Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms
Russian disinformation continues, this time it used a deepfake video of Zelenskyy inviting Ukrainians to ‘lay down arms.’ A deepfake...
hacking
CISA adds 15 new flaws to the Known Exploited Vulnerabilities Catalog
The US Cybersecurity and Infrastructure Security Agency (CISA) added 15 new flaws to its Known Exploited Vulnerabilities Catalog. The U.S....
RefleXXion – A Utility Designed To Aid In Bypassing User-Mode Hooks Utilised By AV/EPP/EDR Etc
Introduction RefleXXion is a utility designed to aid in How to Use You can open and compile the project with...
Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud
FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the...
WMEye – A Post Exploitation Tool That Uses WMI Event Filter And MSBuild Execution For Lateral Movement
WMEye is an experimental tool that was developed when exploring about Windows WMI. The tool is developed for performing Lateral...
Hacker breaches key Russian ministry in blink of an eye
In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of...
Patching – An Interactive Binary Patching Plugin For IDA Pro
Patching A complete listing of the contextual patching actions are described in the following sections. Assemble The main patching dialog...
CVE-2022-0778 DoS flaw in OpenSSL was fixed
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity...
Critical flaws affect Veeam Data Backup software
Veeam addressed two critical vulnerabilities impacting the Backup & Replication product for virtual environments. Veeam has released security patches to...
The German BSI agency recommends replacing Kaspersky antivirus software
German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The...
Dirty Pipe Linux flaw impacts most QNAP NAS devices
Taiwanese vendor QNAP warns most of its NAS devices are impacted by high severity Linux vulnerability dubbed ‘Dirty Pipe.’ Taiwanese...
CaddyWiper, a new data wiper hits Ukraine
Experts discovered a new wiper, tracked as CaddyWiper, that was employed in attacks targeting Ukrainian organizations. Experts at ESET Research...
A massive DDoS attack hit Israel, government sites went offline
Many Israel government websites were offline after a cyberattack, defense sources claim that this is the largest-ever attack that hit...
Lnkbomb – Malicious Shortcut Generator For Collecting NTLM Hashes From Insecure File Shares
Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The Executable Usage Download Lnkbomb from the releases...
Ukraine is using Clearview AI’s facial recognition during the conflict
Ukraine’s defense ministry began using Clearview AI’s facial recognition technology to uncover Russian assailants, combat misinformation and identify the dead....
Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft
Anonymous claims to have hacked the systems of the German subsidiary of Russian energy giant Rosneft and stole 20TB of...
CodeAnalysis – Static Code Analysis
Tencent Cloud Experience Apply Link Key Features Language support: It supports Java/C++/Objective-C/C#/JavaScript/Python/Go/PHP and more, covering common programming languages. Code inspection:...
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats
Brazilian trojan impacting Portuguese users and using the same capabilities seen in other Latin American threats Introduction A new variant...
Russia-Ukraine cyber conflict poses critical infrastructure at risk
While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk. Critical...
GoodHound – Uses Sharphound, Bloodhound And Neo4j To Produce An Actionable List Of Attack Paths For Targeted Remediation
Attackers think in graphs, defenders think in actions, Documentation All documentation can be found in the wiki Acknowledgments The py2neo...
Anonymous sent a message to Russians: “remove Putin”
Anonymous has published a new message for Russian citizens inviting them to remove Putin that is sacrificing them and killing...
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years
The hidden C2: Lampion trojan release 212 is on the rise and using a C2 server for two years. Lampion trojan...
Mar 06- Mar 12 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective....
Security Affairs newsletter Round 357 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
