The Stony Path of Android 🤖 Bug Bounty – Bypassing Certificate Pinning
Dear readers, Long story short, doing bug bounties for mobile devices is hard. With this article I want to show you a rather simple way…
Month: January 2024
High Risk Vulnerabilities within the DoD – Exploiting Coldfusion, Dotnet Nuke, Oracle, and more | by Alyssa Herrera
The Department of Defense Launched a bug bounty program on November 21st, 2016 on Hackerone. This allowed researchers to report vulnerabilities on any military domain,…
BugBountyHunter Chats — Getting to know 0xblackbird, YouGina, JTCSec and HolyBugx | by Sean (zseano)
18 min read · Jul 12, 2021 BugBountyHunter.com opened early November 2020 and the amount of growth we have seen in members has been phenomenal!…
Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies
Jan 06, 2024NewsroomCyber Espionage / Supply Chain Attack Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the Netherlands have…
New Year Themed Spam Emails Rises: The Remcos RAT Connection
As the New Year festivities unfold, cyber threats take on a deceptive facade, with malicious actors exploiting the celebratory spirit to spread malware through carefully…
Pro-Iranian Hacker Group Targeting Albania with No-Justice Wiper Malware
Jan 06, 2024NewsroomMalware / Cyber Attack The recent wave of cyber attacks targeting Albanian organizations involved the use of a wiper called No-Justice. The findings…
The Week in Ransomware – January 5th 2024
With it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and…
US charged 19 suspects linked to xDedic cybercrime marketplace
The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in…
BreachForums admin jailed again for using a VPN, unmonitored PC
The administrator behind the notorious BreachForums hacking forum has been arrested again for breaking pretrial release conditions, including using an unmonitored computer and a VPN.…
Signal, AI Generated Art Least, Amazon, Facebook Most Invasive Apps
According to Surfshark, a third of data collected by these apps is susceptible to tracking by third-party advertisers or data brokers, posing a significant threat…
Hackers target Apache RocketMQ servers vulnerable to RCE attacks
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command…
Web3 security firm CertiK’s X account hacked to push crypto drainer
The Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company’s more than 343,000 followers to a malicious website pushing a…