Most Common Causes of Data Breach and How to Prevent It
Which are the most common causes of a Data Breach and how to prevent It? How can organizations prevent it?...
hacking
Experian API exposed credit scores of tens of millions of Americans
Experian API exposed credit scores of tens of millions of Americans due to a weakness with a partner website. Anyone...
Threat Report Portugal: Q1 2021
The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021....
WinPmem – The Multi-Platform Memory Acquisition Tool
The WinPmem memory acquisition driver and userspaceWinPmem has been the default open source memory acquisition driver for windows for a...
Storm-Breaker – Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With Ngrok
Tool Social Engineering (Access Webcam, Microphone, OS Password Grabber And Location Finder) With NgrokFeatures:Get Device Information Without Any Permissions Access...
WeSteal, a shameless commodity cryptocurrency stealer available for sale
The bold author of a new cryptocurrency stealer, dubbed WeSteal, is promising its customers a leading way to make money...
Security Affairs newsletter Round 312
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Hacking a Tesla Model X with a DJI Mavic 2 drone equipped with a WIFI dongle
A security duo has demonstrated how to hack a Tesla Model X’s and open the doors using a DJI Mavic...
Cloud hosting provider Swiss Cloud suffered a ransomware attack
Swiss cloud hosting provider Swiss Cloud has suffered a ransomware attack that seriously impacted its server infrastructure. On April 27...
AgeLocker ransomware operation targets QNAP NAS devices
Taiwanese vendor QNAP is warning its customers of AgeLocker ransomware attacks on their NAS devices. Crooks behind the AgeLocker ransomware...
Nginxpwner – Tool to look for common Nginx misconfigurations and vulnerabilities
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.Install:cd /optgit clone https://github.com/stark0de/nginxpwnercd nginxpwnerchmod +x install.sh./install.sh Usage:Target...
Paragon – Red Team Engagement Platform With The Goal Of Unifying Offensive Tools Behind A Simple UI
Paragon is a Red Team engagement platform. It aims to unify offensive tools behind a simple UI, abstracting much of...
Flaws in the BIND software expose DNS servers to attacks
The Internet Systems Consortium (ISC) released updates for the BIND DNS software to patch several denial-of-service (DoS) and potential RCE...
Babuk crew announced it will stop ransomware attacks
Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on...
China-linked APT uses a new backdoor in attacks at Russian defense contractor
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor A China-linked cyberespionage group targets a Russian defense...
Vaf – Very Advanced (Web) Fuzzer
very advanced fuzzer compilingInstall nim from nim-lang.org Run nimble build A vaf.exe file will be created in your directory ready...
SniperPhish – The Web-Email Spear Phishing Toolkit
SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish...
UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the...
Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization
UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a...
Microsoft warns of BadAlloc flaws in OT, IoT devices
Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers...
Command injection flaw in PHP Composer allowed supply-chain attacks
A vulnerability in the PHP Composer could have allowed an attacker to execute arbitrary commands and backdoor every PHP package....
An alleged ransomware attack hit the Italian Banca di Credito Cooperativo causing chaos
Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks was hit by a ransomware attack. Banca di...
MeterPwrShell – Automated Tool That Generate The Perfect Powershell Payload
Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs....
M365_Groups_Enum – Enumerate Microsoft 365 Groups In A Tenant With Their Metadata
The all_groups.py script allows to enumerate all Microsoft 365 Groups in a Azure AD tenant with their metadata: name visibility:...
