Experts investigate WhatsApp data leak: 500M user records for sale
Cybernews investigated a data sample available for sale containing up-to-date mobile phone numbers of nearly 500 million WhatsApp users. Original...
hacking
SharpSCCM – A C# Utility For Interacting With SCCM
SharpSCCM is a post-exploitation tool designed to leverage Microsoft Endpoint Configuration Manager (a.k.a. ConfigMgr, formerly SCCM) for lateral movement and...
An international police operation dismantled the spoofing service iSpoof
An international law enforcement operation has dismantled an online phone number spoofing service called iSpoof. An international law enforcement operation that...
UK urges to disconnect Chinese security cameras in government buildings
The British government banned the installation of Chinese-linked security cameras at sensitive facilities due to security risks. Reuters reports that...
RansomExx Ransomware upgrades to Rust programming language
RansomExx ransomware is the last ransomware in order of time to have a version totally written in the Rust programming...
Octopii – An AI-powered Personal Identifiable Information (PII) Scanner
Octopii is an open-source AI-powered Personal Identifiable Information (PII) scanner that can look for image assets such as Government IDs,...
An aggressive malware campaign targets US-based companies with Qakbot to deliver Black Basta Ransomware
Researchers warn of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. Experts...
Threat actors exploit discontinues Boa web servers to target critical infrastructure
Microsoft reported that hackers have exploited flaws in a now-discontinued web server called Boa in attacks against critical industries. Microsoft experts...
Pro-Russian group Killnet claims responsibility for DDoS attack that has taken down the European Parliament site
Pro-Russian hacker collective Killnet took down the European Parliament website with a DDoS cyberattack. The Pro-Russia group of hacktivists Killnet...
Ducktail information stealer continues to evolve
The operators behind the Ducktail information stealer continue to improve their malicious code, operators experts warn. In late July 2022,...
Experts claim that iPhone’s analytics data is not anonymous
Researchers discovered that analytics data associated with iPhone include Directory Services Identifier (DSID) that could allow identifying users. Researchers at...
Scrcpy – Display And Control Your Android Device
pronounced "screen copy"Read in another languageThis application provides display and control of Android devices connected via USB or over TCP/IP....
Microsoft releases out-of-band update to fix Kerberos auth issues caused by a patch for CVE-2022-37966
Microsoft released an out-of-band update to fix problems tied to a recent Windows security patch that caused Kerberos authentication issues....
Exclusive – Quantum Locker lands in the Cloud
The gang behind Quantum Locker used a particular modus operandi to target large enterprises relying on cloud services in the...
5 API Vulnerabilities That Get Exploited by Criminals
Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application...
Researcher warns that Cisco Secure Email Gateways can easily be circumvented
A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using...
Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem
Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer...
Stegowiper – A Powerful And Flexible Tool To Apply Active Attacks For Disrupting Stegomalware
Over the last 10 years, many threat groups have employed stegomalware or other steganography-based techniques to attack organizations from all...
Two Estonian citizens arrested in $575M cryptocurrency fraud scheme
Two Estonian citizens were arrested in Tallinn for allegedly running a $575 million cryptocurrency fraud scheme. Two Estonian nationals were...
Emotet is back and delivers payloads like IcedID and Bumblebee
The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint...
Expert published PoC exploit code for macOS sandbox escape flaw
A researcher published details and proof-of-concept (PoC) code for High-Severity macOS Sandbox escape vulnerability tracked as CVE-2022-26696. Researcher Wojciech Reguła...
Google won a lawsuit against the Glupteba botnet operators
Google won a lawsuit filed against two Russian nationals involved in the operations of the Glupteba botnet. This week, Google...
Sandbox_Scryer – Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output
The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The...
Google provides rules to detect tens of cracked versions of Cobalt Strike
Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike...
