0Patch released unofficial security patch for new DogWalk Windows zero-day
0patch researchers released an unofficial security patch for a Windows zero-day vulnerability dubbed DogWalk. 0patch released an unofficial security patch...
hacking
AutoPWN Suite – Project For Scanning Vulnerabilities And Exploiting Systems Automatically
AutoPWN Suite is a project for scanning Installation You can install it using pip. (sudo recommended) sudo pip install autopwn-suite...
US dismantled and seized SSNDOB cybercrime marketplace
An international operation led by the US authorities dismantled and seized the infrastructure of the online marketplace SSNDOB. US DoJ announced...
Socialhunter – Crawls The Website And Finds Broken Social Media Links That Can Be Hijacked
Installation From Binary You can download the pre-built binaries from the releases page and run. For example: wget https://github.com/utkusen/socialhunter/releases/download/v0.1.1/socialhunter_0.1.1_Linux_amd64.tar.gz tar...
China-linked threat actors have breached telcos and network service providers
China-linked threat actors have breached telecommunications companies and network service providers to spy on the traffic and steal data. US...
Black Basta ransomware now supports encrypting VMware ESXi servers
Black Basta ransomware gang implemented a new feature to encrypt VMware ESXi virtual machines (VMs) running on Linux servers. The...
Nipe – An Engine To Make Tor Network Your Default Gateway
The Tor project allows users to surf the Internet, chat and send instant messages anonymously through its own mechanism. It...
Evil Corp gang starts using LockBit Ransomware to evade sanctions
Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. Mandiant researchers have investigated multiple LOCKBIT ransomware attacks...
Sentinel-Attack – Tools To Rapidly Deploy A Threat Hunting Capability On Azure Sentinel That Leverages Sysmon And MITRE ATT&CK
Sentinel ATT&CK aims to simplify the rapid deployment of a threat hunting capability that leverages Sysmon and MITRE ATT&CK on...
Black Basta ransomware operators leverage QBot for lateral movements
The QBot malware operation has partnered with Black Basta ransomware group to target organizations worldwide. Researchers from NCC Group spotted...
Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant
LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Today the...
Lockc – Making Containers More Secure With eBPF And Linux Security Modules (LSM)
lockc is open source sofware for providing MAC (Mandatory Access Control) type of security audit for container workloads. The main...
Microsoft seized 41 domains used by Iran-linked Bohrium APT
Microsoft’s Digital Crimes Unit (DCU) announced the seizure of domains used by Iran-linked APT Bohrium in spear-phishing campaigns. Microsoft’s Digital Crimes...
Another nation-state actor exploits Microsoft Follina to attack European and US entities
A nation-state actor is attempting to exploit the Follina flaw in a recent wave of attacks against government entities in...
AWS-Threat-Simulation-and-Detection – Playing Around With Stratus Red Team (Cloud Attack Simulation Tool) And SumoLogic
This repository is a documentation of my adventures with Attack Description Link aws.credential-access.ec2-get-password-data Retrieve EC2 Password Data Link aws.credential-access.ec2-steal-instance-credentials Steal...
Red TIM Research discovers a Command Injection with a 9,8 score on Resi
During the bug hunting activity, Red Team Research (RTR) detected 2 zero-day bugs on GEMINI-NET, a RESI Informatica solution. It’s...
Exclusive: Pro-Russia group ‘Cyber Spetsnaz’ is attacking government agencies
Resecurity, Inc. (USA) has identified an increase in activity within hacktivist groups conducted by a new group called “Cyber Spetsnaz”....
Puwr – SSH Pivoting Script For Expanding Attack Surfaces On Local Networks
Easily expand your attack surface on a local network by discovering more hosts, via SSH. Using a machine running a...
PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online
Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for...
Security Affairs newsletter Round 368 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
Hackers stole over $250,000 in Ethereum from Bored Ape Yacht Club
Hackers have stolen over $250,000 in Ethereum from Bored Ape Yacht Club (BAYC), this is the third security breach it...
AzureRT – A Powershell Module Implementing Various Azure Red Team Tactics
Powershell module implementing various cmdlets to interact with Azure and Azure AD from an offensive perspective. Helpful utilities dealing with...
Atlassian rolled out fixes for Confluence zero-day actively exploited in the wild
Atlassian has addressed on Friday an actively exploited critical remote code execution flaw (CVE-2022-26134) in Confluence Server and Data Center...
COM-Hunter – COM Hijacking VOODOO
.NET Framework 4.8 Usage Usage: .COM-Hunter.exe <mode> <options>-> General Options: -h, --help Shows help and exits. -v, --version Shows current...
