Chinese government issues new vulnerability disclosure regulations
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The...
hacking
Instagram implements ‘Security Checkup’ to help users recover compromised accounts
Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised....
HelloKitty ransomware gang targets vulnerable SonicWall devices
BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators....
Security Affairs newsletter Round 323
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Cilium – eBPF-based Networking, Security, And Observability
Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application...
Bughound – Static Code Analysis Tool Based On Elasticsearch
Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana...
US govt offers $10 million reward for info on nation-state cyber operations
The US government is offering a $10 million reward to everyone that provides information on operations conducted by nation-state actors....
Cisco fixes high-risk DoS flaw in ASA, FTD Software
Cisco addressed a high severity DoS vulnerability in the Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. Cisco...
D-Link issues beta hotfix for multiple flaws in DIR-3040 routers
Network equipment vendor D-Link has released a firmware hotfix to fix multiple vulnerabilities in the DIR-3040 AC3000-based wireless internet router. Network equipment...
Kali-Whoami – A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level
The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly...
Exploit_Mitigations – Knowledge Base Of Exploit Mitigations Available Across Numerous Operating Systems, Architectures And Applications And Versions
The goal is to list exploitation mitigations added over time in various operating systems, software, libraries or hardware. It becomes...
Microsoft alerts about a new Windows Print Spooler vulnerability
Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed...
Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild
Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released...
New enhanced Joker Malware samples appear in the threat landscape
The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to...
Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and...
Exploit broker Zerodium is looking for VMware vCenter Server exploits
Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it...
SpearTip Finds New Diavol Ransomware Does Steal Data
Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet....
Ventoy – A New Bootable USB Solution
Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI files. With ventoy, you don't need to...
Redteam-Hardware-Toolkit – Red Team Hardware Toolkit
A collection of hardware s that aid in red team operations. This repository will help you during red team engagement....
SonicWall warns of ‘imminent ransomware’ attacks on its EOL products
SonicWall has issued an urgent security alert to warn customers of “an imminent ransomware campaing” targeting EOL equipment. SonicWall has...
macOS: Bashed Apples of Shlayer and Bundlore
Uptycs threat research team analyzed macOS malware threat landscape and discovered that Shlayer and Bundlore are the most predominant malware....
Google: four zero-day flaws have been exploited in the wild
Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG)...
China-linked LuminousMoth APT targets entities from Southeast Asia
LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the...
XLS Entanglement
VBA tradecraft is constantly evolving and this past winter, I came across some articles from Adepts of 0xCC. Specifically, their...
