An attacker was able to siphon audio feeds from multiple Clubhouse rooms
An attacker demonstrated this week that Clubhouse chats are not secure, he was able to siphon audio feeds from “multiple...
hacking
Researchers uncovered a new Malware Builder dubbed APOMacroSploit
Researchers spotted a new Office malware builder, tracked as APOMacroSploit, that was employed in a campaign targeting more than 80...
Experts warn of threat actors abusing Google Alerts to deliver unwanted programs
Experts warn of threat actors using Google Alerts to promote a fake Adobe Flash Player updater that delivers unwanted programs....
Bug bounty hacker earned $5,000 reporting a Stored XSS flaw in iCloud.com
A white hat hacker has earned a $5,000 reward from Apple for reporting a stored cross-site scripting (XSS) vulnerability on...
Perfusion – Exploit For The RpcEptMapper Registry Key Permissions Vulnerability (Windows 7 / 2088R2 / 8 / 2012)
On Windows 7, Windows Server 2008R2, Windows 8, and Windows Server 2012, the registry key of the RpcEptMapper and DnsCache...
PE-Packer – A Simple Windows X86 PE File Packer Written In C And Microsoft Assembly
PE-Packer is a simple packer for Windows PE files. The new PE file after packing can obstruct the process of...
FBI warns of the consequences of telephony denial-of-service (TDoS) attacks
The Federal Bureau of Investigation (FBI) has issued a warning about the risks of telephony denial-of-service (TDoS) attacks on call centers....
Security Affairs newsletter Round 302
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
The US Government is going to respond to the SolarWinds hack very soon
The US is going to respond to the SolarWinds supply chain attack within weeks, national security adviser Jake Sullivan told...
Sequoia Capital Venture Capital firm discloses a data breach
Sequoia Capital, one of the most prominent venture capital firms, told its investors that an unauthorized third party had access to...
SSB – A Faster And Simpler Way To Bruteforce SSH Server
Secure Shell Bruteforcer — A faster & simpler way to bruteforce SSH server.Installationfrom BinaryDownload a pre-built binary from releases page,...
DirDar – A Tool That Searches For (403-Forbidden) Directories To Break It And Get Dir Listing On It
bypass forbidden directories - find and identify dir listing - you can use it as directory brute-forcer as well CompatabilyThis...
SonicWall releases second firmware updates for SMA 100 vulnerability
Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has...
Silver Sparrow, a new malware infects Mac systems using Apple M1 chip
Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across...
Privacy bug in the Brave browser exposes Tor addresses to user’s DNS provider
A privacy bug in the Brave Browser caused the leak of the Tor onion URL addresses visited in the Tor...
New Masslogger Trojan variant exfiltrates user credentials
MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger...
SSRFuzz – A Tool To Find Server Side Request Forgery Vulnerabilities, With CRLF Chaining Capabilities
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?I wanted to write a...
Galer – A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In
A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to...
Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning
Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are...
Hackers steal credit card data abusing Google’s Apps Script
Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development...
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA
RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for...
SolarWinds hackers had access to components used by Azure, Intune, and Exchange
Microsoft announced that SolarWinds hackers could have had access to repositories containing some components used by Azure, Intune, and Exchange....
WatchDog botnet targets Windows and Linux servers in cryptomining campaign
PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency....
WireBug – A Toolset For Voice-over-IP Penetration Testing
WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to...
