ReverseSSH – Statically-linked Ssh Server With Reverse Shell Functionality For CTFs And Such
A statically-linked ssh server with a reverse connection feature for simple yet powerful remote access. Most useful during HackTheBox challenges,...
LockBit Ransomware Blog Offline
BREAKING NEWS: LockBit Ransomware Tor Blog Offline. No further information at present 404-page error on the Ransomware Blog page When...
Fortinet FortiWeb OS Command Injection allows takeover servers remotely
Fortinet addresses a command injection vulnerability that can allow attackers to take complete control of servers running vulnerable FortiWeb WAF...
1.9 million+ records from the FBI’s terrorist watchlist available online
A security researcher discovered that a secret FBI’s terrorist watchlist was accidentally exposed on the internet for three weeks between...
Colonial Pipeline discloses data breach after May ransomware attack
Colonial Pipeline discloses a data breach of the personal information of thousands of individuals after the ransomware attack that took...
T-Mobile confirms data breach that exposed customer personal info
T-Mobile confirms a breach after threat actors claimed to have obtained records of 100 million of its customers and offered...
Recent attacks on Iran were orchestrated by the Indra group
The recent attacks that targeted Iran’s transport ministry and national train system were conducted by a threat actor dubbed Indra. In...
CVE-2019-11283
Summary: Cloud Foundry SMB Volume, versions prior to v2.0.3, accidentally outputs sensitive information to the logs. A remote user with...
CVE-2018-1265
Summary: Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files...
CVE-2018-1262
Summary: Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones...
CVE-2021-33486
Summary: All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper...
CVE-2021-38111
Summary: The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via...
Katie Moussouris hacked Clubhouse. Her emails went unanswered for weeks: Lock and Code S02E15
Nearly one year after the exclusive app Clubhouse launched on the iOS store, its popularity skyrocketed. The app, which is...
How to troubleshoot hardware problems that look like malware problems
Sometimes it’s hard to figure out what exactly is going wrong with your computer. What do you do if you’ve...
A week in security (August 9 – August 15)
Last week on Malwarebytes Labs: Home routers are being hijacked using a vulnerability disclosed just 2 beforeRansomware turncoat leaks Conti...
LockBit 2.0 Ransomware Victim: beardowadams[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
New AdLoad Malware Circumvents Apple’s XProtect to Infect macOS Devices
As part of multiple campaigns detected by cybersecurity firm SentinelOne, a new AdLoad malware strain is infecting Macs bypassing Apple's...
Critical Flaws Allowing Domain Hijacking Assaults Patched By Node.js Developers
A vulnerability in Node.js that would permit a remote actor to carry out domain hijacking assaults has been patched. Last week,...
Threat Group Aggah Targets Industries Via Spear-Phishing Campaigns
A spear-phishing attack that seems to have commenced in early July 2021, targeting various manufacturing industries in Asia has been...
Hackers can ‘Poison’ Open-source Code on the Internet
A Cornell University Tech team with researchers discovered a new kind of backdoor attack that can modify natural-language modelling systems...
Ficker – An Info-Stealer Malware Being Distributed by Russians
Threat actors are using the Malware-as-a-Service (MaaS) model to attack Windows users, according to researchers. The new info-stealer malware “Ficker”...
PickleC2 – A Post-Exploitation And Lateral Movements Framework
PickleC2 is a post-exploitation and lateral movements framework. DocumentationReadTheDocs OverviewPickleC2 is a simple C2 framework written in python3 used to...
CamPhish – Grab Cam Shots From Target’S Phone Front Camera Or PC Webcam Just Sending A Link.
Grab cam shots from target's phone front camera or PC webcam just sending a link. What is CamPhish?CamPhish is techniques...
How to use n8n to automatically scrape Victims from Ransomware dark web onion blogs via TOR proxy
Step one, get n8n up and running. Step two, have a spare device to install tor on and use as...
