6 out of 11 EU agencies running Solarwinds Orion software were hacked
SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for...
hacking
Critical RCE can allow attackers to compromise Juniper Networks devices
Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable...
IRTriage – Incident Response Triage – Windows Evidence Collection For Forensic Analysis
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions...
PentestBro – Combines Subdomain Scans, Whois, Port Scanning, Banner Grabbing And Web Enumeration Into One Tool
Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses...
Russia-linked APT SVR actively targets these 5 flaws
The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The...
Mirai code re-use in Gafgyt
Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code. ...
Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript...
US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack
The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence...
Defeat-Defender – Powerful Batch Script To Dismantle Complete Windows Defender Protection And Even Bypass Tamper Protection
Powerfull Batch File To Disable Windows Defender,Firewall,Smartscreen And Execute the payloadUsage :Edit Defeat-Defender.bat on this line https://github.com/swagkarna/Defeat-Defender/blob/93823acffa270fa707970c0e0121190dbc3eae89/Defeat-Defender.bat#L72 and replace the...
Swissknife – Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag
The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual...
Cyber thieves move $760 million stolen in the 2016 Bitfinex heist
Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts....
April 2021 Security Patch Day fixes a critical flaw in SAP Commerce
April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them...
For the second time in a week, a Google Chromium zero-day released online
For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple...
WhatsApp flaws could have allowed hackers to remotely hack mobile devices
WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s...
MoveKit – Cobalt Strike Kit For Lateral Movement
Movekit is an extension of built in Cobalt Strike lateral movement by leveraging the execute_assembly function with the SharpMove and...
Adfsbrute – A Script To Test Credentials Against Active Directory Federation Services (ADFS), Allowing Password Spraying Or Bruteforce Attacks
A script to test credentials against Active Directory Federation Services (ADFS), calculating the ADFS url of an organization and allowing...
FireEye: 650 new threat groups were tracked in 2020
FireEye published its M-Trend 2021 report based on the data collected during the investigation, 650 new threat groups were tracked...
FBI silently removed web shells planted on Microsoft Exchange servers in the US
FBI log into web shells that hackers installed on Microsoft Exchange email servers across the US and removed the malicious...
Sweden blames Russia for Swedish Sports Confederation hack
The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The Swedish...
Microsoft fixes 2 critical Exchange Server flaws reported by the NSA
Microsoft patch Tuesday security updates address four high and critical vulnerabilities in Microsoft Exchange Server that were reported by the...
Adobe addresses two critical vulnerabilities in Photoshop
Adobe has addressed security vulnerabilities in Adobe Photoshop, Adobe Digital Editions, Adobe Bridge, and RoboHelp. Adobe has fixed ten security...
Traitor – Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin
Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of...
Ronin – A Ruby Platform For Vulnerability Research And Exploit Development
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of...
Experts released PoC exploit code for a critical RCE in QNAP NAS devices
The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station...
