BugCrowd Bug Bounty Disclosure: – Login Capctha Bypass – By mewtw0
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
OSINT
Cobalt Stike Beacon Detected – 120[.]78[.]133[.]177:2222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]226[.]55[.]69:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]29[.]13[.]206:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]135[.]44:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months...
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin...
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Why more transparency around cyber attacks is a good thing for everyone
Why more transparency around cyber attacks is a good thing for everyone At the NCSC and ICO, we deal with...
Top 5 Password Cracking Techniques Used by Hackers
One of the biggest security threats is password cracking. Are you an IT system administrator concerned about the security of...
New ‘Greatness’ service simplifies Microsoft 365 phishing attacks
The Phishing-as-a-Service (PhaaS) platform named 'Greatness' has seen a spike in activity as it targets organizations using Microsoft 365 in...
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Joseph James O'Connor, aka 'PlugwalkJoke,' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and...
Fake in-browser Windows updates push Aurora info-stealer malware
A recently spotted malvertising campaign tricked users with an in-browser Windows update simulation to deliver the Aurora information stealing malware....
Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
Industrial cybersecurity company Dragos today disclosed what it describes as a "cybersecurity event" after a known cybercrime gang attempted to...
North Korean hackers breached major hospital in Seoul to steal data
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country's...
New ransomware decryptor recovers data from partially encrypted files
A new 'White Phoenix' ransomware decryptor allows victims to partially recover files encrypted by ransomware strains that use intermittent encryption....
RapperBot DDoS malware adds cryptojacking as new revenue stream
New samples of the RapperBot botnet malware have added cryptojacking capabilites to mine for cryptocurrency on compromised Intel x64 machines....
RentoMojo – 2,185,697 breached accounts
HIBP In April 2023, the Indian rental service RentoMojo suffered a data breach. The breach exposed over 2M unique email...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 2, 2023. These...
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans The Federal Communications Commission (FCC) maintains a Covered...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 4, 2023.This advisory...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on May 9, 2023. These...
