Reading the FBI IC3’s ‘2020 Internet Crime Report’
The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report, which includes data from 791,790 complaints...
hacking
Prime Minister Boris Johnson wants to enhance UK cyber capabilities
Prime Minister Boris Johnson declared that Britain needs to boost its cyber capability to conduct cyber attacks on foreign hostile...
Data Breaches Tracker monitor unsecured ElasticSearch servers online
Cybersecurity research at WizCase, an online security and privacy portal, built a tool to track accessible ElasticSearch servers on the internet. ...
Turbo-Intruder – A Burp Suite Extension For Sending Large Numbers Of HTTP Requests And Analyzing The Results
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results. It's intended...
Lazy-RDP – Script For AutomRDPatic Scanning And Brute-Force
Script For AutomRDPatic Scanning And Brute-Force.Demo Video: Lazy-RDP over SSH: Script for automatic scanning of the address list for the...
New ZHtrap botnet uses honeypot to find more victims
Netlab 360 experts discovered a new Mirai-based botnet dubbed ZHtrap that implements honeypot to find more victims. Researchers from Netlab...
FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK
The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the...
SolarWinds hackers stole some of Mimecast source code
Cybersecurity firm Mimecast confirmed that SolarWinds hackers who breached its network stole some of its source code. Back in December,...
New Mirai variant appears in the threat landscape
Palo Alto researchers uncovered a series of ongoing attacks to spread a variant of the infamous Mirai bot exploiting multiple...
Magecart hackers hide captured credit card data in JPG file
Crooks devised a new method to hide credit card data siphoned from compromised e-stores, experts observed hackers hiding data in...
SnitchDNS – Database Driven DNS Server With A Web UI
SnitchDNS is a database driven DNS Server with a Web UI, written in Python and Twisted, that makes DNS administration...
Genisys – Powerful Telegram Members Scraping And Adding Toolkit
Powerful Telegram Members Scraping and Adding Toolkit FeaturesADDS IN BULK Scrapes and adds to public groups Works in Windows systems...
Rapid7 Announces Release of New tCell Amazon CloudFront Agent
Cloud-native approaches to building, hosting, and delivering web applications are growing rapidly. Content delivery networks (CDNs) such as Amazon CloudFront...
Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues
Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. On March...
Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?
Microsoft is reportedly investigating whether the recent attacks against Microsoft Exchange servers could be linked to information leaked by a...
US DoJ indicted the CEO of Sky Global encrypted chat platform
The CEO of the encrypted communications firm Sky Global has been indicted in the US on charges of facilitating international...
Confused – Tool To Check For Dependency Confusion Vulnerabilities In Multiple Package Management Systems
A tool for checking for lingering free namespaces for private package names referenced in dependency configuration for Python (pypi) requirements.txt,...
DLLHSC – DLL Hijack SCanner A Tool To Assist With The Discovery Of Suitable Candidates For DLL Hijacking
DLL Hijack SCanner - A tool to generate leads and automate the discovery of candidates for DLL Search Order HijackingContents...
ProxyLogon Microsoft Exchange exploit is completely out of the bag by now
A security researcher released a new PoC exploit for ProxyLogon issues that could be adapted to install web shells on...
NCSC is not aware of ransomware attacks compromising UK orgs through Microsoft Exchange bugs
The UK’s National Cyber Security Centre (NCSC) urges UK organizations to install the patches for the recently disclosed vulnerabilities in...
Google fixes the third actively exploited Chrome 0-Day since January
Google has addressed a new zero-day flaw in its Chrome browser that has been actively exploited in the wild, the...
Experts found 15 flaws in Netgear JGS516PE switch, including a critical RCE
Netgear has released security and firmware updates for its JGS516PE Ethernet switch to address 15 vulnerabilities, including a critica remote...
Security Affairs newsletter Round 305
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Google releases Spectre PoC code exploit for Chrome browser
Google released proof-of-concept code to conduct Spectre attacks against its Chrome browser to share knowledge of browser-based side-channel attacks. Google...
