New iLOBleed Rootkit, the first time ever that malware targets iLO firmware
A previously unknown rootkit, dubbed iLOBleed, was used in attacks aimed at HP Enterprise servers that wiped data off the...
hacking
AvosLocker ransomware gang releases a free decryptor after an affiliate hit US gov agency
The AvosLocker ransomware operators released a free decryptor after they accidentally encrypted the system of US Government entity. The AvosLocker...
China-linked APT group Aquatic Panda leverages Log4Shell in recent attack
China-linked APT group Aquatic Panda is exploiting the Log4Shell vulnerability to compromise a large academic institution. China-linked cyberespionage group Aquatic...
T-Mobile suffered a new data breach
T-Mobile discloses a new data breach that impacted a “very small number of customers” who were victim of SIM swap...
Apache Log4j 2.17.1 fixes new remote code execution flaw (CVE-2021-44832)
The Apache Software Foundation released Log4j 2.17.1 version to address recently discovered arbitrary code execution flaw tracked as CVE-2021-44832. The...
A cyber attack against Norwegian Media firm Amedia blocked newspaper publishing
A cyber attack hit Norwegian media company Amedia on Tuesday and forced it to shut down multiple systems. Amedia, one...
China-linked BlackTech APT uses new Flagpro malware in recent attacks
China-linked BlackTech cyberespionage group was targeting Japanese companies using new malware tracked as ‘Flagpro’. Researchers from NTT Security reported that China-linked...
LastPass investigated recent reports of blocked login attempts
Password manager app LastPass confirmed that threat actors have launched a credential stuffing attack against its users. While LastPass says...
Threat actors are abusing MSBuild to implant Cobalt Strike Beacons
Experts warn of malicious campaigns abusing Microsoft Build Engine (MSBuild) to execute a Cobalt Strike payload on compromised systems. Security...
Shutterfly hit by a Conti ransomware attack
Shutterfly, an online platform for photography and personalized products, has been affected by a ransomware attack. Shutterfly, is American photography, photography...
DoubleFeature, post-exploitation dashboard used by Equation Group APT
Researchers analyzed the DoubleFeature logging tool of DanderSpritz Framework that was used by the Equation Group APT group. Check Point...
Top 20 Most Popular Hacking Tools in 2021
As Happy New Year wishes the KitPloit team! If you like the site, please consider joining the telegram channel or...
Logistics giant D.W. Morgan exposed 100 GB worth of clients’ data, including Fortune 500 Clients
The Website Planet security team discovered a data breach suffered by the multinational logistics giant D.W. Morgan. The Website Planet security team discovered an Amazon...
A new wave of ech0raix ransomware attacks targets QNAP NAS devices
A new wave of ech0raix ransomware attacks is targeting QNAP network-attached storage (NAS) devices. The threat actors behind the ech0raix...
Apache addressed a couple of severe vulnerabilities in Apache HTTP Server
The Apache Software Foundation released Apache HTTP Server 2.4.52 to address a couple of security flaws that can lead to...
Experts found backdoors in a popular Auerswald VoIP appliance
Researchers found multiple backdoors in popular VoIP (voice over Internet protocol) appliance made by the German manufacturer Auerswald. Researchers from...
Experts monitor ongoing attacks using exploits for Log4j library flaws
Researchers from DrWeb monitored attacks leveraging exploits for vulnerabilities in the Apache Log4j library Researchers from DrWeb monitored attacks leveraging...
Dark web marketplace ToRReZ shuts down on their own’s decision
The operators of the ToRReZ dark web marketplace have shut down their operation claiming it is the result of their...
Snap-Scraper – Snap Scraper Enables Users To Download Media Uploaded To Snapchat’s Snap Map Using A Set Of Latitude And Longitude Coordinates
Snap Scraper is an open source InstallationMacOSDownload the current linked binary in the most recent release. Using terminal ensure you...
Albania Prime Minister apologizes over the recent massive leak of government data
Albania’s prime minister Edi Rama apologized for the massive leak of personal records from a government database of state. Albania’s...
New Android banking Malware targets Brazil’s Itaú Unibanco Bank
Researchers analyzed a new Android banking malware that targets Brazil’s Itaú Unibanco that spreads through fake Google Play Store pages....
Critical flaws in myPRO HMI/SCADA product could allow takeover vulnerable systems
A researcher found a dozen vulnerabilities in mySCADA myPRO product, some of which have been rated as critical. mySCADA myPRO...
French IT services provider Inetum hit by BlackCat ransomware attack
The IT services company Inetum Group was hit by a ransomware attack a few days before the Christmas holiday. French...
SourceLeakHacker – A Multi Threads Web Application Source Leak Scanner
SourceLeakHacker is a muilt-threads web directories scanner.Installationpip install -r requirements.txtUsage dictionary scale --output OUTPUT output folder, default: result/YYYY-MM-DD hh:mm:ss --threads THREADS,...
