Tens of Jenkins plugins are affected by zero-day vulnerabilities
Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet...
Jenkins security team disclosed tens of flaws affecting 29 plugins for the Jenkins automation server, most of them are yet...
Microsoft announced that the Windows worm Raspberry Robin has already infected the networks of hundreds of organizations. Raspberry Robin is...
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Google Project Zero states that in H1 2022 at least half of zero-day issues exploited in attacks were related to...
A Python 3.5+ tool that uses asyncio to brute force domain names asynchronously. Speed It's fast. Benchmarks on small VPS...
For more information please read our papers. Wei Wang's Google Scholar Homepage Wei Wang, Xuewen Zeng, Xiaozhou Ye, Yiqiang Sheng...
This is a transcription of an interview I had at Iran International broadcaster, I discussed about the role of social...
Researchers shared technical details and proof-of-concept exploit code for the CVE-2022-28219 flaw in Zoho ManageEngine ADAudit Plus tool. Security researchers...
This suite of scripts contains two different scripts that can be used to acquire the Microsoft 365 Unified Audit Log...
A cyber attack forced the American publishing giant Macmillan to shut down its IT systems. The publishing giant Macmillan has...
Usage .___.__ .__ __ __ __| _/| | |__| ____ |__| ____ _____/ |_ ______ ___.__. / __ | |...
Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers...
Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign....
Enumrate AWS services! with no nosies awsEnum is a python script enumrate AWS services through the provided credential. ▄▄▄▄▄▄ ▄...
Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s...
Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions....
North Korea-linked Lazarus APT group is suspected to be behind the recent hack of the Harmony Horizon Bridge. Recently, threat...
A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. A former...
SharpWSUS is a CSharp tool for lateral movement through WSUS. There is a corresponding blog (https://labs.nettitude.com/blog/introducing-sharpwsus/) which has more detailed...
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new...
Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration...
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers....
A modular command-line tool to parse, create and manipulate JSON Web Token(JWT) tokens for security testing purposes. Features Complete modularity....
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top...