What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-05-16 11:31:28 | MSBuild tool used to deliver RATs filelessly (lien direct) | Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on targeted Windows systems, including RAT and password-stealer. Researchers from Anomali observed threat actors abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and RedLine Stealer password-stealing malware on targeted Windows systems. “Anomali Threat Research discovered a campaign in which threat actors used […] | Malware Tool Threat | ||
|
2021-05-11 12:29:05 | (Déjà vu) Google open sources cosign tool for verifying containers (lien direct) | Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images. Google has released a new open-source tool called cosign that allows to sign, verify container images, it was developed to make signatures invisible infrastructure. Cosign supports: Hardware and KMS signing Bring-your-own PKI Our free OIDC PKI […] | Tool | ||
|
2021-04-22 15:47:16 | Cellebrite \'s forensics tool affected by arbitrary code execution issue (lien direct) | Cellebrite mobile forensics tool Ufed contains multiple flaws that allow arbitrary code execution on the device, SIGNAL creator warns. Moxie Marlinspike, the creator of the popular encrypted messaging app Signal, announced that Cellebrite mobile forensics tools developed by Cellebrite are affected by multiple vulnerabilities that could be exploited to achieve arbitrary code execution. Cellebrite develops […] | Tool | ||
|
2021-04-09 12:41:09 | (Déjà vu) CISA releases post-compromise tool Aviary to review Microsoft 365 (lien direct) | CISA released a Splunk-based dashboard for post-compromise activity in Microsoft Azure Active Directory (AD), Office 365, and MS 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA) has released a Splunk-based dashboard, dubbed Aviary, that could be used by administrators in the post-compromise analysis of Microsoft Azure Active Directory (AD), Office 365 (O365), and Microsoft 365 (M365) environments. […] | Tool | ||
|
2021-04-06 09:32:33 | This service allows checking if your mobile is included in the Facebook leak (lien direct) | Security researcher implemented a service to verify if your mobile number is included in the recent Facebook data leak. Security researcher Yaser Alosefer developed a new tool to help users to determine if their mobile numbers are included within the recent Facebook data leak that impacted 553 million users of the social networking giant. The […] | Tool | ||
|
2021-04-06 07:20:39 | (Déjà vu) Experts found critical flaws in Rockwell FactoryTalk AssetCentre (lien direct) | Rockwell Automation has recently addressed nine critical vulnerabilities in its FactoryTalk AssetCentre product with the release of version v11. The American provider of industrial automation Rockwell Automation on Thursday informed customers that it has patched nine critical vulnerabilities in its FactoryTalk AssetCentre product. FactoryTalk AssetCentre provides customers with a centralized tool for securing, managing, versioning, […] | Tool | ||
|
2021-04-03 12:39:48 | Activision warns of Call of Duty Cheat tool used to deliver RAT (lien direct) | The popular video game publisher Activision is warning gamers that threat actors are actively disguising a remote-access trojan (RAT) in Duty Cheat cheat tool. Activision, the company behind Call of Duty: Warzone and Guitar Hero series, is warning gamers that a threat actor is advertising cheat tools that deliver remote-access trojan (RAT). The company reported that […] | Tool Threat | ||
|
2021-03-28 09:53:41 | Security Affairs newsletter Round 307 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. If you want to also receive for free the international press subscribe here. CISA releases CHIRP, a tool to detect SolarWinds malicious activity Microsoft Defender can now protect servers against ProxyLogon […] | Tool | ||
|
2021-03-26 08:17:18 | FBI published a flash alert on Mamba Ransomware attacks (lien direct) | The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives. The Federal Bureau of Investigation (FBI) published an alert to warn that the Mamba ransomware is abusing the DiskCryptor open-source tool (aka HDDCryptor, HDD Cryptor) to encrypt entire drives. […] | Ransomware Tool | ||
|
2021-03-21 14:47:05 | CISA releases CHIRP, a tool to detect SolarWinds malicious activity (lien direct) | US CISA has released a new tool that allows detecting malicious activity associated with the SolarWinds hackers in compromised on-premises enterprise environments. US CISA released the CISA Hunt and Incident Response Program (CHIRP) tool, is a Python-based tool, that allows detecting malicious activity associated with the SolarWinds hackers in compromised on-premises enterprise Windows environments. Below […] | Tool | ||
|
2021-03-18 12:57:13 | WINTRIAGE: THE TRIAGE TOOL FOR WINDOWS DFIRERS (lien direct) | Wintriage is a live response tool that extracts Windows artifacts, it allows to extract the most artifacts as possible, but in a selective way Throughout my life, my daily job has been purely related to cybersecurity. But the branch I like the most is Incident Response and Forensics. So, I work as DFIRer. For many […] | Tool | ||
|
2021-03-17 20:56:27 | Data Breaches Tracker monitor unsecured ElasticSearch servers online (lien direct) | Cybersecurity research at WizCase, an online security and privacy portal, built a tool to track accessible ElasticSearch servers on the internet. Cybersecurity research at WizCase, an online security and privacy portal, developed a tool that allows track accessible ElasticSearch servers on the Internet. The tool scans the web for accessible ElasticSearch servers and displays different variables […] | Tool | ||
|
2021-03-16 08:27:36 | (Déjà vu) Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues (lien direct) | Microsoft released an Exchange On-premises Mitigation Tool (EOMT) tool to small businesses for the fix of ProxyLogon vulnerabilities. On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. The IT giant reported that at least one […] | Tool | ||
|
2021-03-11 21:33:36 | (Déjà vu) Expert publishes PoC exploit code for Microsoft Exchange flaws (lien direct) | This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon flaws. On March 2nd, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant […] | Hack Tool | ||
|
2021-03-08 13:11:43 | (Déjà vu) Microsoft updated MSERT to detect web shells used in attacks against Microsoft Exchange installs (lien direct) | Microsoft updated its Microsoft Safety Scanner (MSERT) tool to detect web shells employed in the recent Exchange Server attacks. Early this month, Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported Microsoft Exchange versions that are actively exploited in the wild. The IT giant reported that […] | Tool | ||
|
2021-03-06 16:50:08 | (Déjà vu) Microsoft releases IOC Detection Tool for Microsoft Exchange Server flaws (lien direct) | After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install is vulnerable. This week Microsoft has released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. In response to the […] | Tool | ★★★ | |
|
2021-03-04 16:39:12 | VMware addresses Remote Code Execution issue in View Planner (lien direct) | VMware released a security patch for a remote code execution vulnerability that affects the VMware View Planner product. VMware released a security patch for a remote code execution flaw, tracked as CVE-2021-21978, that affects the VMware View Planner. The View Planner is a free tool for Performance Sizing and Benchmarking of Virtual Desktop Infrastructure environments. […] | Tool Vulnerability | ||
|
2021-03-02 20:24:44 | Pwn20wnd released the unc0ver v 6.0 jailbreaking tool (lien direct) | The popular jailbreaking tool called “unc0ver” now supports iOS 14.3 and earlier releases, and is able to unlock almost every iPhone device. Pwn20wnd, the author of the jailbreaking tool “unc0ver,” has updated their software to support iOS 14.3 and earlier releases. The last release of the jailbreaking tool, unc0ver v6.0.0, now includes the exploit code […] | Tool | ||
|
2021-02-13 18:04:46 | Court documents show FBI could use a tool to access private Signal messages on iPhones (lien direct) | Court documents obtained by Forbes revealed that the FBI may have a tool that allows accessing private Signal messages on iPhones. Court documents related to a recent gun-trafficking case in New York and obtained by Forbes revealed that the FBI may have a tool to access private Signal messages. The documents revealed that encrypted messages can be intercepted from […] | Tool | ||
|
2021-02-11 22:50:56 | Avaddon ransomware decryptor released, but operators quickly reacted (lien direct) | An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it inefficient. The Spanish student Javier Yuste has released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free. Yuste is a student at […] | Ransomware Malware Tool | ||
|
2021-01-28 15:59:38 | TeamTNT group adds new detection evasion tool to its Linux miner (lien direct) | The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. The TeamTNT cybercrime group has upgraded their Linux cryptocurrency miner by adding open-source detection evasion capabilities, AT&T Alien Labs researchers warn. Early this year, researchers from Trend Micro discovered that the TeamTNT botnet was improved with the ability to steal Docker […] | Tool | ||
|
2021-01-20 13:01:02 | FireEye releases an auditing tool to detect SolarWinds hackers\' activity (lien direct) | Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached its networks. The experts explained how the UNC2452 and other threat actors breached […] | Tool Threat | ★★★★★ | |
|
2021-01-16 14:14:01 | Siemens fixed tens of flaws in Siemens Digital Industries Software products (lien direct) | Siemens has addressed tens of vulnerabilities in Siemens Digital Industries Software products that can allow arbitrary code execution. Siemens has addressed 18 vulnerabilities affecting some products of Siemens Digital Industries Software which provides product lifecycle management (PLM) solutions. The vulnerabilities affect Siemens JT2Go, a 3D viewing tool for JT data (ISO-standardized 3D data format) and […] | Tool | ||
|
2021-01-12 08:38:14 | (Déjà vu) Bitdefender releases free decrypter for Darkside ransomware (lien direct) | Security firm Bitdefender released a tool that allows victims of the Darkside ransomware to recover their files without paying the ransom. Good news for the victims of the Darkside ransomware, they could recover their files for free using a tool that was released by the security firm Bitdefender. The decrypter seems to work for all […] | Ransomware Tool | ★★★★ | |
|
2021-01-08 09:48:08 | Ezuri memory loader used in Linux and Windows malware (lien direct) | Multiple threat actors have recently started using the Ezuri memory loader as a loader to executes malware directly into the victims’ memory. According to researchers from AT&T's Alien Labs, malware authors are choosing the Ezuri memory loader for their malicious codes. The Ezuri memory loader tool allows to load and execute a payload directly into […] | Malware Tool Threat | ||
|
2020-12-30 16:01:41 | Google Docs bug could have allowed hackers to hijack screenshots (lien direct) | Google has addressed a bug in its feedback tool incorporated across its services that could have allowed attackers to view users’ private docs. Google has addressed a flaw in its feedback tool that is part of multiple of its services that could be exploited by attackers to take screenshots of sensitive Google Docs documents by […] | Tool | ||
|
2020-12-29 11:31:47 | (Déjà vu) CISA releases a PowerShell-based tool to detect malicious activity in Azure, Microsoft 365 (lien direct) | Cybersecurity and Infrastructure Security Agency (CISA) released a tool for detecting potentially malicious activities in Azure/Microsoft 365 environments. The Cybersecurity and Infrastructure Security Agency (CISA)’s Cloud Forensics team has released a PowerShell-based tool, dubbed Sparrow, that can that helps administrators to detect anomalies and potentially malicious activities in Azure/Microsoft 365 environments. The tool was developed to […] | Tool | ||
|
2020-12-25 23:53:44 | CrowdStrike releases free Azure tool to review assigned privileges (lien direct) | CrowdStrike released a free Azure security tool after it was notified by Microsoft of a failed attack leveraging compromised Azure credentials. While investigating the impact of the recent SolarWind hack, on December 15th Microsoft reported to CrowdStrike that threat actors attempted to read CrowdStrike’s emails by using a compromised Microsoft Azure reseller’s account. “Specifically, they […] | Tool Threat | ||
|
2020-12-18 12:26:17 | All-source intelligence: reshaping an old tool for future challenges (lien direct) | An enhanced version of the old all-source intelligence discipline could serve the purpose. By Boris Giannetto Hybrid, interconnected and complex threats require hybrid, interconnected and complex tools. An enhanced version of the old all-source intelligence discipline could serve the purpose. Today's society hinges on technologies and they will have most likely an ever-increasing clout in […] | Tool | ★★★★ | |
|
2020-11-10 13:22:03 | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike (lien direct) | Ransomware operators use fake Microsoft Teams updates to deploy Cobalt Strike and compromise the target networks. Ransomware operators are using malicious fake Microsoft Teams updates to deliver backdoors that lead the installation of the Cobalt Strike post-exploitation tool and compromise the target network. The ongoing COVID-19 pandemic is forcing a growing number of organizations and […] | Ransomware Tool Guideline | ||
|
2020-09-20 09:39:26 | Security Affairs newsletter Round 282 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. Gaming hardware manufacturer Razer suffered a data leak CIRWA Project tracks ransomware attacks on critical infrastructure Popular Marketing Tool exposes data of users of dating sites Staples discloses data breach […] | Ransomware Data Breach Tool | ||
|
2020-09-14 08:42:52 | (Déjà vu) Popular Marketing Tool exposes data of users of dating sites (lien direct) | Personal details of hundreds of users of dating sites were exposed online earlier this month. An Elasticsearch server containing personal details of hundreds of thousands of dating site users were exposed online without authentication. The unsecured database was discovered by security researchers from vpnMentor at the end of August. “vpnMentor's research team recently received a report from […] | Tool | ||
|
2020-08-30 11:29:55 | Security Affairs newsletter Round 279 (lien direct) | A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for you in your email box. A Google Drive weakness could allow attackers to serve malware Adobe released open- source tool Stringlifier to identify randomly generated strings Canadian delivery company Canpar Express suffered a ransomware attack […] | Ransomware Malware Tool | ||
|
2020-08-23 06:56:08 | Adobe released open- source tool Stringlifier to identify randomly generated strings (lien direct) | Adobe has released an open-source tool, dubbed Stringlifier, that allows users to identify randomly generated strings in any plain text, it can be used to sanitize logs. Adobe has released an open-source tool, dubbed Stringlifier, which was designed to identify randomly generated strings in any plain text. The Stringlifier tool was written in Python and […] | Tool | ||
|
2020-06-12 13:59:06 | Gamaredon group uses a new Outlook tool to spread malware (lien direct) | Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends […] | Malware Tool | ||
|
2020-06-11 18:09:02 | Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters (lien direct) | Microsoft's Azure Security Center (ASC) is warning of a hacking campaign that targets Kubeflow, a machine learning toolkit for Kubernetes. Hackers are targeting Kubeflow servers with administration panel exposed online, Microsoft warns. The tech giant has released a report today detailing a novel series of attacks against Kubeflow, a toolkit for deploying machine learning (ML) […] | Tool | Uber | |
|
2020-06-05 18:24:49 | New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain (lien direct) | ZLab malware researchers analyzed the attack chain used to infect Italian speaking victims with the Netwire malware. Introduction Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire (MITRE S0198), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups […] | Malware Tool | ||
|
2020-06-04 20:36:51 | Cycldek APT targets Air-Gapped systems using the USBCulprit Tool (lien direct) | A Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. Security experts from Kaspersky Lab reported that the Chinese threat actor tracked as Cycldek (aka Goblin Panda, or Conimes) has developed new tool to steal information from air-gapped systems. The Cycldek group was […] | Tool Threat | ||
|
2020-04-13 15:13:19 | Apple and Google join forces to develop Contact Tracing app against Coronavirus (lien direct) | Google and Apple recently announced a joint project for the development of a Coronavirus ‘contact tracing’ tool for mobile devices. A contact tracing app is a tool that could be used to contain new diseases, like Coronavirus, by tracking down and quarantining everyone that gets infected and localize any person that has been in contact […] | Tool | ||
|
2020-04-10 16:18:30 | Sophos Sandboxie is now available as an open-source tool (lien direct) | Sophos announced the public release of the source code of the sandbox-based isolation program Sandboxie. Sophos is going to release the Windows sandbox-based isolation program Sandboxie in open source. “Sandboxie has long been a favorite sandbox-based isolation tool since its original release over fifteen years ago. Now this technology will live on in the hands of its […] | Tool | ||
|
2020-04-08 13:47:41 | NSO CEO claims Facebook wanted NSO surveillance tool to spy on users (lien direct) | A new shocking revelation comes from the disputed from NSO Group and Facebook, NSO CEO claims Facebook tried to buy an Apple spying software in 2017. Reading this post you could have a better idea of the value of your privacy. In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks […] | Tool | ||
|
2020-04-06 18:47:41 | ENISA released a Tool to map dependencies to International Standards (lien direct) | The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies' indicators. ENISA has released a tool for the mapping of international security standards to interdependencies' indicators that have been introduced and demonstrated in the report Good practices on interdependencies between OES and DSPs. This ENISA report analyzed […] | Tool | ||
|
2020-04-01 08:00:10 | LimeRAT malware delivered using 8-year-old VelvetSweatshop trick (lien direct) | Researchers spotted a campaign using Excel files to spread LimeRAT malware using the 8-year-old and well-known VelvetSweatshop bug. Researchers at the Mimecast Threat Center spotted a new campaign using Excel files to spread LimeRAT malware using the 8-year-old VelvetSweatshop bug. LimeRAT is a powerful Remote Administration Tool publicly available as an open-source project on Github, it […] | Malware Tool Threat | ||
|
2020-02-20 13:39:13 | Cisco fixes a static default credential issue in Smart Software Manager tool (lien direct) | Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access and code execution, elevation of privilege, denial of service, and cross-site request forgeries. One of […] | Tool | ||
|
2020-02-19 14:01:47 | 5 Ways artificial intelligence Is Being Used to Keep Sensitive Information Secure (lien direct) | Artificial intelligence is an immensely helpful tool for businesses and consumers alike, how to use artificial intelligence to secure sensitive Information Artificial intelligence (AI) is an immensely helpful tool for businesses and consumers alike. By processing data quickly and predicting analytics, AI can do everything from automating systems to protecting information. In fact, keeping data […] | Tool | ||
|
2020-01-28 10:37:16 | Cyber Threat Trends Dashboard (lien direct) | Marco Ramilli published the Cyber Threat Trends Dashboard, a useful tool that will allow us to better understand most active threats in real time. Introduction Information sharing is one of the most important activity that cybersecurity researchers do on daily basis. Thanks to “infosharing” activities it is possible to block or, in specific cases, to […] | Tool Threat | ||
|
2020-01-21 07:13:59 | NIST releases version 1.0 of the Privacy Framework (lien direct) | The NIST released version 1.0 of Privacy Framework, it is a tool designed to help organizations to manage privacy risks. The National Institute of Standards and Technology (NIST) has published the release version 1.0 of its privacy framework. The Framework is a voluntary tool that can be used by organizations to manage risks in compliance […] | Tool | ||
|
2019-12-29 09:25:34 | A previously undetected FIN7 BIOLOAD loader drops new Carbanak Backdoor (lien direct) | Experts uncovered a new tool dubbed BIOLOAD used by the FIN7 cybercrime group used as a dropper for a new variant of the Carbanak backdoor. Security experts from Fortinet’s enSilo have discovered a new loader, dubbed BIOLOAD, associated with the financially-motivated group FIN7. The group that has been active since late 2015 targeted businesses worldwide […] | Tool | ||
|
2019-12-05 12:34:51 | China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors (lien direct) | China is accused to have used the “Great Cannon” DDoS tool to launch attacks against LIHKG, a forum used by Hong Kong residents to organize protests. The Great Cannon Distributed Denial of Service (DDoS) tool was used again by the Chinese government, this time it was used to target the LIHKG forum used by Hong Kong protesters to […] | Tool | ||
|
2019-11-20 06:35:59 | Ransomware Revival: Troldesh becomes a leader by the number of attacks (lien direct) | Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. Group-IB, a Singapore-based cybersecurity company: ransomware accounted for over half of all malicious mailings in H1 2019, detected and analyzed by Group-IB's Computer Emergency Response Team (CERT-GIB), with Troldesh aka Shade being the most popular tool […] | Ransomware Tool |
To see everything:
Our RSS (filtrered)
