What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-01-26 16:09:43 | New Open Source Tool Helps Identify EtherNet/IP Stacks for ICS Research, Analysis (lien direct) | Industrial cybersecurity firm Claroty on Wednesday announced a new open source tool designed for identifying EtherNet/IP stacks. According to the company, the new “EtherNet/IP & CIP Stack Detector” tool can be useful to security researchers, operational technology (OT) engineers, and asset owners. | Tool | ||
|
2021-12-28 19:23:29 | Researchers Dive Into Equation Group Tool \'DoubleFeature\' (lien direct) | Security researchers at Check Point are publicly documenting the Equation Group APT's DoubleFeature, a component of DanderSpritz post-exploitation framework. | Tool | ||
|
2021-12-15 14:26:00 | Industry Reactions to Log4Shell Vulnerability (lien direct) | The widely used Log4j logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including profit-driven cybercriminals and state-sponsored groups. | Tool Vulnerability | ||
|
2021-12-15 11:47:36 | Problematic Log4j Functionality Disabled as More Security Issues Come to Light (lien direct) | Developers of the widely used Apache Log4j Java-based logging tool have disabled problematic functionality as more security issues have come to light. | Tool | ||
|
2021-12-15 09:40:31 | Web Browsing Security Firm Guardio Raises $47 Million (lien direct) | Web browsing protection tool Guardio on Tuesday announced that it came out of bootstrap mode with $47 million in funding. Guardio's first ever investment round was led by Tiger Global. Cerca Partners, Emerge, Samsung Next, Union, and Vintage also participated. | Tool | ||
|
2021-12-14 14:11:35 | Log4Shell Tools and Resources for Defenders - Continuously Updated (lien direct) | 
The widely used Apache Log4j Java-based logging tool is affected by a critical remote code execution vulnerability that has been increasingly exploited by malicious actors, including to deliver various types of malware.
|
Tool Vulnerability | ||
|
2021-12-10 14:00:57 | Fujitsu Retires Tool Targeted by Threat Actors (lien direct) | Japanese tech giant Fujitsu has announced plans to retire the ProjectWEB project information sharing tool after it was targeted by threat actors earlier this year. Designed to aid collaboration between teams, ProjectWEB is a tool that organizations can employ to share project data both within and outside of their environments. | Tool Threat | ||
|
2021-12-06 14:02:15 | Web Browsers Vulnerable to 14 New Types of XS-Leak Attacks (lien direct) | Researchers from two universities in Germany have developed a tool that can be used to check web browsers for cross-site leaks, and they claim to have identified 14 new attack classes. | Tool | ||
|
2021-11-10 16:07:38 | RPC Firewall Dubbed \'Ransomware Kill Switch\' Released to Open Source (lien direct) | Today at Black Hat London, Zero Networks announced the release of its RPC firewall – also dubbed the 'ransomware kill switch' – into open source. The tool provides granular control over RPC, capable of blocking the use of lateral movement hacker tools and stopping almost all ransomware in its tracks. | Ransomware Tool | ||
|
2021-11-05 14:58:45 | Researchers Release PoC Tool Targeting BrakTooth Bluetooth Vulnerabilities (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week warned on proof-of-concept (PoC) code for the BrakTooth Bluetooth vulnerabilities now being publicly available. | Tool | ★★★ | |
|
2021-11-02 11:22:35 | BlackMatter Ransomware Operators Develop Custom Data Exfiltration Tool (lien direct) | The cybercriminals operating the BlackMatter ransomware have started using a custom data exfiltration tool in their attacks, Symantec reports. | Ransomware Tool | ||
|
2021-10-22 14:41:38 | Facebook Introduces New Tool for Finding SSRF Vulnerabilities (lien direct) | Facebook on Thursday announced a new tool designed to help security researchers hunt for Server-Side Request Forgery (SSRF) vulnerabilities. | Tool | ||
|
2021-10-22 14:12:12 | After Nation-State Hackers, Cybercriminals Also Add Sliver Pentest Tool to Arsenal (lien direct) | The cybercriminal group tracked as TA551 recently showed a significant change in tactics with the addition of the open-source pentest tool Sliver to its arsenal, according to cybersecurity firm Proofpoint. | Tool | ||
|
2021-10-21 10:32:34 | US to Curb Hacking Tool Exports to Russia, China (lien direct) | US authorities unveiled Wednesday long-delayed new rules aimed at clamping down on export to nations like Russia and China of hacking technology amid a sharp uptick in cyberattacks globally. The rules, which are set to go into force in 90 days, would prevent the sale of certain software or devices to a list of countries unless approved by a bureau of the Commerce Department. | Tool | ||
|
2021-10-18 12:49:42 | Password Auditing Tool L0phtCrack Released as Open Source (lien direct) | The password auditing and recovery tool L0phtCrack is now open source and the project is looking for both maintainers and contributors. First released in 1997, L0phtCrack can be used to test password strength and recover lost Windows passwords via dictionary, brute-force, and other types of attacks. | Tool | ||
|
2021-10-15 10:42:43 | Deepfence Open Sources Vulnerability Mapping Tool \'ThreatMapper\' (lien direct) | Cloud and container security company Deepfence this week announced the open source availability of ThreatMapper, a tool designed to help organizations scan for, map, and rank application vulnerabilities. By performing post-deployment scans of applications and infrastructure, the platform seeks to identify emerging threats in both first-party and third-party solutions. | Tool Vulnerability | ★★★★ | |
|
2021-09-30 13:25:16 | New CISA Tool Helps Organizations Assess Insider Threat Risks (lien direct) | The United States Cybersecurity and Infrastructure Security Agency (CISA) this week released a tool to help organizations assess their insider threat risk posture. | Tool Threat | ||
|
2021-09-29 19:32:34 | Facebook Open-Sources \'Mariana Trench\' Code Analysis Tool (lien direct) | Facebook's security team on Wednesday pulled the curtain on Mariana Trench, an open-source tool that it has been using internally to identify vulnerabilities in Android and Java applications. | Tool | ||
|
2021-09-28 11:19:08 | ImmuniWeb Launches Free Tool for Identifying Unprotected Cloud Storage (lien direct) | Switzerland-based web and application security company ImmuniWeb on Tuesday announced the launch of a free online tool designed to help organizations identify unprotected cloud storage. | Tool | ★★★ | |
|
2021-09-08 01:42:01 | US-built Databases a Potential Tool of Taliban Repression (lien direct) | Over two decades, the United States and its allies spent hundreds of millions of dollars building databases for the Afghan people. The nobly stated goal: Promote law and order and government accountability and modernize a war-ravaged land. | Tool | ||
|
2021-08-24 15:42:13 | New iOS Zero-Click Exploit Defeats Apple \'BlastDoor\' Sandbox (lien direct) | Security researchers at Citizen Lab are documenting a new Apple iOS zero-click exploit being used to hijack data from fully patched iPhones in Bahrain. Citizen Lab said it found technical evidence connecting the new exploit to the Pegasus high-end spyware tool sold by controversial Israeli software vendor NSO Group. | Tool | ||
|
2021-07-29 15:37:25 | How Low-level Hackers Access High-end Malware (lien direct) | Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks. | Malware Tool | ||
|
2021-07-27 12:09:31 | Vulnerability in Popular Survey Tool Exploited in Possible Chinese Attacks on U.S. (lien direct) | A recently disclosed vulnerability affecting a popular survey creation tool has been exploited by a threat group that may be linked to China against organizations in the United States. | Tool Vulnerability Threat | ||
|
2021-07-26 12:23:41 | GitLab Releases Open Source Tool for Hunting Malicious Code in Dependencies (lien direct) | GitLab last week announced the release of a new open source tool designed to help software developers identify malicious code in their projects' dependencies. | Tool | ||
|
2021-07-19 14:51:49 | Cisco Discloses Details of Critical Advantech Router Tool Vulnerabilities (lien direct) | Cisco's Talos threat intelligence and research unit has disclosed the details of several critical vulnerabilities affecting a router monitoring application made by Taiwan-based industrial and IoT solutions provider Advantech. The affected tool is R-SeeNet, which is designed to help network administrators monitor their Advantech routers. | Tool Threat | ||
|
2021-07-16 13:34:21 | Vulnerabilities in Etherpad Collaboration Tool Allow Data Theft (lien direct) | XSS and Argument Injection Flaws Found in Popular Etherpad Collaboration Tool | Tool | ||
|
2021-07-03 12:30:24 | IT Software Firm Kaseya Hit By Supply Chain Ransomware Attack (lien direct) | Supply chain cyberattack by REvil ransomware gang on IT management tool could have wide blast radius | Ransomware Tool | ||
|
2021-07-01 11:28:24 | (Déjà vu) CISA Adds Ransomware Module to Cyber Security Evaluation Tool (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday announced the release of a new module for its Cyber Security Evaluation Tool (CSET), namely the Ransomware Readiness Assessment (RRA). | Ransomware Tool | ||
|
2021-06-30 16:59:19 | IBM Gifts Threat Hunting Tool to Open Cybersecurity Alliance (lien direct) | IBM Corp. on Wednesday announced that it is contributing the Kestrel open-source programming language for threat hunting to the Open Cybersecurity Alliance (OCA). | Tool Threat | ||
|
2021-06-22 10:10:19 | Research Shows Many Security Products Fail to Detect Android Malware Variants (lien direct) | A group of academic researchers has created a tool that can be used to clone Android malware and test the resilience of these new variants against anti-malware detection. | Malware Tool | ||
|
2021-06-16 16:55:21 | Google Rolls out E2EE For Android Messages App (lien direct) | Google has finally enabled end-to-end encryption (E2EE) for the Messages app in Android but the privacy-enhancing tool remains somewhat limited. Google announced end-to-end encryption is now available in Android, but only for one-on-one conversations between users of the Messages app. | Tool | ||
|
2021-06-14 21:00:28 | CodeCov Kills Off Bash Uploader Blamed for Supply Chain Hack (lien direct) | Following a major software supply chain compromise that exposed data for several major companies, developer tools startup CodeCov plans to kill off the Bash Uploader tool that was responsible for the breach. | Hack Tool | ||
|
2021-06-11 12:32:49 | Canada Privacy Watchdog Slams Police Use of Facial Recognition Tool (lien direct) | Federal police broke Canada's privacy laws by using a US company's controversial facial recognition software in hundreds of searches, an independent parliamentary watchdog ruled Thursday. | Tool | ||
|
2021-06-07 12:06:12 | New Google Tool Helps Developers Visualize Dependencies of Open Source Projects (lien direct) | Google has launched a new experimental tool designed to help application developers visualize the dependencies of open source projects. | Tool | ||
|
2021-05-21 14:01:52 | Microsoft Unveils SimuLand: Open Source Attack Techniques Simulator (lien direct) | Microsoft this week announced the availability of SimuLand, an open source tool that enables security researchers to reproduce attack techniques in lab environments. | Tool | ||
|
2021-05-10 17:14:57 | Google Releases Open Source Tool for Verifying Containers (lien direct) | Google has released a new open-source tool called cosign to make it easier to manage the process of signing and verifying container images. | Tool | ||
|
2021-05-07 16:32:02 | US-UK Gov Warning: SolarWinds Attackers Add Open-Source PenTest Tool to Arsenal (lien direct) | Agencies in the United States and the United Kingdom on Friday published a joint report providing more details on the activities of the Russian cyberspy group that is believed to be behind the attack on IT management company SolarWinds. The report reveals that the hackers started using the open-source adversary simulation framework Sliver after some of their operations were exposed. | Tool | ★★★★ | |
|
2021-04-29 01:39:41 | US Government Taking Creative Steps to Counter Cyberthreats (lien direct) | An FBI operation that gave law enforcement remote access to hundreds of computers to counter a massive hack of Microsoft Exchange email server software is a tool that is likely to be deployed “judiciously” in the future as the Justice Department, aware of privacy concerns, develops a framework for it | Hack Tool | ||
|
2021-04-27 13:29:38 | Adobe Releases Open Source Anomaly Detection Tool "OSAS" (lien direct) | Adobe this week announced the open-source availability of 'One-Stop Anomaly Shop' (OSAS), a new tool designed to help security teams discover anomalies in datasets. | Tool | ||
|
2021-04-16 02:47:55 | Codecov Bash Uploader Dev Tool Compromised in Supply Chain Hack (lien direct) | Security response professionals are scrambling to measure the fallout from a software supply chain compromise of Codecov Bash Uploader that went undetected since January and exposed sensitive secrets like tokens, keys and credentials from organizations around the world. | Hack Tool | ||
|
2021-04-09 16:55:31 | CISA Releases Tool to Detect Microsoft 365 Compromise (lien direct) | The U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool to help with the detection of potential compromise within Microsoft Azure and Microsoft 365 environments. | Tool | ||
|
2021-03-25 15:36:05 | Mamba Ransomware Leverages DiskCryptor for Encryption, FBI Warns (lien direct) | The Federal Bureau of Investigation (FBI) this week published an alert to warn of the fact that the Mamba ransomware is abusing the DiskCryptor open source tool to encrypt entire drives, including the operating system. | Ransomware Tool | ||
|
2021-03-16 00:22:56 | Microsoft Ships One-Click Mitigation Tool for Exchange Attacks (lien direct) | 
|
Tool | ||
|
2021-02-10 15:07:13 | Apple Patches Recent Sudo Vulnerability in macOS (lien direct) | Apple on Tuesday released macOS security updates to patch a recently disclosed vulnerability in the Sudo utility. Present in most Unix- and Linux-based operating systems out there, Sudo is a tool that allows users to execute programs with the privileges of another user, which by default is superuser. | Tool Vulnerability | ||
|
2021-02-05 13:31:32 | Open Source Tool Helps Organizations Secure GE CIMPLICITY HMI/SCADA Systems (lien direct) | Industrial cybersecurity firm OTORIO this week announced the availability of a new open source tool designed to help organizations secure their GE CIMPLICITY systems. | Tool | ||
|
2021-02-02 16:37:33 | A Swiss Army Knife for Industrial Operations Protection (lien direct) | When we think about a Swiss Army Knife, we immediately picture a high-quality, multi-functional tool to help us tackle a wide array of tasks. The digital equivalent is the smartphone. A more security-specific example is the all-in-one, wireless home protection system. These solutions typically include sensors for windows, doors, and rooms, as well as cameras to remotely see what is happening inside and out, and an app to control everything from wherever you are. | Tool | ||
|
2021-01-19 19:04:57 | FireEye Releases New Open Source Tool in Response to SolarWinds Hack (lien direct) | FireEye Mandiant on Tuesday announced the release of an open source tool designed to check Microsoft 365 tenants for the use of techniques associated with UNC2452, the name currently assigned by the cybersecurity firm to the threat group that attacked IT management company SolarWinds. | Hack Tool Threat | ||
|
2021-01-11 18:47:09 | Decryptor Released for Ransomware That Allegedly Helped Cybercriminals Make Millions (lien direct) | Bitdefender on Monday announced the availability of a free tool that organizations can use to recover files encrypted by DarkSide, a piece of ransomware that cybercriminals claim helped them make millions. | Ransomware Tool | ||
|
2021-01-05 20:34:57 | Crypto-Hijacking Campaign Leverages New Golang RAT (lien direct) | Reseachers are raising the alarm for a newly identified operation leveraging a new Remote Access Tool (RAT) written in Golang to steal crypto-currency from unsuspecting users. | Tool | ||
|
2021-01-05 04:59:54 | Ransomware Attacks Linked to Chinese Cyberspies (lien direct) | China-linked cyber-espionage group APT27 is believed to have orchestrated recent ransomware attacks, including one where a legitimate Windows tool was used to encrypt the victim's files. | Ransomware Tool | APT 27 APT 27 |
To see everything:
Our RSS (filtrered)
