CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog
US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The Cybersecurity & Infrastructure...
hacking
Tornado – Anonymously Reverse Shell Over Tor Network Using Hidden Services Without Portforwarding
anonymously reverse shell over onion network using If you are having any operating system compatiblity issue, let me know. I...
Reposaur – The Open Source Compliance Tool For Development Platforms
Reposaur is the open source compliance tool for development platforms. Audit, verify and report on your data and configurations easily...
Trend Micro addressed a flaw exploited by China-linked Moshen Dragon APT
Trend Micro addressed a DLL hijacking issue in Trend Micro Security actively exploited by a China-linked threat group to deploy...
Microsoft warns of new highly evasive web skimming campaigns
Threat actors behind web skimming campaigns are using malicious JavaScript to mimic Google Analytics and Meta Pixel scripts to avoid...
Nation-state malware could become a commodity on dark web soon, Interpol warns
Interpol Secretary warns that nation-state malware will become available on the cybercrime underground in a couple of years. Interpol Secretary...
Russia-linked Turla APT targets Austria, Estonia, and NATO platform
Russia-linked APT group Turla was observed targeting the Austrian Economic Chamber, a NATO eLearning platform, and the Baltic Defense College....
Frelatage – The Python Fuzzer That The World Deserves
pip3 install frelatageCurrent release : Frelatage is a coverage-based Python fuzzing library which can be used to fuzz python code....
Russia-linked Fronton botnet could run disinformation campaigns
Researchers warn that the Fronton botnet was used by Russia-linked threat actors for coordinated disinformation campaigns. Fronton is a distributed...
A flaw in PayPal can allow attackers to steal money from users’ account
A security researcher announced the discovery of an unpatched flaw in PayPal that could allow attackers to steal money from...
Findwall – Check If Your Provider Is Blocking You!
FindWall is Python script that allows to understand if your network provider is limiting your access to the Internet by...
Cytrox’s Predator spyware used zero-day exploits in 3 campaigns
Google’s Threat Analysis Group (TAG) uncovered campaigns targeting Android users with five zero-day vulnerabilities. Google’s Threat Analysis Group (TAG) researchers...
Threat actors target the infoSec community with fake PoC exploits
Researchers uncovered a malware campaign targeting the infoSec community with fake Proof Of Concept to deliver a Cobalt Strike beacon....
RedTeam-Physical-Tools – Red Team Toolkit – A Curated List Of Tools That Are Commonly Used In The Field For Physical Security, Red Teaming, And Tactical Covert Entry
Commonly used tools for Red Teaming Engagements, Physical Security Assessments, and Tactical Covert Entry. In this list I decided to...
Security Affairs newsletter Round 366 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
North Korea-linked Lazarus APT uses Log4J to target VMware servers
North Korea-linked Lazarus APT is exploiting the Log4J remote code execution (RCE) in attacks aimed at VMware Horizon servers. North...
Fb_Friend_List_Scraper – OSINT Tool To Scrape Names And Usernames From Large Friend Lists On Facebook, Without Being Rate Limited
OSINT tool to scrape names and usernames from large friend lists on Facebook, without being rate limited. Getting started: Install...
The Pwn2Own Vancouver 2022: Trend Micro and ZDI awarded $1,155,000
The Pwn2Own Vancouver 2022 hacking contest ended, Trend Micro and ZDI awarded a total of $1,155,000 for successful attempts! During...
Zphisher-GUI-Back_office – A Zphisher GUI Back-Office Plugin
DISCLAIMER This toolkit contains materials that can be potentially damaging or dangerous for social media. Refer to the laws in...
Asian media company Nikkei suffered a ransomware attack
The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The...
Russia-linked Sandworm continues to conduct attacks against Ukraine
Security researchers from ESET reported that the Russia-linked APT group Sandworm continues to target Ukraine. Security experts from ESET reported...
Tetanus – Mythic C2 Agent Targeting Linux And Windows Hosts Written In Rust
Tetanus is a Windows and Linux C2 agent written in rust. Installation To install Tetanus, you will need Mythic set...
Cisco fixes an IOS XR flaw actively exploited in the wild
Cisco addressed a medium-severity vulnerability affecting IOS XR Software, the company warns that the flaw is actively exploited in the...
QNAP warns of a new wave of DeadBolt ransomware attacks against its NAS devices
Taiwanese vendor QNAP warned customers of a new wave of DeadBolt ransomware attacks and urges them to install the latest...
