OpIran: Anonymous declares war on Teheran amid Mahsa Amini’s death
OpIran: Anonymous launched Operation Iran against Teheran due to the ongoing crackdown on dissent after Mahsa Amini’s death. Anonymous launched...
hacking
PSAsyncShell – PowerShell Asynchronous TCP Reverse Shell
PSAsyncShell is an Asynchronous TCP Reverse Shell written in pure PowerShell.Unlike other reverse shells, all the communication and execution flow...
Security Affairs newsletter Round 385
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
ISC fixed high-severity flaws in the BIND DNS software
The Internet Systems Consortium (ISC) fixed six remotely exploitable vulnerabilities in the BIND DNS software. The Internet Systems Consortium (ISC)...
Ukraine: SSU dismantled cyber gang that stole 30 million accounts
The cyber department of Ukraine ‘s Security Service (SSU) dismantled a gang that stole accounts of about 30 million individuals....
London Police arrested a teen suspected to be behind Uber, Rockstar Games breaches
The City of London Police this week announced the arrest of a 17-year-old teenager on suspicion of hacking. Is he...
Pax – CLI Tool For PKCS7 Padding Oracle Attacks
Exploit padding oracles for fun and profit!Pax (PAdding oracle eXploiter) is a tool for exploiting padding oracles in order to:Obtain...
Sophos warns of a new actively exploited flaw in Firewall product
Sophos warns that a critical code injection security vulnerability in its Firewall product is actively exploited in the wild. Sophos...
Anonymous claims to have hacked the website of the Russian Ministry of Defense
The popular collective Anonymous claims to have hacked the website of the Russian Ministry of Defense and leaked data of...
CISA adds Zoho ManageEngine flaw to its Known Exploited Vulnerabilities Catalog
CISA added a security flaw in Zoho ManageEngine, tracked as CVE-2022-35405, to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and...
Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw
Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers...
SCodeScanner – Stands For Source Code Scanner Where The User Can Scans The Source Code For Finding The Critical Vulnerabilities
SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities. The...
Australian Telecoms company Optus discloses security breach
Australian telecoms company Optus disclosed a data breach, threat actors gained access to former and current customers. Optus, one of...
AttachMe: a critical flaw affects Oracle Cloud Infrastructure (OCI)
A critical vulnerability in Oracle Cloud Infrastructure (OCI) could be exploited to access the virtual disks of other Oracle customers....
A 15-Year-Old Unpatched Python bug potentially impacts over 350,000 projects
More than 350,000 open source projects can be potentially affected by a 15-Year-Old unpatched Python vulnerability More than 350,000 open...
Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign
Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn...
OSRipper – AV Evading OSX Backdoor And Crypter Framework
OSripper is a fully undetectable Backdoor generator and Crypter which specialises in OSX M1 malware. It will also work on...
A disgruntled developer is the alleged source of the leak of the Lockbit 3.0 builder
A disgruntled developer seems to be responsible for the leak of the builder for the latest encryptor of the LockBit...
Over 39K unauthenticated Redis services on the internet targeted in cryptocurrency campaign
Threat actors targeted tens thousands of unauthenticated Redis servers exposed on the internet as part of a cryptocurrency campaign. Redis,...
Hackers stole $160 Million from Crypto market maker Wintermute
Threat actors have stolen around $160 million worth of digital assets worth from crypto trading firm Wintermute. Malicious actors continue to...
U.S. gov adds more Chinese Telecom firms to the Covered List
The U.S. Federal Communications Commission (FCC) has added more Chinese telecom firms to the Covered List. The U.S. Federal Communications...
Imperva blocked a record DDoS attack with 25.3 billion requests
Cybersecurity company Imperva announced to have mitigated a distributed denial-of-service (DDoS) attack with a total of over 25.3 billion requests....
Russian Sandworm APT impersonates Ukrainian telcos to deliver malware
Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm...
Uber believes that the LAPSUS$ gang is behind the recent attack
Uber disclosed additional details about the security breach, the company blames a threat actor allegedly affiliated with the LAPSUS$ hacking...
