A Cross-Platform Implant Written In Nim
Nimplant is a cross-platform (Linux & Windows) implant written in Nim as a fun project to learn about Nim and...
jwtXploiter – A Tool To Test Security Of Json Web Token
A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token...
Google open-sourced Allstar tool to secure GitHub repositories
Google has open-sourced the Allstar tool that can be used to secure GitHub projects and prevent security misconfigurations. Google has open-sourced the Allstar tool...
Microsoft warns of a evasive year-long spear-phishing campaign targeting Office 365 users
Microsoft warns of a long-running spear-phishing campaign that has targeted Office 365 customers in multiple attacks since July 2020. Microsoft...
