Latest Cyber Security Updates
Cyber Security News
Roundcube Webmail 1.2 File Disclosure
Authored by stonepresto
Roundcube Webmail version 1.2 suffers from a file disclosure vulnerability.
advisories | CVE-2017-16651
Change Mirror Download
# Exploit Title: Roundcube Webmail 1.2 - File Disclosure...
Cyber Vulnerabilities & Exploits
The latest hacker news
Hackers Steal Mimecast Certificate Used to Securely Connect with Microsoft 365
By: Ravie Lakshmanan
Mimecast said on Tuesday that "a sophisticated threat actor" had compromised a digital certificate it provided to certain customers to securely connect...
Billions of Thai Internet Records Leaked
Over 8 billion real-time Internet records of users of Thailand’s largest cell network, Advanced Info Service (AIS), were leaked due to a misconfigured Elasticsearch...
Windows Vulnerability Allows Malware To Run With Admin Rights
Security researchers have discovered a workaround for a Microsoft Print Services vulnerability patch ( CVE-2020-1048 ) that allows attackers to execute malicious code with elevated privileges.
The vulnerability was discovered by...
Learning & Cyber Education
Hacking Operational Technology for Defense: Lessons Learned From OT Red Teaming Smart...
High-profile security incidents in the past decade have brought increased scrutiny to cyber security for operational technology (OT). However, there is a continued perception...
Breaches & Data Leaks
Maze Ransomware Attackers Hijacked Cognizant’s Tax ID, Social Security & Passport...
'We have determined that the personal information involved in this incident included your name and one or more of: your Social Security number and/or...
Most popular
Tesla Hacked and Stolen Again Using Key Fob
Belgian researchers demonstrate third attack on the car manufacturer’s keyless entry system, this time to break into a Model X within minutes.
Researchers have demonstrated...
eChat 1.0 SQL Injection
Authored by sML
eChat version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: eChat | Time-Based Blind SQL Injection# Exploit Author:...
Facebook Messenger For Android Forced Answer
Authored by Google Security Research, natashenka
Facebook Messenger for Android has an issue where an SdpUpdate message can cause an audio call to connect before...
Security & Hacking Tools
GitDorker – Scrape Secrets From GitHub Through Usage Of A Large Repository
GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I’ve compiled from various sources to...
Pesidious – Malware Mutation Using Reinforcement Learning
Malware Mutation using Deep Reinforcement Learning and GANs
The purpose of the tool is to use artificial intelligence to mutate a malware (PE32 only) sample to bypass...
Hellraiser – CVE-Search Vulnerability Scanner
HellRaiser
Vulnerability Scanner
Install
HellRaiser depends on cve-search API. Have a cve-search API running and add the address in config/config.yml on cvesearch_api_domain field.
Install ruby, bundler and rails. https://gorails.com/setup/ubuntu/16.04
Install redis-server and nmap.
sudo apt-get update
sudo apt-get...
Keepass – Secure Password Management
KeePass Features
Here are some "selling points" of KeePass. To get a first impression, you can also have a look at some of the screenshots. If...
OSSEC – A full platform to monitor and control your systems
OSSEC v3.6.0 Copyright (C) 2019 Trend Micro Inc.
Information about OSSEC
OSSEC is a full platform to monitor and control your systems. It mixes together all...
Daily Exploits
CITSmart ITSM 9.1.2.27 SQL Injection
Authored by skys
CITSmart ITSM version 9.1.2.27 suffers from a remote time-based blind SQL injection vulnerability.
advisories | CVE-2021-28142
Change Mirror Download
# Exploit Title: CITSmart ITSM 9.1.2.27...
HEUR.Hoax.Win32.FrauDrop.gen Insecure Permissions
Authored by malvuln | Site malvuln.com
HEUR.Hoax.Win32.FrauDrop.gen malware suffers from an insecure permissions vulnerability.
Change Mirror Download
Discovery / credits: Malvuln - malvuln.com (c) 2021Original source: https://malvuln.com/advisory/1d40e72fb8cf300298df4b828b48ec29.txtContact:...
Webmail Edition 5.2.22 XSS / Remote Code Execution
Authored by nu11secur1ty, Ventsislav Varbanovski, Alex Birnberg
Webmail Edition version 5.2.22 suffers from remote code execution and cross site scripting vulnerabilities via the Horde_Text_Filter library.
advisories...