Browsing tag
The iPhone of New York Times journalist Ben Hubbard was repeatedly hacked with NSO Group’s Pegasus spyware tool over a three-year period stretching between June 2018 to June 2021, resulting in infections twice in July 2020 and June 2021. The University of Toronto’s Citizen Lab, which publicized the findings on Sunday, said the “targeting took […]
Organizations’ cybersecurity capabilities have improved over the past decade, mostly out of necessity. As their defenses get better, so do the methods, tactics, and techniques malicious actors devise to penetrate their environments. Instead of the standard virus or trojan, attackers today will deploy a variety of tools and methods to infiltrate an organization’s environment and […]
Researchers discovered a critical vulnerability in Microsoft Azure named “BlackDirect” that allows attackers to take over the Azure user’s accounts and creating the Token with the victim’s permissions. The vulnerability specifically affected Microsoft’s OAuth 2.0 applications that allow malicious attacker access and control a victim’s account “OAuth is a protocol for authorization that is commonly […]
Adobe discloses the security breach on its Magento Marketplace portal, in results, attackers gained access to the registered customer’s sensitive account information. Adobe owned Magento is an open-source e-commerce and CMS platform written in PHP, and it was acquired for $1.68 billion in 2018. It is one of the most popular open e-commerce systems in […]
ispy : Eternalblue(ms17-010)/Bluekeep(CVE-2019-0708) Scanner and exploiter ( Metasploit automation ) How to install : git clone https://github.com/Cyb0r9/ispy.git cd ispy chmod +x setup.sh ./setup.sh Screenshots : Tested On : Parrot OS Kali linux Tutorial ( How to use ispy ) info GitHub profile : https://github.com/Cyb0r9 YouTbue channel: https://youtube.com/c/Cyborg_TN Ask Fm (ask me): […]
Researchers from Google project zero uncovered a critical zero-day vulnerability that affected at least 18 Android models including Samsung, Moto, Huawei, Pixel, Xiaomi and more. Some of the depth pieces of evidence show that the vulnerability is being exploited in wide and gives complete access to the Vulnerable Android devices. An Android zero-day exploit that […]
A financially motivated hacking group called “GOLD SOUTHFIELD” launch a newly developed REvil Ransomware (aka Sodinokibi) which used the GandCrab ransomware code and infected the Windows users around the world. Threat actors are distributing it through various medium including software installers with backdoor capabilities, exploit kits, exploiting RDP servers, and scan-and-exploit techniques. Malware developers behind […]
Automated Application Generation for Stack Overflow Types on Wireless Routers. Router exploits shovel is an automated application generation tool for stack overflow types on wireless routers. The tool implements the key functions of exploits, it can adapt to the length of the data padding on the stack, generate the ROP chain, generate the encoded […]
A Vulnerability resides in the Exim mail server allows both local and remote attacker to execute the arbitrary code and exploit the system to gain root access. Exim is a mail transfer agent (MTA) developed by the University of Cambridge as an open-source project and is responsible for receiving, routing and delivering e-mail messages used on Unix-like operating systems. […]
Goldmouse APT group (APT-C-27) now start exploiting the WinRAR vulnerability (CVE-2018-20250[6]) to hide the njRAT backdoor and targeting users reside in the Middle East via decoy Word document to compromise and control the device. The 19-year-old vulnerability was disclosed by checkpoint security researchers last week, the vulnerability resides in the WinRAR UNACEV2.DLL library. Since the vulnerability has […]
A brand new JNEC.a ransomware spreading via recently discovered WinRAR vulnerability exploit to compromise windows computer & demand the ransom amount. This exploits leverage the recently discovered WinRAR ACE code injection vulnerability, since then attackers continuously exploiting the vulnerability to intrude the targeted system in various ways. WinRAR is the worlds most popular Compression tool […]
Researchers discovered a new malicious PDF sample that has an ability to exploit the Google Chrome zero-day flaw when victims using Chrome as local PDF viewer. Attackers spreading this weaponized PDF intended to exploit the Chrome zero-day vulnerability to track the users and collect some user’s information when they open this malicious PDF in chrome […]
Kali Linux 2019.1 is now available for download, updating many of its features, as well as introducing a few more. These include the open-source operating system, Kernal as it updates to version 4.19.13. This OS often receives contributions from thousands of programmers and companies. In addition, Kali condenses Antivirus evasion techniques within its Metasploit framework. Manager of […]
Cybercriminals now leveraging new hacking tools and remote access software to drop cryptocurrency malware by exploiting a Windows SMB Server Vulnerability . There are 2 main hacking tools that are used by attackers to drop random file info to the targeted systems windows registry. First one is MIMIKATZ , a powerful post-exploitation hacking tool which is used with […]
Researchers observed a new malicious campaign that delivers a powerful ExileRAT malware via Microsoft powerpoint documents using previously used C2 server infrastructure. Attackers deliver the malware via Email attachment and the Mail address represented the Central Tibetan Administration (CTA), a Tibetan based government organization. Nature of this malware campaign seems to spy on civilian populations for […]
The researcher found new Remote code execution vulnerability in widely used LibreOffice that allows attackers to exploit the arbitrary code in Windows and Linux Platform. LibreOffice is a free and open-source office suite which is developed by The Document Foundation and it is a widely used office suite for both individuals and the corporate environment. LibreOffice can […]
Cybercriminals now actively exploiting 9,852 Cisco RV320/RV325 routers that are vulnerable to critical remote code execution vulnerabilities CVE-2019-1653, CVE-2019-1652. A vulnerability in the Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information from CVE-2019-1653, and a remote attacker with administrative privileges on an affected […]
Cyber Criminals now using new Stenography technique to distribute a powerful Obfuscated PDF exploit in order to compromise the targets and evade the detection. Malicious hackers are always finding new techniques to exploit the vulnerabilities and compromising victims machine without more user interaction to increase the success ratio of the attack. Steganography is the technique […]
Fallout is an exploit kit (EK) first identified at the end of August 2018. It was first seen as a part of a malvertising campaign affecting users in Japan, Korea, the Middle East, Southern Europe, and others in the Asia Pacific. Fallout was observed exploiting vulnerabilities CVE-2018-4878 and CVE-2018-8174 and distributing the Gandcrab ransomware to […]
One of the dangerous Fallout exploit kit now back to form with various new futures and delivering one of the widely distributed Ransomware GandCrab. Attackers using malvertising chain to ditributing the Fallout exploit kit since Jan 2015 via adult websites. Unlike past infection that discovered back to 2018, current distribution contain new futures including HTTPS […]
An interactive multi-user web based javascript shell. It was initially created in order to debug remote esoteric browsers during experiments and research. This tool can be easily attached to XSS (Cross Site Scripting) payload to achieve browser remote code execution (similar to the BeeF framework). Version 2.0 is created entirely from scratch, introducing new exciting […]