Cutwail Botnet-Led Dridex and Malicious PowerShell Related Attacks, Increase with new Scripts
IBM X-Force intelligence has observed an increase in the Cutwail botnet-led Dridex-related network attacks. Dridex is shipped via e-mail with...
HTTP Bridge – Send TCP Stream Packets Over Simple HTTP Request
I've wrote this program as a proof of concept to test the idea of be able to send tcp stream...
Gitls – Enumerate Git Repository URL From List Of URL / User / Org
Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline This tool is available when...
The fire in the OVH datacenter also impacted APTs and cybercrime groups
The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT...
New variant for Mac Malware XCSSET compiled for M1 Chips
Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips....
10,000+ WeLeakInfo customer records leaked
An actor claimed to have registered one of the domains of WeLeakInfo, accessed details of 10000+ WeLeakInfo’ s customers, and...
CVE-2021-26864
Summary: Windows Virtual Registry Provider Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26864 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P...
CVE-2021-26863
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26875, CVE-2021-26900, CVE-2021-27077. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26863...
CVE-2021-26862
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C v3: /...
CVE-2021-26861
Summary: Windows Graphics Component Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26861 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3:...
Liker – 465,141 breached accounts
In March 2020, the self-proclaimed "kinder, smarter social network" Liker suffered a data breach, allegedly in retaliation for the Gab...
Ransomware is targeting vulnerable Microsoft Exchange servers
The Microsoft Exchange attacks using the ProxyLogon vulnerability, and previously associated with the dropping of malicious web shells, are taking...
150,000 Verkada security cameras hacked—to make a point
Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and...
Several Americans Affected by Netgain Ransomware Attack
The number of Americans influenced by a cyber assault on a cloud facilitating and IT services provider has expanded by...
A Bug in iPhone Call Recording App Exposed Clients Data
A security vulnerability in a famous iPhone call recording application exposed thousands of users' recorded conversations. The flaw was found...
Ryuk Ransomware Hits Spain’s Employment Agency
The Spanish State Employment Service (SEPE) has been targeted by a ransomware attack which has resulted in hundreds of offices...
Norway Parliament, Storting, Hit by a Microsoft Exchange Cyber Attack
Yet again for the second time in about six months, Norway's parliament has been hacked. Government officials acknowledged the infiltration...
Good old malware for the new Apple Silicon platform
Introduction A short while ago, Apple released Mac computers with the new chip called Apple M1. The unexpected release was...
Go-RouterSocks – Router Sock. One Port Socks For All The Others.
The next step after compromising a machine is to enumerate the network behind. Many tools exist to expose a socks...
Internet disruption in Russia coincided with the introduction of restrictions
Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new...
Researchers warn of a surge in cyber attacks against Microsoft Exchange
Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities. Researchers at...
Malspam campaign uses icon files to delivers NanoCore RAT
Researchers at Trustwave spotted a new malspam campaign that is abusing icon files to trick victims into installing the NanoCore...
Expert publishes PoC exploit code for Microsoft Exchange flaws
This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon...
Hack the box guide to: Phonebook
Phonebook - 30 points So at always lets fire up burp and visit the page to see what is there...
