Russian Gamaredon APT is targeting Ukraine since October
Russia-linked APT group Gamaredon is behind spear-phishing attacks against Ukrainian entities and organizations since October 2021. Russia-linked cyberespionage group Gamaredon...
hacking
Espionage – A Network Packet And Traffic Interceptor For Linux. Spoof ARP And Wiretap A Network
Writeup A simple medium writeup can be found here: Click Here For The Official Medium Article Discord Server https://discord.gg/jtZeWek Ethical...
Israeli surveillance firm QuaDream emerges from the dark
One of the Apple iOS zero-day flaws exploited by the NSO group was also used by another surveillance firm named QuaDream....
Argo CD flaw could allow stealing sensitive data from Kubernetes Apps
A flaw in Argo CD tool for Kubernetes could be exploited by attackers to steal sensitive data from Kubernetes Apps....
IDACode – An Integration For IDA And VS Code Which Connects Both To Easily Execute And Debug IDAPython Scripts
IDACode makes it easy to execute and debug Python scripts in your IDA environment without leaving Visual Studio Code. The...
Security Affairs newsletter Round 352
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
LockBit ransomware gang claims to have stolen data from PayBito crypto exchange
LockBit ransomware gang claims to have stolen customers’ data from the PayBito crypto exchange. PayBito is a bitcoin and cryptocurrency exchange for major...
SentryPeer – A Distributed Peer To Peer List Of Bad Actor IP Addresses And Phone Numbers Collected Via A SIP Honeypot
A Goals All code Free/Libre and Open Source Software FAST User owns their data User can submit their own data...
FBI issued a flash alert on Lockbit ransomware operation
The FBI released a flash alert containing technical details associated with the LockBit ransomware operation. The Federal Bureau of Investigation...
SMBSR – Lookup For Interesting Stuff In SMB Shares
Well, SMBSR is a python script which given a CIDR/IP/IP_file/HOSTNAME(s) enumerates all the SMB services listening (445) among the targets...
CISA orders federal agencies to fix actively exploited CVE-2022-21882 Windows flaw
US CISA ordered federal agencies to patch their systems against actively exploited CVE-2022-21882 Windows flaw. The Cybersecurity and Infrastructure Security...
Over 500,000 people were impacted by a ransomware attack that hit Morley
Business services firm Morley was hit by a ransomware attack that may have exposed data of +500,000 individuals. Business services...
SQLRecon – A C# MS SQL Toolkit Designed For Offensive Reconnaissance And Post-Exploitation
A C# MS-SQL toolkit designed for offensive reconnaissance and post-exploitation. For detailed usage information on each technique, refer to the...
Ransomware attack hit Swissport International causing delays in flights
Aviation services company Swissport International was hit by a ransomware attack that impacted its operations. Swissport International Ltd. is an...
A nation-state actor hacked media and publishing giant News Corp
American media and publishing giant News Corp revealed it was victim of a cyber attack from an advanced persistent threat...
Retail giant Target open sources Merry Maker e-skimmer detection tool
Retail giant Target is going to open-source an internal tool, dubbed Merry Maker, designed to detect e-skimming attacks. Retail giant Target...
Russia-linked Gamaredon APT targeted a western government entity in Ukraine
The Russia-linked Gamaredon APT group attempted to compromise an unnamed Western government entity in Ukraine. Palo Alto Networks’ Unit 42...
Elfloader – An Architecture-Agnostic ELF File Flattener For Shellcode
elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this...
Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor
An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An...
Microsoft blocked tens of billions of brute-force and phishing attacks in 2021
Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last...
Exclusive interview with the Powerful Greek Army (PGA) hacker group
Six years ago the Powerful Greek Army (PGA) appeared in the threat landscape. After a long breach the hacker collective...
Cisco fixes critical flaws in its Small Business Routers
Cisco released security patches to address multiple flaws in its Small Business RV160, RV260, RV340, and RV345 series routers. Cisco...
wmiexec-RegOut – Modify Version Of Impacket Wmiexec.Py, Get Output(Data,Response) From Registry, Don’T Need SMB Connection, Also Bypassing Antivirus-Software In Lateral Movement Like WMIHACKER
Modify version of impacket wmiexec.py,wmipersist.py. Got output(data,response) from registry, don't need SMB connection, but I'm in the bad code :(...
Antlion APT group used a custom backdoor that allowed them to fly under the radar for months
A China-linked APT group tracked as Antlion used a custom backdoor called xPack that was undetected for months. A China-linked...
