Capital One discovered more customers’ SSNs exposed in 2019 hack
More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of...
hacking
Activision warns of Call of Duty Cheat tool used to deliver RAT
The popular video game publisher Activision is warning gamers that threat actors are actively disguising a remote-access trojan (RAT) in...
Attackers are abusing GitHub infrastructure to mine cryptocurrency
The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation...
Evolution and rise of the Avaddon Ransomware-as-a-Service
The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware...
FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers
FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks...
TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product
Researchers from TIM’s Red Team Research discovered five new vulnerabilities affecting the CA eHealth Performance Manager product. Researchers from TIM’s...
Tuf – A Framework For Securing Software Update Systems
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
SecretScanner – Find Secrets And Passwords In Container Images And File Systems
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets?Secrets are any kind of...
Conti Ransomware gang demanded $40 million ransom to Broward County Public Schools
Ransomware gang demanded a $40,000,000 ransom to the Broward County Public Schools district, Florida. It is just the last attack...
Airlift Express Fixes Vulnerabilities in Its E-commerce Store
PrivacySavvy experts discovered an OTP vulnerability in Airlift Express, which could lead to account hacks and exploits by cybercriminals. A...
DHS CISA requires federal agencies to assess their Microsoft Exchange servers by April 5
The DHS CISA has issued a supplemental directive that requires all federal agencies to identify vulnerable Microsoft Exchange servers in...
Man indicted for tampering with public water system in Kansas
The United States Department of Justice (DoJ) charged a Kansas man, for accessing and tampering with a public water system....
VMware fixes authentication bypass in Carbon Black Cloud Workload appliance
VMware has addressed a critical authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. VMware has addressed a...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
DeepDotWeb admin pleads guilty to money laundering conspiracy
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the...
VMware fixed flaws in vROps that can be chained to compromise organizations
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks...
Akamai dealt with an 800Gbps ransom DDoS against a gambling company
Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked...
Ubiquiti security breach may be a catastrophe
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could...
US CISA warns of DoS flaws in Citrix Hypervisor
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to...
North Korea-linked hackers target security experts again
Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The...
Rubeus – C# Toolset For Raw Kerberos Interaction And Abuses
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project...
InveighZero – Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to...
5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter
Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter....
