WinRAR SFX archives can run PoweShell without being detected
04
Apr
2023

WinRAR SFX archives can run PowerShell without being detected

Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without…

Share: X : WinRAR SFX archives can run PowerShell without being detectedFacebook : WinRAR SFX archives can run PowerShell without being detectedLinkedin : WinRAR SFX archives can run PowerShell without being detectedReddit : WinRAR SFX archives can run PowerShell without being detectedTelegram : WinRAR SFX archives can run PowerShell without being detectedWhatsApp : WinRAR SFX archives can run PowerShell without being detectedEmail : WinRAR SFX archives can run PowerShell without being detected
[tl;dr sec] #168 - GCP and Azure Storage Threat Models, macOS Security, Red Team Resources
03
Apr
2023

[tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team Resources

Hey there, I hope you’ve been doing well! Semgrep in EU I was a bit sleepy when I was finishing…

Share: X : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesFacebook : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesLinkedin : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesReddit : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesTelegram : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesWhatsApp : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team ResourcesEmail : [tl;dr sec] #168 – GCP and Azure Storage Threat Models, macOS Security, Red Team Resources
Bitcoin
03
Apr
2023

US seizes $112 million from cryptocurrency investment scammers

Today, the U.S. Department of Justice seized six virtual currency accounts containing over $112 million in funds stolen in cryptocurrency…

Share: X : US seizes $112 million from cryptocurrency investment scammersFacebook : US seizes $112 million from cryptocurrency investment scammersLinkedin : US seizes $112 million from cryptocurrency investment scammersReddit : US seizes $112 million from cryptocurrency investment scammersTelegram : US seizes $112 million from cryptocurrency investment scammersWhatsApp : US seizes $112 million from cryptocurrency investment scammersEmail : US seizes $112 million from cryptocurrency investment scammers
2842 top penetration testing & hacking tools added in new version of BlackArch Distro
03
Apr
2023

2842 top penetration testing & hacking tools added in new version of BlackArch Distro

When it comes to Linux distributions, we have access to a large number of different alternatives to choose from. BlackArch…

Share: X : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroFacebook : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroLinkedin : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroReddit : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroTelegram : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroWhatsApp : 2842 top penetration testing & hacking tools added in new version of BlackArch DistroEmail : 2842 top penetration testing & hacking tools added in new version of BlackArch Distro
New VPN Malvertising Attack Drops OpcJacker Crypto Stealer
03
Apr
2023

New VPN Malvertising Attack Drops OpcJacker Crypto Stealer

The primary target of the OpcJacker Crypto malware campaign are unsuspecting users in Iran who were tricked into downloading an…

Share: X : New VPN Malvertising Attack Drops OpcJacker Crypto StealerFacebook : New VPN Malvertising Attack Drops OpcJacker Crypto StealerLinkedin : New VPN Malvertising Attack Drops OpcJacker Crypto StealerReddit : New VPN Malvertising Attack Drops OpcJacker Crypto StealerTelegram : New VPN Malvertising Attack Drops OpcJacker Crypto StealerWhatsApp : New VPN Malvertising Attack Drops OpcJacker Crypto StealerEmail : New VPN Malvertising Attack Drops OpcJacker Crypto Stealer
A Pentesters Introduction To The New OWASP API Top 10 - 2023 RC
03
Apr
2023

A Pentesters Introduction To The New OWASP API Top 10 – 2023 RC

A Pentesters Introduction To The New OWASP API Top 10 – 2023 RC Source link

Share: X : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCFacebook : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCLinkedin : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCReddit : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCTelegram : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCWhatsApp : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RCEmail : A Pentesters Introduction To The New OWASP API Top 10 – 2023 RC
CISA
03
Apr
2023

CISA warns of Zimbra bug exploited in attacks against NATO countries

The Cybersecurity and Infrastructure Security Agency (CISA) warned federal agencies to patch a Zimbra Collaboration (ZCS) cross-site scripting flaw exploited…

Share: X : CISA warns of Zimbra bug exploited in attacks against NATO countriesFacebook : CISA warns of Zimbra bug exploited in attacks against NATO countriesLinkedin : CISA warns of Zimbra bug exploited in attacks against NATO countriesReddit : CISA warns of Zimbra bug exploited in attacks against NATO countriesTelegram : CISA warns of Zimbra bug exploited in attacks against NATO countriesWhatsApp : CISA warns of Zimbra bug exploited in attacks against NATO countriesEmail : CISA warns of Zimbra bug exploited in attacks against NATO countries
Ransomware Attacking Satellite
03
Apr
2023

Ransomware Groups Attacking Satellite and Space Industry

Ransomware groups and hacktivists are actively targeting satellite and space industries.  SATCOM Networks and Space Industry Devices are becoming an…

Share: X : Ransomware Groups Attacking Satellite and Space IndustryFacebook : Ransomware Groups Attacking Satellite and Space IndustryLinkedin : Ransomware Groups Attacking Satellite and Space IndustryReddit : Ransomware Groups Attacking Satellite and Space IndustryTelegram : Ransomware Groups Attacking Satellite and Space IndustryWhatsApp : Ransomware Groups Attacking Satellite and Space IndustryEmail : Ransomware Groups Attacking Satellite and Space Industry
Western Digital shuts systems due to Cyber Attack
03
Apr
2023

Western Digital shuts systems due to Cyber Attack

A cyber attack launched and identified on March 26th of this year has triggered the incident response teams of Western…

Share: X : Western Digital shuts systems due to Cyber AttackFacebook : Western Digital shuts systems due to Cyber AttackLinkedin : Western Digital shuts systems due to Cyber AttackReddit : Western Digital shuts systems due to Cyber AttackTelegram : Western Digital shuts systems due to Cyber AttackWhatsApp : Western Digital shuts systems due to Cyber AttackEmail : Western Digital shuts systems due to Cyber Attack
[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover
03
Apr
2023

[www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover

Kindred Group disclosed a bug submitted by sw33tlie: https://hackerone.com/reports/1632973 – Bounty: $5250 Source link

Share: X : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverFacebook : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverLinkedin : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverReddit : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverTelegram : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverWhatsApp : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeoverEmail : [www.32red.com] Reverse proxy misconfiguration leads to 1-click account takeover
WinRAR SFX archives can run PoweShell without being detected
03
Apr
2023

WinRAR SFX archives can run PoweShell without being detected

Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without…

Share: X : WinRAR SFX archives can run PoweShell without being detectedFacebook : WinRAR SFX archives can run PoweShell without being detectedLinkedin : WinRAR SFX archives can run PoweShell without being detectedReddit : WinRAR SFX archives can run PoweShell without being detectedTelegram : WinRAR SFX archives can run PoweShell without being detectedWhatsApp : WinRAR SFX archives can run PoweShell without being detectedEmail : WinRAR SFX archives can run PoweShell without being detected
Massive 3CX Supply Chain Hack Targeted Cryptocurrency Firms
03
Apr
2023

Massive 3CX Supply Chain Hack Targeted Cryptocurrency Firms

Software supply chain attacks, in which hackers corrupt widely used applications to push their own code to thousands or even…

Share: X : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsFacebook : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsLinkedin : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsReddit : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsTelegram : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsWhatsApp : Massive 3CX Supply Chain Hack Targeted Cryptocurrency FirmsEmail : Massive 3CX Supply Chain Hack Targeted Cryptocurrency Firms