Iran-linked APT35 group exploits Log4Shell flaw to deploy a new PowerShell backdoor
Iran-linked APT35 group has been observed leveraging the Log4Shell flaw to drop a new PowerShell backdoor. Iran-linked APT35 cyberespionege group (aka...
hacking
RAUDI – A Repo To Automatically Generate And Keep Updated A Series Of Docker Images Through GitHub Actions
RAUDI (Regularly and Automatically Updated Docker Images) automatically generates and keep updated a series of Docker Images through GitHub Actions...
Adobe fixes 4 critical Reader bugs that were demonstrated at Tianfu Cup
Adobe released security updates to address multiple vulnerabilities affecting several products, including Acrobat and Reader. Adobe patches for January address...
Microsoft Patch Tuesday fixes critical Office RCE
Microsoft Patch Tuesday security updates fix a critical Office flaw that can allow remote attackers to execute malicious code on...
SpoofThatMail – Bash Script To Check If A Domain Or List Of Domains Can Be Spoofed Based In DMARC Records
Bash script to check if a domain or list of domains can be spoofed based in DMARC records File with...
Night Sky ransomware operators exploit Log4Shell to target hack VMware Horizon servers
Another gang, Night Sky ransomware operation, started exploiting the Log4Shell vulnerability in the Log4j library to gain access to VMware...
WannaRace – WebApp Intentionally Made Vulnerable To Race Condition For Practicing Race Condition
WebApp intentionally made Four vouchers worth 400 units available for recharge Task is to buy Mega box (which is worth 401...
AvosLocker ransomware now targets Linux systems, including ESXi servers
AvosLocker is the latest ransomware that implemented the capability to encrypt Linux systems including VMware ESXi servers. AvosLocker expands its...
WordPress 5.8.3 Security Release fixes four vulnerabilities
WordPress maintainers have released WordPress 5.8.3 that addresses four vulnerabilities and recommend admins to update their sites immediately The WordPress...
Several EA Sports FIFA 22 players have been hacked
Several EA Sports FIFA 22 players claim to have been hacked, they say to have lost access to their personal...
PasteMonitor – Scrape Pastebin API To Collect Daily Pastes, Setup A Wordlist And Be Alerted By Email When You Have A Match
Scrape Before startBefore starting the tool, make sure to:Get a Pastebin PRO accountEnter the IP address of your machine in...
Abcbot and Xanthe botnets have the same origin, experts discovered
Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December...
Indian-linked Patchwork APT infected its own system revealing its ops
The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An...
LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host)...
New ZLoader malware campaign hit more than 2000 victims across 111 countries
A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft...
Cyber Defense Magazine – January 2022 has arrived. Enjoy it!
Cyber Defense Magazine January 2022 Edition has arrived. We hope you enjoy this month’s edition…packed with 155 pages of excellent...
Shellcode-Encryptor – A Simple Shell Code Encryptor/Decryptor/Executor To Bypass Anti Virus
A simple shell code encryptor/decryptor/executor to bypass anti virus. Note: I have completely redone the work flow for creating the...
US NCSC and DoS share best practices against surveillance tools
The US NCSC and the Department of State published joint guidance on defending against attacks using commercial surveillance tools. The US...
Swiss army asks its personnel to use the Threema instant-messaging app
The Swiss army has banned all instant messaging apps, including Signal, Telegram, and WhatsApp, recommending the use of the Threema...
Russian submarines threatening undersea cables, UK defence chief warns
Russian submarines threatening undersea network of undersea cables, says UK defence chief Sir Tony Radakin UK defence chief Sir Tony...
RCLocals – Linux Startup Analyzer
Inspired by 'Autoruns' from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan...
Security Affairs newsletter Round 348
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Unauthenticated RCE in H2 Database Console is similar to Log4Shell
Researchers disclosed a critical RCE flaw in the H2 open-source Java SQL database which is similar to the Log4J vulnerability....
FluBot malware continues to evolve. What’s new in Version 5.0 and beyond?
Researchers warn of new campaigns distributing a new improved version of the FluBot malware posing as Flash Player. Researchers from...
