SQLFluff – A SQL Linter And Auto-Formatter For Humans
SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating...
threatintel
CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers
The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10...
Security Affairs newsletter Round 315
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A malware attack hit the Alaska Health Department
The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of...
Qlocker ransomware leverages HBS flaw to infect QNAP NAS devices
QNAP warns customers of updating the HBS 3 disaster recovery app to prevent Qlocker ransomware attack. Taiwanese vendor QNAP is...
Moneycontrol – 762,874 breached accounts
In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763...
Japanese E-Commerce Platform Mercari Suffers Major Data Breach
Mercari, an e-commerce platform, has disclosed a major data breach that occurred as a result of the Codecov supply-chain attack....
45 Lakh Customer Data Compromised as Air India Servers Gets Hacked
A massive cyberattack was perpetrated against the domestic carrier Air India, which compromised passengers' data including passports, contacts, ticket information,...
Apple isn’t Happy About the Amount of Mac Malware
During testimony defending Apple in a lawsuit with Fortnite developer Epic Games, a top Apple executive said that Mac malware...
Charlotte – C++ Fully Undetected Shellcode Launcher
c++ fully undetected shellcode launcher ;) releasing this to celebrate the birth of my newborndescription13/05/2021: c++ shellcode launcher, fully undetected...
GraphQLmap – A Scripting Engine To Interact With A Graphql Endpoint For Pentesting Purposes
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes.Install$ git clone https://github.com/swisskyrepo/GraphQLmap$ python graphqlmap.py _____...
Foreign hackers breached Russian federal agencies, said FSB
FSB National Coordination Center for Computer Incidents (NKTsKI) revealed that foreign hackers have breached networks of Russian federal agencies. A...
Conti Ransomware hit 16 US health and emergency Services, said FBI
Conti ransomware targeted over 400 organizations worldwide, 290 in the US, and at least 16 healthcare and first responder networks....
Air India suffered a data breach, 4.5 million customers impacted
Air India disclosed a data breach that impacted roughly 4.5 million of its customers, two months after its Passenger Service...
Report: how cybercriminals abuse API keys to steal millions
CyberNews researchers found that crooks could abuse cryptocurrency exchange API keys and steal cryptocurrencies. Original post available here: https://cybernews.com/security/report-how-cybercriminals-abuse-api-keys-to-steal-millions/ CyberNews...
Indonesia ‘s government confirms social security data breach for some citizens
Indonesia has launched an investigation into a possible security incident that caused the leak of social security data for more...
Yam – 13,258,797 breached accounts
In June 2013, the Taiwanese website Yam.com suffered a data breach which was shared to a popular hacking forum in...
Livpure – 269,552 breached accounts
In August 2020, the Indian retailer Livpure suffered a data breach which exposed over 1 million customer purchases with 270...
DarkSide Affiliates Claim Gang’s Bitcoin Deposit
Multiple associates have protested about not being charged for past services since the DarkSide ransomware operation was shut down a...
Experts reported a twofold increase in the activity of ransomware hackers in Russia
The authors of the study called the growth "staggering." Since the beginning of April, experts have been monitoring ransomware attacks...
Scammers Employ ‘Vishing’ Technique to Steal Personal Details of Online Shoppers
Scammers are using a unique methodology called ‘vishing’ to trick online customers. In a vishing attack, the fraudster impersonates someone...
Cyber Attackers Hijacked Google and Microsoft Services for Malicious Phishing Emails
Over recent months, the cybersecurity industry has seen a huge increase in malicious attackers exploiting the networks of Microsoft and...
Blind SQL Injection Flaw in WP Statistics Affected 600K+ Sites
According to researchers from Wordfence Threat Intelligence, WP Statistics has a Time-Based Blind SQL Injection vulnerability which is a WordPress...
DivideAndScan – Divide Full Port Scan Results And Use It For Targeted Nmap Runs
Divide Et Impera And Scan (and also merge the scan results) DivideAndScan is used to efficiently automate port scanning routine...
