Reading INTERPOL the African Cyberthreat Assessment Report 2021
INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report...
hacking
MITRE and CISA publish the 2021 list of most common hardware weaknesses
MITRE and CISA announced the release of the “2021 Common Weakness Enumeration (CWE) Most Important Hardware Weaknesses” list. MITRE and...
TrickBot member extradited to US faces up to 60 years in prison
An alleged member of the TrickBot gang, the Russian national Vladimir Dunaev (aka FFX), has been extradited to the US....
GC2 – A Command And Control Application That Allows An Attacker To Execute Commands On The Target Machine Using Google Sheet And Exfiltrate Data Using Google Drive
GC2 (Google Command and Control) is a Command and Control application that allows an attacker to execute commands on the...
ESET found a variant of the Hive ransomware that encrypts Linux and FreeBSD
The Hive ransomware operators have developed a new variant of their malware that can encrypt Linux and FreeBSD. ESET researchers...
Papua New Guinea ‘s finance ministry was hit by a ransomware
A ransomware attack hit Papua New Guinea ‘s finance ministry and disrupted government payments and operations. Government officials confirmed that...
Scarce-Apache2 – A Framework For Bug Hunting Or Pentesting Targeting Websites That Have CVE-2021-41773 Vulnerability In Public
This tool can Installation- git clone https://github.com/HightechSec/scarce-apache2- cd scarce-apache2- bash scarce.shor you can install in your system like this- git...
Police arrested 12 individuals involved in 1800 ransomware attacks worldwide
Europol and Norwegian Police arrested 12 individuals over ransomware attacks on organizations worldwide, including critical infrastructure operators. A joint operation...
NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems
The US NSA and CISA published a security advisory to warn about threat actors compromising 5G networks via cloud infrastructure....
Http-Protocol-Exfil – Exfiltrate Files Using The HTTP Protocol Version (“HTTP/1.0” Is A 0 And “HTTP/1.1” Is A 1)
Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a...
Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection
Microsoft finds a flaw in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP). Microsoft discovered a...
Over 1 million WordPress sites affected by OptinMonster plugin flaws
A vulnerability in the popular the OptinMonster plugin allows unauthorized API access and sensitive information disclosure. A high-severity vulnerability (CVE-2021-39341)...
HTTPUploadExfil – A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs
HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a...
Wslink, a previously undescribed loader for Windows binaries
ESET researchers discovered a previously undescribed loader for Windows binaries, tracked as Wslink, that runs as a server and executes...
AbstractEmu, a new Android malware with rooting capabilities
AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security...
German investigators identify crypto millionaire behind REvil operations
German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the...
DonPAPI – Dumping DPAPI Credz Remotely
Dumping revelant information on compromised targets without AV detection DPAPI dumpingLots of credentials are protected by DPAPI. We aim at...
Crooks steal $130 million worth of cryptocurrency assets from Cream Finance
Threat actors have stolen $130 million worth of cryptocurrency assets from the Cream Finance decentralized finance (DeFi) platform. C.R.E.A.M. Finance...
Avast releases free decrypters for AtomSilo and LockFile ransomware families
Security firm Avast released today decryptors for AtomSilo and LockFile ransomware that allow victims to recover their files for free....
Grief ransomware gang hit US National Rifle Association (NRA)
Grief ransomware operators claim to have compromised computer systems at US National Rifle Association (NRA) and added it to their...
Clash – A Rule-Based Tunnel In Go
Download Clash If you like the site, please consider joining the telegram channel or supporting us on Patreon using the...
Avast released a free decryptor for Babuk ransomware
Researchers from cybersecurity firm Avast released a decryption tool for Babuk ransomware that allows victims to recover their files for...
The 9th edition of the ENISA Threat Landscape (ETL) report is out!
I’m proud to announce the release of the 9th edition of the ENISA Threat Landscape (ETL) on the state of...
Lorsrf – SSRF Parameter Bruteforce
Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST MethodsNOTELorsrf has been added to scant3r with useful...
