QNAP urges users to take action to protect devices against Brute-Force attacks
Taiwanese manufacturer QNAP published an alert urging its customers to secure their devices after a growing number of users reported...
hacking
Security Affairs newsletter Round 307
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
US Gov Executive Order would oblige to disclose security breach impacting gov users
According to a proposed executive order of the Biden administration, software vendors would have to disclose breaches to U.S. government...
Clop Ransomware gang now contacts victims’ customers to force victims into pay a ransom
Clop ransomware operators now email victim’s customers and ask them to demand a ransom payment to protect their privacy to...
Experts spotted a new advanced Android spyware posing as “System Update”
Researchers spotted a sophisticated Android spyware that implements exfiltration capabilities and surveillance features, including recording audio and phone calls. Experts...
Search-That-Hash – Searches Hash APIs To Crack Your Hash Quickly, If Hash Is Not Found Automatically Pipes Into HashCat
The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash?...
Obfuscation_Detection – Collection Of Scripts To Pinpoint Obfuscated Code
Automatically detect control-flow flattening and other state machines Author: Tim BlazytkoDescription:Scripts and binaries to automatically detect control-flow flattening and other state...
Apple released out-of-band updates for a new Zero‑Day actively exploited
Apple has released new out-of-band updates for iOS, iPadOS, macOS and watchOS to address another zero‑day flaw, tracked CVE-2021-1879, actively...
German Parliament Bundestag targeted again by Russia-linked hackers
Several members of the German Parliament (Bundestag) and other members of the state parliament were hit by a targeted attack...
Hades ransomware gang targets big organizations in the US
Accenture security researchers published an analysis of the latest Hades campaign, which is ongoing since at least December 2020. Accenture’s Cyber Investigation &...
cve_manager_VS – A Collection Of Python Apps And Shell Scripts To Email An Xlsx Spreadsheet Of New Vulnerabilities In The NIST CVE Database And Their Associated Products On A Daily Schedule
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE...
Retoolkit – Reverse Engineer’s Toolkit
This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on...
Solarwinds Orion Platform updates fix two remote code execution issues
Solarwinds released security updates that address multiple vulnerabilities, including two flaws that be exploited by attackers for remote code execution....
FBI published a flash alert on Mamba Ransomware attacks
The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open...
OpenSSL Project released 1.1.1k version to fix two High-severity flaws
The OpenSSL Project addresses two high-severity vulnerabilities, including one related to verifying a certificate chain and one that can trigger...
62,000 Microsoft Exchange Servers potentially left unpatched, weeks after software bugs were first uncovered
The CyberNews investigation team found 62,174 potentially vulnerable unpatched Microsoft Exchange Servers. A number of entities in the US and...
Facebook took action against China-linked APT targeting Uyghur activists
Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living...
Smogcloud – Find Cloud Assets That No One Wants Exposed
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to...
Gitrecon – OSINT Tool To Get Information From A Github Profile And Find GitHub User’S Email Addresses Leaked On Commits
OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits.How does this...
Attack vs. Data: What You Need to Know About Threat Hunting
Mitigate threats by going on the offensiveWhile the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of...
The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web
Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web....
30 million Americans affected by the Astoria Company data breach
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data...
Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue
Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and...
OSCP-Exam-Report-Template-Markdown – Markdown Templates For Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam Report
I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer...
