SonicWall addresses critical CVE-2021-20026 flaw in NSM devices
Positive Technologies experts provide details about potential impact of a recently fixes command injection flaw in SonicWall NSM devices. Positive...
hacking
Sharperner – Simple Executable Generator With Encrypted Shellcode
Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can...
TiEtwAgent – PoC Memory Injection Detection Agent Based On ETW, For Offensive And Defensive Research Purposes
This project was created to research, build and test different memory injection detection use cases and bypass techniques. The agent...
Approximatively 1,500 businesses impacted by the ransomware attack that hit Kaseya
Kaseya confirmed that the REvil supply-chain ransomware attack hit fewer than 60 of its customers and their customers. Software provider Kaseya...
Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide
Group-IB supported INTERPOL in its Operation Lyrebird that allowed to identify a threat actor presumably responsible for multiple attacks. Group-IB, one of the leading...
QNAP addressed a critical flaw that allows compromising NAS devices
Taiwanese vendor QNAP addressed a critical flaw, tracked as CVE-2021-28809, that could be exploited to compromise vulnerable NAS devices. Taiwanese vendor...
ENISA publishes Cybersecurity guide for SMEs
ENISA publishes Cybersecurity guide for SMEs, a document that aims at providing suggestions to secure their business During the COVID-19...
CISA, FBI share guidance for MSPs and their customers impacted in Kaseya attack
CISA and the FBI published guidance for the victims impacted by the REvil supply-chain ransomware attack against Kaseya. CISA and the...
Salus – Security Scanner Coordinator
Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating...
Backstab – A Tool To Kill Antimalware Protected Processes
Have these local admin credentials but the EDR is standing in the way? Unhooking or direct syscalls are not working...
Revil ransomware gang hit Spanish telecom giant MasMovil
Revil ransomware gang hit Spanish telecom giant MasMovil and claims to have stolen sensitive data from the group. MasMovil is...
REvil ransomware gang demanded $70M for universal decryptor for Kaseya victims
REvil ransomware is demanding $70 million for decrypting all systems locked during the Kaseya supply-chain ransomware attack. REvil ransomware is...
US water company WSSC Water hit by a ransomware attack
US water company WSSC Water is investigating a ransomware attack that affected non-essential business systems in May. WSSC Water is investigating a...
REvil gang exploited a zero-day in the Kaseya supply chain attack
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply...
Scour – AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team...
FRIDA-DEXDump – Fast Search And Dump Dex On Memory
Featuressupport fuzzy search broken header dex. fix struct data of dex-header. compatible with all android version(frida supported). support loading as...
Hackers spread backdoor after compromising the Mongolian CA MonPass
Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised...
Security Affairs newsletter Round 321
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack
Swedish supermarket chain Coop is the first company to disclose the impact of the recent supply chain ransomware attack that...
Kaseya VSA supply-chain ransomware attack hit hundreds of companies
A supply attack by REvil ransomware operators against Kaseya VSA impacted multiple managed service providers (MSPs) and their clients. A...
MacHound – An extension to audit Bloodhound collecting and ingesting of Active Directory relationships on MacOS hosts
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts....
GDir-Thief – Red Team Tool For Exfiltrating The Target Organization’S Google People Directory That You Have Access To, Via Google’s API
Red Team tool for exfiltrating the target organization's Google People Directory that you have access to, via Google's People API....
Diavol ransomware appears in the threat landscape. Is it the work of the Wizard Spider gang?
Wizard Spider, the cybercrime gang behind the TrickBot botnet, is believed to be the author of a new ransomware family dubbed...
Microsoft urges Azure users to update PowerShell to fix RCE flaw
Microsoft is urging Azure users to update PowerShell to address a remote code execution vulnerability that was fixed earlier this...
