Gorsair – Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has...
hacking
Lazyrecon – Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning....
Cyber Defense Magazine – July 2021 has arrived. Enjoy it!
Cyber Defense Magazine July 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 158 pages of...
Experts warn of Babuk Locker attacks with recently leaked ransomware builder
The recently leaked Babuk Locker ransomware builder was used by a threat actor in an ongoing campaign targeting victims worldwide....
CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks
CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due...
UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT
US and UK cybersecurity agencies said the Russia-linked APT28 group is behind a series of large-scale brute-force attacks.US and UK...
Hackers breached a data server of the University Medical Center
The University Medical Center hospital discloses a data breach after threat actors published online images of stolen personal information as...
Invoke-DNSteal – Simple And Customizable DNS Data Exfiltrator
Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator. This tool helps you to exfiltrate data through DNS protocol over...
OpenAttack – An Open-Source Package For Textual Adversarial Attack
OpenAttack is an open-source Python-based textual adversarial attack toolkit, which handles the whole process of textual adversarial attacking, including preprocessing...
Microsoft found auth bypass, system hijack flaws in Netgear routers
Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks...
US CISA releases a Ransomware Readiness Assessment (RRA) tool
The US CISA has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool. The US Cybersecurity...
Freshly scraped LinkedIn data of 88,000 US business owners shared online
About a week after scraped data from more than 700 million LinkedIn profiles were put for sale online, it seems that...
Hackers hit a televised phone-in between President Putin and citizens at a TV show
A massive cyber attack attempted to disrupt a televised phone-in between Russian President Vladimir Putin and the Rossiya 24 network....
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
Colombian authorities arrested hacker behind the Gozi Virus
Colombian authorities arrested a Romanian hacker who is wanted in the U.S. for distributing the Gozi virus that already infected...
Russian-based DoubleVPN seized by law enforcement
Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious...
SolarWinds hackers remained hidden in Denmark’s central bank for months
Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected...
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92%...
PoC exploit for CVE-2021-1675 RCE started circulating online
Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the...
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller...
Linux version of REvil ransomware targets ESXi VM
The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware...
Experts developed a free decryptor for the Lorenz ransomware
Researchers analyzed a recently discovered threat, the Lorenz ransomware, and developed a free decryptor for the victims of this new...
