Free DNS Server Vulnerability Research & Pentesting
DNS (Domain Name System) decodes human-readable domain names into IP addresses. In vulnerability research and pentesting, analyzing DNS can reveal the following potential attack vectors…
Category: CyberSecurityNews
APT Groups Using HrServ Web Shell to Hack Windows Systems
A HrServ web shell is a malicious script or program that enables remote server administration, allowing unauthorized access and control. Hackers target web shells to…
ClearFake a New Malware Attacking Mac users via fake updates
Mac users were targeted by a fake browser update chain called ‘ClearFake’, which was delivered by Atomic Stealer to compromise their systems. Malwarebytes has reported…
Hackers using Weaponized Office Doc to Exploit Windows RCE
A new attack chain campaign has been discovered, which involves the exploitation of CVE-2023-36884 and CVE-2023-36584. CVE-2023-36884 was a remote code execution vulnerability, and CVE-2023-36584…
North Korean Hackers Targeting CyberLink Users
In the ever-evolving realm of cybersecurity, Microsoft Threat Intelligence has uncovered a sophisticated supply chain attack orchestrated by the North Korean Hackers Diamond Sleet (ZINC). …
Firefox 120 Released With Security Updates
With the release of Mozilla Firefox 120, 10 vulnerabilities are patched, including six ‘High Severity’ issues and two moderate and low severity issues. The key…
WailingCrab Abuse Messaging Protocol for C2 Communications
Researchers noticed developments in the sophisticated, multi-component malware dubbed WailingCrab, especially those pertaining to its C2 communication techniques, which included abusing the MQTT Internet-of-Things (IoT)…
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability
Microsoft released multiple security patches as part of their Patch Tuesday, in which three zero-day vulnerabilities were also patched. One of the zero-day vulnerabilities was…
Bug Hunter GPT – AI Assistant that Replies for Hacking Questions
ChatGPT, like InstructGPT, follows prompts for detailed responses. It answers questions and composes content similar to customer service chatbots. LLMs (Large Language Models) are revolutionizing…
Citrix Warns Admin to Kill Active Sessions to Thwart Hackers
As previously reported, CVE-2023-4966 was discovered and published by Citrix. This vulnerability affected Citrix NetScaler Gateway and ADC devices. Following this, AssetNote published a proof-of-concept…
Hackers Exploiting 0-day RCE Flaws to Deploy Mirai Malware
The Mirai botnet is a malicious network of infected computers, routers, and IoT devices harnessed by cybercriminals to launch large-scale DDoS attacks. The destructiveness of…
Rewards up to $20,000 USD
Microsoft has launched the Defender Bounty Program, which aims to improve the security of its customers’ experience by incentivizing researchers with rewards of up to…