Cloudflare blocked a 2.5 Tbps DDoS attack aimed at the Minecraft server
Cloudflare mitigated a record distributed denial-of-service (DDoS) attack against Wynncraft, one of the largest Minecraft servers. Cloudflare announced it has...
hacking
The discovery of Alchimist C2 tool, revealed a new attack framework to target Windows, macOS, and Linux systems
Experts discovered a new attack framework, including a C2 tool dubbed Alchimist, used in attacks against Windows, macOS, and Linux...
FUD-UUID-Shellcode – Another shellcode injection technique using C++ that attempts to bypass Windows Defender using XOR encryption sorcery and UUID strings madness
Introduction Another shellcode Static Analysis AV Scan results The binary was scanned using Credits https://research.nccgroup.com/2021/01/23/rift-analysing-a-lazarus-shellcode-execution-method/ Download FUD-UUID-Shellcode If you like...
POLONIUM APT targets Israel with a new custom backdoor dubbed PapaCreep
An APT group tracked as Polonium employed custom backdoors in attacks aimed at Israelian entities since at least September 2021....
YoWhatsApp, unofficial WhatsApp Android app spreads the Triada Trojan
Kaspersky researchers warn of a recently discovered malicious version of a popular WhatsApp messenger mod dubbed YoWhatsApp. Kaspersky researchers discovered...
Why Most Red Teams are Really Pentesters
Something that we have seen increasingly often on Twitter recently is people ostensibly posting about “Red Teams” and how if...
Aruba fixes critical vulnerabilities in EdgeConnect Enterprise Orchestrator
Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect Enterprise Orchestrator. Aruba addressed multiple critical severity vulnerabilities in the EdgeConnect...
Microsoft Patch Tuesday for October 2022 doesn’t fix Exchange Server flaws
Microsoft Patch Tuesday security updates for October 2022 addressed a total of 85 security vulnerabilities, including an actively exploited zero-day. Microsoft...
SteaLinG – Open-Source Penetration Testing Framework Designed For Social Engineering
The SteaLinG is an open-source penetration testing framework designed for social engineering After the hack, you can upload it to...
VMware has yet to fix CVE-2021-22048 flaw in vCenter Server disclosed one year ago
VMware has yet to address the CVE-2021-22048 privilege escalation vulnerability in vCenter Server disclosed in November 2021. VMware warns customers...
LockBit affiliates compromise Microsoft Exchange servers to deploy ransomware
Lockbit ransomware affiliates are compromising Microsoft Exchange servers to deploy their ransomware, experts warn. South-Korean cybersecurity firm AhnLab reported that...
Caffeine, a new Phishing-as-a-Service toolkit available in the underground
Researchers warn of a new phishing-as-a-service (PhaaS) toolkit, called Caffeine, which is being used by cybercriminals. In March 2022, Mandiant researchers...
Monkey365 – Tool For Security Consultants To Easily Conduct Not Only Microsoft 365, But Also Azure Subscriptions And Azure Active Directory Security Configuration Reviews
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also...
Experts analyzed the evolution of the Emotet supply chain
Threat actors behind the Emotet bot are continually improving their tactics, techniques, and procedures to avoid detection. VMware researchers have...
DeepFakes Are The Cybercriminal Economy’s Latest Business Line
California-based Resecurity has identified a new spike of underground services enabling bad actors to generate deepfakes. According to cybersecurity experts,...
Toyota discloses accidental leak of some customers’ personal information
Toyota Motor Corporation discloses data leak, customers’ personal information may have been exposed after an access key was exposed on...
CVE-2022-40684 flaw in Fortinet products is being exploited in the wild
Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Last week,...
Pro-Russia group KillNet targets US airports
The pro-Russia hacktivist group ‘KillNet’ is behind massive DDoS attacks that hit websites of several major airports in the US....
The head of the Federal Cyber Security Authority (BSI) faces dismissal
The German Interior Minister wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to...
HSTP – Simple Hyper Service Transfer Protocol On Networks
The protocol aims to develop a application layer abstraction for the Hyper Service Transfer Protocol. HSTP is a recursion as...
Dark web carding site BidenCash gives 1.2M payment cards for free
BidenCash, a popular dark web carding site, released a dump of more than 1.2 million credit cards to promote its...
Harvard Business Publishing licensee hit by ransomware
Threat actors got to a database with over 152,000 customer records before its owner, the Turkish branch of Harvard Business...
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Everest ransomware operators claimed to have hacked South Africa state-owned company ESKOM Hld SOC Ltd. In March 2022, the Everest...
Security Affairs newsletter Round 387
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
