Suspects Linked to the Clop Ransomware Gang Detained in Ukraine
Following a joint operation by law enforcement agencies from Ukraine, South Korea, and the United States, multiple persons alleged to...
OSINT
AmeriGas: US Largest Propane Supplier Suffered a ‘8-second’ Data Breach
America's largest propane supplier, AmeriGas, has revealed a data breach that lasted ‘8-second’ but affected 123 employees and one US...
Unique TTPs Connect Hades Ransomware to New Threat Group
Researchers claim to have uncovered the origins of Hades ransomware's operators, as well as the unique tactics, methods, and procedures...
Cyber Attackers Faced a Denial After Fujifilm Refused to Pay Ransom
Japanese conglomerate Fujifilm, earlier this month on Wednesday 2nd June published a short statement to reveal the illegitimate infiltration of...
Ferocious Kitten: 6 years of covert surveillance in Iran
Ferocious Kitten is an APT group that since at least 2015 has been targeting Persian-speaking individuals who appear to be...
Aggrokatz – An Aggressor Plugin Extension For Cobalt Strike Which Enables Pypykatz To Interface With The Beacons Remotely
aggrokatz is an Aggressor plugin extension for CobaltStrike which enables pypykatz to interface with the beacons remotely. The current version...
Gundog – Guided Hunting In Microsoft 365 Defender
Gundog provides you with guided hunting in Microsoft 365 Defender. Especially (if not only) for Email and Endpoint Alerts at...
A flaw in Peloton Bike+ could allow hackers to control it
A flaw in the Peloton Bike+ could be exploited by an attacker with initial physical access to gain root entry...
Cyberium malware-hosting domain employed in multiple Mirai variants campaigns
A new variant of the Mirai botnet, tracked as Moobot, was spotted scanning the Internet for vulnerable Tenda routers. Researchers...
Fujifilm restores operations after recent ransomware attack
Japanese multinational conglomerate Fujifilm announced that it has restored operations following the recent ransomware attack. On June 4, the Japanese...
The source code of the Paradise Ransomware was leaked on XSS hacking forum
The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their...
Windows 10 to retire in four years (or 52 Patch Tuesdays, in sysadmin years)
Microsoft will terminate support for Windows 10 Home and Pro on 14 October 2025, a decade after the original Windows...
Patch now! Apple fixes in-the-wild iPhone vulnerabilities
Apple has fixed two vulnerabilities in Safari’s WebKit component, announcing it is aware of a report that they may have...
Israeli Chief-of-Staff was Hacked by an Iranian State-Sponsored Cybercriminal
According to the Times of Israel, an Iranian cybercriminal targeted the computer of a former IDF chief of staff and...
The US has linked major cyber attacks against Russia with Chinese hackers
Solar JSOC spoke about a series of cyber attacks on Russian government systems in 2020. According to the American Company...
SIP Protocol Exploited to Trigger XSS Attacks via VoIP Call Monitoring Software
According to new research, the SIP communications protocol can be exploited to conduct cross-site scripting (XSS) assaults. In a blog post...
Three Unpatched Bugs Spotted in Third-Party Provisioning Platform
Researchers at Rapid7 have unearthed three highly critical security flaws in Akkadian Provisioning Manager, a third-party provisioning tool within Cisco...
341% Surge in DDoS Attacks During the Epidemic
The epidemic resulted in a 341 percent spike year-over-year in distributed denial of services (DDoS) attacks as per Nexusguard's Annual...
Andariel evolves to target South Korea with ransomware
Executive summary In April 2021, we observed a suspicious Word document with a Korean file name and decoy. It revealed...
TChopper – Conduct Lateral Movement Attack By Leveraging Unfiltered Services Display Name To Smuggle Binaries As Chunks Into The Target Machine
New technique I have discovered recently and give it a nickname (Chop chop) to perform lateral movement using windows services...
A2P2V – Automated Attack Path Planning and Validation
Automated Attack Path Planning and Validation (A2P2V) is a planning and cyber-attack tool that provides the capability for users to...
Former NSA contractor Reality Winner who leaked gov report will be released on November
Reality Winner, a former NSA contractor who leaked classified documents to the press in 2017, has been released from prison...
Instagram flaw allowed to see private, archived Posts/Stories of users without following them
Instagram has addressed a new flaw that allowed anyone to access private accounts viewing archived posts and stories without having...
Wear your MASQ! New Device Fingerprint Spoofing Tool Available in Dark Web
The MASQ tool could be used by attackers to emulate device fingerprints thus allowing them to bypass fraud protection controls The...
