Lazarus is using a MagicLine4NX zero-day in supply chain attack
North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack Pierluigi Paganini November 25, 2023 UK and South Korea agencies warn…
Month: November 2023
Google’s Ad Blocker Crackdown Is Growing
Google proposed putting restrictions on this API but has relaxed these somewhat in the new version of Manifest V3. It originally planned to allow browser…
Malicious Browser Extensions Steal Facebook Business Accounts
It has come to light that Facebook Business accounts have been compromised through the use of harmful browser extensions developed by the notorious Ducktail family.…
Free DNS Server Vulnerability Research & Pentesting
DNS (Domain Name System) decodes human-readable domain names into IP addresses. In vulnerability research and pentesting, analyzing DNS can reveal the following potential attack vectors…
The RAT King “NetSupport RAT” Back in Action Via Fake Browser
In the perpetually evolving realm of cybersecurity, the reawakening of NetSupport RAT, a Remote Access Trojan (RAT), casts a looming shadow that beckons the attention…
10 Vital AI Trends Of 2024 We Need To Be Ready For
Authored by Neelesh Kripalani, Chief Technology Officer, Clover Infotech In the ever-evolving landscape of technology, staying ahead of the curve is not just an advantage;…
New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government
Nov 25, 2023NewsroomCyber Attack / Threat Intelligence An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s…
3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
Nov 25, 2023NewsroomData Security / Vulnerability The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited…
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel Pierluigi Paganini November 25, 2023 Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker…
DOM Handling with MutationObserver
최근 ZAP은 SPA 기반의 앱을 쉽게 식별하기 위해 Client Side Integration 이란 기능을 추가했습니다. 이 이 때 DOM의 변화를 식별하기 위한 장치로 MutationObserver가 사용되었는데요. 오늘은…
App used by hundreds of schools leaking children’s data
App used by hundreds of schools leaking children’s data Pierluigi Paganini November 24, 2023 Almost a million files with minors’ data, including home addresses and…
Hackers Leak Thousands of Idaho National Lab Employees’ PII Data
According to local media, the lab has acknowledged a cyber attack resulting from a cybersecurity incident at a federally approved external vendor system. The Idaho…