Security Affairs newsletter Round 346
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
hacking
Apple fixed macOS flaw that could allow to bypass Gatekeeper security feature
Apple recently addressed fixed a flaw in the macOS that could be potentially exploited by an attacker to bypass Gatekeeper...
Onionservice – Manage Your Onion Services Via CLI Or TUI On Unix-like Operating System With A POSIX Compliant Shell
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscriptA collection of EchosystemOnion Services are the Hidden...
‘Spider-Man: No Way Home’ used to spread a cryptominer
Threat actors attempted to take advantage of the interest in the new ‘ Spider-Man: No Way Home’ movie to spread...
NimHollow – Nim Implementation Of Process Hollowing Using Syscalls (PoC)
Playing around with the 2. Query created process to extract its base address pointer from PEB (Process Environment Block).3. Read...
New Rook Ransomware borrows code from Babuk
Recently launched ransomware operation, named Rook, made headlines for its announcement claiming a desperate need a lot of money. A...
Omicron-themed phishing attacks spread Dridex and taunt with funeral helpline
A gang behind a recent Dridex Omicron campaign is moking the victims taunting them with a COVID-19 funeral assistance helpline...
Spamscanner – Spam Scanner Is The Best Anti-Spam, Email Filtering, And Phishing Prevention Service
Spam Scanner is the best anti-spam, email filtering, and phishing prevention service. Spam Scanner is a drop-in replacement and the...
Spray365 – Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Spraying Getting StartedInstallationClone the repository, install the required Python...
Fisher Price Chatter Bluetooth Telephone 60G LTE has serious privacy issues
Experts found serious privacy issues affecting Fisher Price Chatter Bluetooth Telephone, a Bluetooth headset that appears like a classic kids...
SQLbit – Just Another Script For Automatize Boolean-Based Blind SQL Injections
A script for automatize boolean-based blind SQL injections. Works with Note: please, use it only for your own servers or...
Experts warn of a new stealthy loader tracked as BLISTER
Security researchers spotted a campaign that is employing a new stealthy malware tracked as BLISTER that targets windows systems. Elastic...
NVIDIA informs customers of its products affected by Log4j flaws
NVIDIA released a security advisory to inform customers what products are affected by the recently disclosed Log4Shell vulnerability. NVIDIA has...
MultiPotato – Another Potato to get SYSTEM via SeImpersonate privileges
First of all - credit to CreateProcessAsUserW with SpoolSample trigger:c:tempMultiPotato> MultiPotato.exe -t CreateProcessAsUserW -p "pwnedpipespoolss" -e "C:tempstage2.exe"And trigger it viac:tempMultiPotato>MS-RPRN.exe...
AvosLocker ransomware reboots in Safe Mode and installs tools for remote access
In a recent wave of attacks, AvosLocker ransomware is rebooting systems into Windows Safe Mode to disable endpoint security solutions....
Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware
Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute...
Three trivial bugs in Microsoft Teams Software remain unpatched
Researchers disclosed four vulnerabilities in the Teams business communication software, but Microsoft will not address three of them. Researchers from...
TrojanSourceFinder – Help Find Trojan Source Vulnerability In Code
TrojanSourceFinder helps developers detect "Trojan Source" Homoglyph AlternativeAs mentioned by @ioah86 here, trojan source could also been detected w/ a one...
HackDHS bug bounty program accepts reports of Log4j-related flaws in DHS systems
The DHS has announced that it is expanding the ‘Hack DHS’ bug bounty program to report for Log4J impacting its...
A flaw in Microsoft Azure App Service exposes customer source code
A vulnerability in the Microsoft Azure App Service led to the exposure of customer source code for at least four years....
CISA releases a scanner to identify web services affected by Apache Log4j flaws
US CISA release of a scanner for identifying web services affected by two Apache Log4j remote code execution vulnerabilities. The...
Umay – IoT Malware Similarity Analysis Platform
IoT This project provides IoT malware similarity analysis based on shared codes. It helps to identify other malwares that have...
Ubisoft discloses unauthorized access to ‘Just Dance’ user data
Video game company Ubisoft confirmed a security breach that resulted in unauthorized access to ‘Just Dance’ user data. Ubisoft discloses...
PYSA ransomware gang is the most active group in November
PYSA and Lockbit were the most active ransomware gangs in the threat landscape in November 2021, researchers from NCC Group...
