Blind SQL Injection Flaw in WP Statistics Affected 600K+ Sites
According to researchers from Wordfence Threat Intelligence, WP Statistics has a Time-Based Blind SQL Injection vulnerability which is a WordPress...
OSINT
DivideAndScan – Divide Full Port Scan Results And Use It For Targeted Nmap Runs
Divide Et Impera And Scan (and also merge the scan results) DivideAndScan is used to efficiently automate port scanning routine...
AutoPentest-DRL – Automated Penetration Testing Using Deep Reinforcement Learning
AutoPentest-DRL is an automated penetration testing framework based on Deep Reinforcement Learning (DRL) techniques. The framework determines the most appropriate...
Insurance giant CNA Financial paid a $40 million ransom
The US insurance giant CNA Financial reportedly paid a $40 million ransom to restore access to its files following a...
Bitcoins of DarkSide ransomware gang still locked in hacker forum’s escrow
After DarkSide ransomware gang shut down operations, multiple affiliates have complained about not receiving the payments for successful breaches. The...
Microsoft SimuLand, an open-source lab environment to simulate attack scenarios
Microsoft released SimuLand, an open-source tool that can be used to build lab environments to simulate attacks and verify their...
STRRAT RAT spreads masquerading as ransomware
Microsoft warns of a malware campaign that is spreading a RAT dubbed named STRRAT masquerading as ransomware. Microsoft Security Intelligence...
Daily Quiz – 8,032,404 breached accounts
In January 2021, the quiz website Daily Quiz suffered a data breach that exposed over 8 million unique email addresses....
IIMJobs – 4,216,063 breached accounts
In December 2018, the Indian job portal IIMJobs suffered a data breach that exposed 4.1 million unique email addresses. The...
Apple confirms Macs get malware
Anyone following the court case between Epic and Apple is undoubtedly already aware of the “bombshell” dropped by Apple’s Craig...
Android patches for 4 in-the-wild bugs are out, but when will you get them?
In the Android Security Bulletin of May 2021, published at the beginning of this month, you can find a list...
A doctor reveals the human cost of the HSE ransomware attack
“It’s cracking, the whole thing.” The words were delivered quickly, but in a thoughtful and measured way. As if the...
The youngest crypto millionaire Mr. Buterin destroyed almost $7 billion worth of Shiba tokens donated to him
Creator of Ethereum, crypto millionaire Vitalik Buterin destroyed more than 410 trillion Shiba tokens, the total value of which CoinDesk...
Windows API Used as a Doorway in a MountLocker Ransomware Operation
Threat actors are now using MountLocker ransomware via ‘Windows Active Directory enterprise APIs’ to target website developers and organizations. MountLocker...
TeamTNT: New Credential Harvester Targets Cloud Services and other Software
Secrets must be kept confidential in order for networks to be protected and supply-chain attacks to be avoided. Malicious actors...
Crypto Tumble is Testing the Durability of the Cryptocurrency Boom
The rapid and broad retreat of virtual currencies is putting the cryptocurrency boom to the test. After a bruising U.S....
Microsoft Exchange Bug Report Allowed Attackers to take Advantage of the Situation
Every moment a threatening actor begins a new public web-based search for vulnerable systems which advances faster than international companies...
ABPTTS – TCP Tunneling Over HTTP/HTTPS For Web Application Servers
A Black Path Toward The Sun(TCP tunneling over HTTP for web application servers) https://www.blackhat.com/us-16/arsenal.html#a-black-path-toward-the-sun Ben Lincoln, NCC Group, 2016 ABPTTS...
Etherblob-Explorer – Search And Extract Blob Files On The Ethereum Blockchain Network
Search and extract blob files on the Ethereum network using Etherscan.io API.IntroductionEtherBlob Explorer is a tool intended for researchers, analysts,...
A dozen Android apps exposed data of 100M+ users
Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers...
Privacy Concerns On Cookies Storing Personal Information
Which are privacy concerns on the way organizations collect personal information through the use of cookies? Data is constantly being...
Russian citizen Anton Bogdanov sentenced to 5 years for cyber tax fraud scheme
Russian hacker Anton Bogdanov was sentenced to 5 years’ imprisonment for attempting to steal $1.5 million in tax refunds by hacking...
Blind SQL Injection flaw in WP Statistics impacted 600K+ sites
Experts discovered a Time-Based Blind SQL Injection vulnerability in the WP Statistics plugin which is installed on over 600,000 WordPress...
Google addresses 4 zero-day flaws in Android exploited in the wild
Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the...
