Crooks steal $182 million from Beanstalk DeFi platform
Credit-based stablecoin protocol Beanstalk discloses a security breach that resulted in the loss of all of its $182 million. The...
hacking
KrbRelay – Framework For Kerberos Relaying
Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There...
Experts spotted Industrial Spy, a new stolen data marketplace
A new marketplace named Industrial Spy that focuses on the sale of stolen data appeared in the threat landscape. Malware...
Zircolite – A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in...
CISA adds VMware, Chrome flaws to its Known Exploited Vulnerabilities Catalog
US CISA adds a VMware privilege escalation flaw and a Google Chrome type confusion issue to its Known Exploited Vulnerabilities...
Apr 10 – Apr 16 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
linWinPwn – A Bash Script That Automates A Number Of Active Directory Enumeration And Vulnerability Checks
TryHackme AttacktiveDirectory Use cases For each of the cases described, the linWinPwn script performs different checks as shown below. Case...
Enemybot, a new DDoS botnet appears in the threat landscape
Enemybot is a DDoS botnet that targeted several routers and web servers by exploiting known vulnerabilities. Researchers from Fortinet discovered...
Stolen OAuth tokens used to download data from dozens of organizations, GitHub warns
GitHub reported that threat actors used stolen OAuth user tokens to exfiltrate private data from several organizations. GitHub uncovered threat...
OWASP Coraza WAF – A Golang Modsecurity Compatible Web Application Firewall Library
Welcome to OWASP Coraza Web Application Firewall, OWASP Coraza is a golang enterprise-grade Web Application Firewall framework that supports Modsecurity's...
Security Affairs newsletter Round 361 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Kraken – A Multi-Platform Distributed Brute-Force Password Cracking System
Kraken is an online distributed brute force password cracking tool. It allows you to parallelize dictionaries and crunch word generator...
U.S. Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist
The U.S. government blames North Korea-linked APT Lazarus for the recent $600 million Ronin Validator cyber heist. The U.S. government...
The unceasing action of Anonymous against Russia
This week the Anonymous collective and its affiliates have targeted multiple Russian organizations stealing gigabytes of data. This week Anonymous...
EDRSandblast – Tool That Weaponize A Vulnerable Signed Driver To Bypass EDR Detections And LSASS Protections
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Kernel callbacks and...
Threat actors target the Ukrainian gov with IcedID malware
Threat actors are targeting Ukrainian government agencies with phishing attacks delivering the IcedID malware. The Ukrainian Computer Emergency Response Team...
Threat actors use Zimbra exploits to target organizations in Ukraine
Threat actors are targeting Ukrainian government organizations with exploits for XSS vulnerabilities in Zimbra Collaboration Suite (CVE-2018-6882). Ukraine’s CERT (CERT-UA)...
Shhhloader – SysWhispers Shellcode Loader
Greetz & Credit: Jthuraisamy for his amazing project SysWhispers: https://github.com/jthuraisamy/SysWhispers OutFlank for creating InlineWhispers (Mingw-w64 Compatible SysWhispers): https://github.com/outflanknl/InlineWhispers FalconForceTeam for...
Conti Ransomware Gang claims responsibility for the Nordex hack
The Conti ransomware gang has claimed responsibility for the recent attack against Nordex, one of the largest manufacturers of wind...
ZingoStealer crimeware released for free in the cybercrime ecosystem
A new powerful crimeware called ZingoStealer was released for free by a threat actor known as Haskers Gang. ZingoStealer is a...
modifyCertTemplate – ADCS Cert Template Modification And ACL Enumeration
This tool is designed to aid an operator in modifying ADCS certificate templates so that a created vulnerable state can...
Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover
Cisco fixed a critical flaw in Cisco Wireless LAN Controller (WLC) that could allow an unauthenticated, remote attacker to take...
Google fixed third zero-day in Chrome since the start of 2022
Google Chrome 100.0.4896.127 addresses a new high-severity zero-day vulnerability tracked as CVE-2022-1364, actively exploited by threat actors in the wild....
Ways to Develop a Cybersecurity Training Program for Employees
Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s...
