Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2022-06-07 11:21:47 |
Attackers Use Public Exploits to Throttle Atlassian Confluence Flaw (lien direct) |
The vulnerability remains unpatched on many versions of the collaboration tool and has potential to create a SolarWinds-type scenario. |
Tool
Vulnerability
|
|
|
|
2022-06-03 12:42:41 |
Evil Corp Pivots LockBit to Dodge U.S. Sanctions (lien direct) |
The cybercriminal group is distancing itself from its previous branding by shifting tactics and tools once again in an aim to continue to profit from its nefarious activity. |
Tool
|
|
|
|
2022-05-31 12:24:44 |
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS (lien direct) |
Malware borrows generously from code used by other botnets such as Mirai, Qbot and Zbot. |
Malware
Tool
|
|
|
|
2022-03-10 19:54:00 |
Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers (lien direct) |
Be careful when downloading a tool to cyber-target Russia: It could be an infostealer wolf dressed in sheep's clothing that grabs your cryptocurrency info instead. |
Tool
|
|
|
|
2022-03-01 17:55:46 |
Daxin Espionage Backdoor Ups the Ante on Chinese Malware (lien direct) |
Via node-hopping, the espionage tool can reach computers that aren't even connected to the internet. |
Malware
Tool
|
|
|
|
2022-01-26 22:39:34 |
TrickBot Crashes Security Researchers\' Browsers in Latest Upgrade (lien direct) |
The malware has added an anti-debugging tool that crashes browser tabs when researchers use code beautifying for analysis. |
Malware
Tool
|
|
|
|
2022-01-18 17:23:12 |
\'White Rabbit\' Ransomware May Be FIN8 Tool (lien direct) |
It's a double-extortion play that uses the command-line password 'KissMe' to hide its nasty acts and adorns its ransom note with cutesy ASCII bunny art.
|
Ransomware
Tool
|
|
|
|
2021-12-21 16:46:02 |
Two Active Directory Bugs Lead to Easy Windows Domain Takeover (lien direct) |
Microsoft is urging customers to patch two Active Directory domain controller bugs after a PoC tool was publicly released on Dec. 12.
|
Tool
|
|
|
|
2021-12-16 13:45:46 |
\'DarkWatchman\' RAT Shows Evolution in Fileless Malware (lien direct) |
The new tool manipulates Windows Registry in unique ways to evade security detections and is likely being used by ransomware groups for initial network access.
|
Ransomware
Malware
Tool
|
|
|
|
2021-12-10 17:58:04 |
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack (lien direct) |
The Log4Shell vulnerability critically threatens anybody using the popular open-source Apache Struts framework and could lead to a “Mini internet meltdown soonish.” |
Guideline
Tool
Vulnerability
|
|
|
|
2021-11-18 14:00:50 |
Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials (lien direct) |
Threat actors are targeting Middle-East-based employees of major corporations in a scam that uses a specific 'ephemeral' aspect of the project-management tool to link to SharePoint phishing pages.
|
Threat
Tool
|
|
|
|
2021-11-09 15:52:51 |
Security Tool Guts: How Much Should Customers See? (lien direct) |
Yaron Kassner, CTO of Silverfort, delves into the pros and cons of transparency when it comes to cybersecurity tools' algorithms.
|
Tool
|
|
|
|
2021-11-05 17:00:57 |
BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released (lien direct) |
CISA is urging vendors to patch, given the release of public exploit code & a proof of concept tool for bugs that open billions of devices – phones, PCs, toys, etc. – to DoS & code execution. |
Tool
|
|
|
|
2021-10-21 19:31:40 |
TA551 Shifts Tactics to Install Sliver Red-Teaming Tool (lien direct) |
A new email campaign from the threat group uses the attack-simulation framework in a likely leadup to ransomware deployment. |
Threat
Ransomware
Guideline
Tool
|
|
|
|
2021-10-13 20:17:09 |
FreakOut Botnet Turns DVRs Into Monero Cryptominers (lien direct) |
The new Necro Python exploit targets Visual Tool DVRs used in surveillance systems.
|
Tool
|
|
|
|
2021-08-17 13:58:12 |
Apple: CSAM Image-Detection Backdoor \'Narrow\' in Scope (lien direct) |
Computing giant tries to reassure users that the tool won't be used for mass surveillance. |
Tool
|
|
|
|
2021-07-28 17:44:50 |
Reboot of PunkSpider Tool at DEF CON Stirs Debate (lien direct) |
Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON. |
Tool
|
|
|
|
2021-07-21 18:11:31 |
NPM Package Steals Passwords via Chrome\'s Account-Recovery Tool (lien direct) |
In another vast software supply-chain attack, the password-stealer is filching credentials from Chrome on Windows systems via ChromePass. |
Tool
|
|
|
|
2021-06-29 09:00:51 |
Cobalt Strike Usage Explodes Among Cybercrooks (lien direct) |
The legit security tool has shown up 161 percent more, year-over-year, in cyberattacks, having “gone fully mainstream in the crimeware world.” |
Tool
|
|
|
|
2021-05-14 17:36:33 |
FIN7 Backdoor Masquerades as Ethical Hacking Tool (lien direct) |
The financially motivated cybercrime gang behind the Carbanak RAT is back with the Lizar malware, which can harvest all kinds of info from Windows machines. |
Tool
|
|
|
|
2021-05-03 18:22:23 |
Hewlett Packard Enterprise Plugs Critical Bug in Edge Platform Tool (lien direct) |
Researchers warned that unpatched versions of HPE's Edgeline Infrastructure Manager are open to remote authentication-bypass attacks. |
Tool
|
|
|
|
2021-04-30 19:01:05 |
WeSteal: A Cryptocurrency Stealing Tool That Does Just That (lien direct) |
The developer of the WeSteal cryptocurrency stealer can't be bothered with fancy talk: they say flat-out that it's “the leading way to make money in 2021”. |
Guideline
Tool
|
|
|
|
2021-03-02 17:54:53 |
Jailbreak Tool Works on iPhones Up to iOS 14.3 (lien direct) |
The UnC0ver team took advantage of an iOS flaw patched in January in its latest tool allowing developers and other enthusiasts to hack into their own devices. |
Hack
Tool
|
|
|
|
2021-01-27 21:43:22 |
TeamTNT Cloaks Malware With Open-Source Tool (lien direct) |
The detection-evasion tool, libprocesshider, hides TeamTNT's malware from process-information programs. |
Malware
Tool
|
|
|
|
2021-01-05 22:28:17 |
RCE \'Bug\' Found and Disputed in Popular PHP Scripting Framework (lien direct) |
Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases. |
Tool
|
|
|
|
2020-12-08 19:00:16 |
The Remote-Work Transition Shifts Demand for Cyber Skills (lien direct) |
According to Cyberseek, an interactive mapping tool that tracks the current state of the security job market, there are more than half a million open cybersecurity positions available in the U.S. alone (522,000). |
Tool
|
|
|
|
2020-12-02 15:44:59 |
Microsoft Revamps \'Invasive\' M365 Feature After Privacy Backlash (lien direct) |
The Microsoft 365 tool that tracked employee usage of applications like Outlook, Skype and Teams was widely condemned by privacy experts. |
Tool
|
|
|
|
2019-05-08 12:01:03 |
Cynet Provides Security Responders with Free IR Tool to Validate and Respond to Active Threats (lien direct) |
Cynet Free IR empowers its users with a solution that is accessible and easy to use, bringing crucial incident response services in-house, while saving them valuable time and resources. |
Tool
|
|
|
|
2019-04-12 14:58:05 |
North Korea\'s Hidden Cobra Strikes U.S. Targets with HOPLIGHT (lien direct) |
The custom malware is a spy tool and can also disrupt processes at U.S. assets. |
Malware
Tool
|
APT 38
|
|
|
2019-03-19 15:26:04 |
Researcher Says NSA\'s Ghidra Tool Can Be Used for RCE (lien direct) |
Researchers have released a proof-of-concept showing how a XXE vulnerability can be exploited to attack Ghidra project users. |
Tool
Vulnerability
|
|
|
|
2019-02-21 15:05:04 |
19-Year-Old WinRAR Flaw Plagues 500 Million Users (lien direct) |
Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR. |
Tool
|
|
|
|
2019-01-16 22:09:02 |
Threatpost Survey Says: 2FA is Just Fine, But Go Ahead and Kill SMS (lien direct) |
Our reader poll showed overwhelming support for 2FA even in the wake of a bypass tool being released -- although lingering concerns remain. |
Tool
|
|
★★
|
|
2019-01-11 15:44:05 |
Yet Another Bypass: Is 2FA Broken? Authentication Experts Weigh In (lien direct) |
A penetration testing tool called Modlishka can defeat two-factor authentication in the latest 2FA security issue. We asked a roundtable of experts what it all means. |
Tool
|
|
|
|
2018-11-29 16:11:05 |
Cisco Patches Critical Bug in License Management Tool (lien direct) |
The vulnerability could allow attacker to execute arbitrary SQL queries. |
Tool
Vulnerability
|
|
|
|
2018-10-03 13:37:00 |
Artificial Intelligence: A Cybersecurity Tool for Good, and Sometimes Bad (lien direct) |
Attractive to both white-hats and cybercriminals, AI's role in security has yet to find an equilibrium between the two sides. |
Tool
|
|
★★★★
|
|
2018-09-27 20:08:00 |
ThreatList: Hackers Turn to Python as Attack Coding Language of Choice (lien direct) |
More than 20 percent of GitHub repositories containing an attack tool or an exploit proof of concept (PoC) are written in Python. |
Tool
|
|
|
|
2018-09-27 14:49:04 |
Weakness in Apple MDM Tool Allows Access to Sensitive Corporate Info (lien direct) |
A lack of authentication in Apple's Device Enrollment Program could allow attackers to scoop up Wi-Fi passwords and VPN configurations. |
Tool
|
|
|
|
2018-09-13 21:19:00 |
OilRig APT Continues Its Ongoing Malware Evolution (lien direct) |
The Iran-linked APT appears to be in a state of continuous tool development, analogous to the DevOps efforts seen in the legitimate software world. |
Malware
Tool
|
APT 34
|
|
|
2018-06-26 21:51:03 |
Mozilla Announces Firefox Monitor Tool Testing, Firefox 61 (lien direct) |
Mozilla is testing a new tool that securely checks to see if users' accounts have been hacked. |
Tool
|
|
|