Alleged China-linked APT41 group targets Indian critical infrastructures
Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded...
hacking
Distributor of Asian food JFC International hit by Ransomware
JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC...
Gootkit delivery platform Gootloader used to deliver additional payloads
The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts...
Halogen – Automatically Create YARA Rules From Malicious Documents
Halogen is a tool to automate the creation of yara rules against image files embedded within a malicious document.Halogen helppython3...
StandIn – A Small .NET35/45 AD Post-Exploitation Toolkit
StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution...
How to Achieve and Maintain Continuous Cloud Compliance
This blog is part of an ongoing series sharing key takeaways from Rapid7’s 2020 Cloud Security Executive Summit. Interested in...
Intern caused ‘solarwinds123’ password leak, former SolarWinds CEO says
Top executives of the software firm SolarWinds blamed an intern for having used a weak password for several years, exposing...
ByteDance agreed to pay $92M in US privacy Settlement for TikTok data collection
ByteDance, the company behind TikTok, agreed to pay $92 million in a settlement to U.S. users for illegal data collection....
NSA embraces the Zero Trust Security Model
The National Security Agency (NSA) published a document to explain the advantages of implementing a zero-trust model. The National Security...
EU leaders aim at boosting defense and security, including cybersecurity
During a video conference of the members of the European Council, EU leaders agreed on a new strategy aimed at boosting...
WdToggle – A Beacon Object File (BOF) For Cobalt Strike Which Uses Direct System Calls To Enable WDigest Credential Caching
A Proof of Concept Cobalt Strike Beacon Object File which uses direct system calls to enable WDigest credential caching and...
Gargamel – A Forensic Evidence Acquirer
A Forensic Evidence AcquirerCompileAssuming you have Rust 1.41+ installed. Open terminal in the project directory and to compile a release...
New Zealand-based cryptocurrency exchange Cryptopia hacked again
The New Zealand-based cryptocurrency exchange Cryptopia suffered a new cyber heist while it is in liquidation due to a 2019...
Security Affairs newsletter Round 303
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Experts found a critical authentication bypass flaw in Rockwell Automation software
A critical authentication bypass vulnerability could be exploited by remote attackers to Rockwell Automation programmable logic controllers (PLCs). A critical...
Hotarus Corp gang hacked Ecuador’s Ministry of Finance and Banco Pichincha
‘Hotarus Corp’ Ransomware operators hacked Ecuador’s largest private bank, Banco Pichincha, and the country’s Ministry of Finance. A cybercrime group...
Pillager – Filesystems For Sensitive Information With Go
Pillager is designed to provide a simple means of leveraging Go's strong concurrency model to recursively search directories for sensitive...
Gatekeeper – First Open-Source DDoS Protection System
Gatekeeper is the first open source DoS protection system. It is designed to scale to any peak bandwidth, so it...
T-Mobile customers were hit with SIM swapping attacks
The telecommunications giant T-Mobile disclosed a data breach after some of its customers were apparently affected by SIM swap attacks....
New Ryuk ransomware implements self-spreading capabilities
French experts spotted a new Ryuk ransomware variant that implements self-spreading capabilities to infect other devices on victims’ local networks....
Microsoft releases open-source CodeQL queries to assess Solorigate compromise
Microsoft announced the release of open-source CodeQL queries that it experts used during its investigation into the SolarWinds supply-chain attack...
CornerShot – Amplify Network Visibility From Multiple POV Of Other Hosts
In warfare, CornerShot is a weapon that allows a soldier to look past a corner (and possibly take a shot),...
OpenWifiPass – An Open Source Implementation Of Apple’s Wi-Fi Password Sharing Protocol In Python
An open source implementation of the grantor role in Apple's Wi-Fi Password Sharing protocol. DisclaimerOpenWifiPass is experimental software and is...
Data Breach: Turkish legal advising company exposed over 15,000 clients
Data Breach: WizCase team uncovered a massive data leak containing private information about Turkish Citizens through a misconfigured Amazon S3 bucket....
