MUI – A GUI Plugin For Binary Ninja To Easily Interact With And View The Progress Of Manticore
With the State Graph WidgetShows the provenance tree for a certain state selected in the list widget. Tab can be...
hacking
A new version of the Abcbot bot targets Chinese cloud providers
Researchers spotted a new botnet named Abcbot hat that mainly targeted Chinese cloud hosting providers over the past months. Security...
Russian national extradited to US for trading on stolen Information
A Russian national was extradited to the US from Switzerland after he was charged for trading information stolen from hacked...
Web Cache Vulnerability Scanner – A Go-based CLI Tool For Testing For Web Cache Poisoning
Web Cache Vulnerability Scanner (WCVS) is a fast and versatile CLI scanner for web cache poisoning developed by Hackmanit.The scanner...
Patch these 2 Active Directory flaws to prevent the takeover of Windows domains
Microsoft warns of a couple of Active Directory flaws fixed with the November 2021 Patch Tuesday updates that could allow takeover of...
Mesh-Kridik – An Open-Source Security Checker That Performs Various Security Checks On A Kubernetes Cluster With Istio Service Mesh And Is Leveraged By OPA (Open Policy Agent) To Enforce Security Rules
Enhance your RequirementsGo 1.16+jqistioInstallationgit clone https://github.com/chen-keinan/mesh-kridikcd mesh-kridikmake buildNote: mesh-kridik require root user to be executedQuick StartExecute Mesh-Kridik without any flags...
More than 35,000 Java packages impacted by Log4j flaw, Google warns
Google found more than 35,000 Java packages in the Maven Central repository that are impacted by flaws in the Apache...
Log4j Vulnerability Aftermath
Uptycs researchers have observed attacks related to miners, DDOS malware and some variants of ransomware actively leveraging LogforShell flaw in...
DarkWatchman RAT uses Windows Registry fileless storage mechanism
DarkWatchman is a new lightweight javascript-based Remote Access Trojan (RAT) that uses novel methods for fileless persistence. Recently Prevailion experts...
Nation-state actors are exploiting Zoho zero-day CVE-2021-44515 since October, FBI warns
The FBI warns that zero-day flaw in Zoho’s ManageEngine Desktop Central has been under active exploitation by nation-state actors since October. The Federal...
Mariana Trench – Security Focused Static Analysis Tool For Android And Java Applications
Mariana Trench is a security focused The issue tells you that Mariana Trench found a remote code execution in MainActivity.onCreate...
Belgian defense ministry hit by cyberattack exploiting Log4Shell bug
The Belgian defense ministry was hit by a cyber attack, it seems that threat actors exploited the Log4Shell vulnerability. The...
Alleged APT implanted a backdoor in the network of a US federal agency
An alleged APT group planted a backdoor in the network of a U.S. federal government commission associated with international rights....
log4j-scan – A fully automated, accurate, and extensive scanner for finding vulnerable log4j hosts
A fully automated, accurate, and extensive scanner for finding DescriptionWe have been researching the Log4J RCE (CVE-2021-44228) since it was...
A new attack vector exploits the Log4Shell vulnerability on servers locally
Security researchers devised a new attack vector exploiting the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection....
Log4J-Detector – Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046
Detects Log4J versions on your file-system within any application that are vulnerable to CVE-2021-44228 and CVE-2021-45046. It is able to...
Clop ransomware gang is leaking confidential data from the UK police
Clop ransomware gang stolen confidential data from the UK police and leaked it in the dark web because the victim...
Security Affairs newsletter Round 345
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
TellYouThePass ransomware resurges and exploits Log4Shell in recent attacks
The TellYouThePass ransomware resurged and exploits the Apache Log4j flaw (Log4Shell) to target both Linux and Windows systems. Researchers from...
Western Digital customers have to update their My Cloud devices to latest firmware version
My Cloud OS firmware is reaching the end of support, Western Digital customers have to update their WD My Cloud...
Apache releases the third patch to address a new Log4j flaw
Multiple flaws in the Log4J library are scaring organizations worldwide while threat actors are already exploiting them. 2.17 is the...
1.8 Million customers of four sports gear sites impacted by credit cards breach
A cyber attack hit four affiliated online sports gear sites and resulted in the theft of credit cards for 1,813,224...
Conti ransomware gang exploits Log4Shell bug in its operations
The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is...
VMware fixes critical SSRF flaw in Workspace ONE UEM Console
VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed...
