QNAP fixes multiple flaws, including a QVR RCE vulnerability
QNAP addressed multiple vulnerabilities, including a critical remote execution flaw affecting the QVR video surveillance solution. QNAP has addressed multiple...
hacking
Anonymous and Ukraine IT Army continue to target Russian entities
The Anonymous collective and the volunteer group Ukraine IT Army continues to launch cyber attacks on Russian entities. The Anonymous...
NetDooka framework distributed via a pay-per-install (PPI) malware service
Researchers discovered a sophisticated malware framework, dubbed NetDooka, distributed via a pay-per-install (PPI) malware service known as PrivateLoader. Trend Micro...
PEzor-Docker – With The Help Of This Docker Image, You Can Easily Access PEzor On Your System!
With the help of this References https://hub.docker.com/r/4d0niis/pezor_included_kali https://github.com/phra/PEzor https://hub.docker.com/r/kalilinux/kali-rolling Download PEzor-Docker If you like the site, please consider joining the...
Vulnerable Docker Installations Are A Playhouse for Malware Attacks
Uptycs researchers identified ongoing malicious campaigns through our Docker honeypot targeting exposed Docker API. The Uptycs Threat Research team has...
Ukraine IT Army hit EGAIS portal impacting Russia’s alcohol distribution
Ukraine IT Army launched massive DDoS attacks on the EGAIS portal that has a crucial role in Russia’s alcohol distribution....
Malicious-Pdf – Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality
Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration...
Google addresses actively exploited Android flaw in the kernel
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw....
Cisco addresses three bugs in Enterprise NFVIS Software
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco...
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne...
Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations
Why graphql-threat-matrix? graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple...
F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
Cliam – Multi Cloud IAM Permissions Enumeration Tool
Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP Azure Oracle Description Cliam is a simple cloud permissions identifier....
Pro-Ukraine attackers compromise Docker images to launch DDoS attacks on Russian sites
Pro-Ukraine hackers are using Docker images to launch distributed denial-of-service (DDoS) attacks against a dozen Russian and Belarusian websites. Pro-Ukraine hackers, likely linked...
Experts linked multiple ransomware strains North Korea-backed APT38 group
Researchers from Trellix linked multiple ransomware strains to the North Korea-backed APT38 group. The ransomware was employed in attacks on...
LDAPFragger – Command And Control Tool That Enables Attackers To Route Cobalt Strike Beacon Data Over LDAP
LDAPFragger is a Command and Control tool that enables attackers to route From network segment A, run LDAPFragger --cshost <Cobalt...
An expert shows how to stop popular ransomware samples via DLL hijacking
A security researcher discovered that samples of Conti, REvil, LockBit ransomware were vulnerable to DLL hijacking. The security researcher John...
China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG)...
LeakedHandlesFinder – Leaked Windows Processes Handles Identification Tool
Leaked Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download LeakedHandlesFinder If you like the site,...
A DNS flaw impacts a library used by millions of IoT devices
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and FirmWire...
China-linked Moshen Dragon abuses security software to sideload malware
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A...
UNC3524 APT uses IP cameras to deploy backdoors and target Exchange
A new APT group, tracked as UNC3524, uses IP cameras to deploy backdoors and steal Microsoft Exchange emails. Mandiant researchers...
