Names such as Novelli, orangecake, Pirat-Networks, SubComandanteVPN, and zirochka are unlikely to mean anything to a vast majority of enterprise security teams. But for...
Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a...
By: Ravie Lakshmanan
SolarWinds, the enterprise monitoring software provider which found itself at the epicenter of the most consequential supply chain attacks, said as many...
By: Ravie Lakshmanan
A "persistent attacker group" with alleged ties to Hezbollah has retooled its malware arsenal with a new version of a remote access...
By: Tina Martin
Why You Need Cybersecurity to Protect Your Greatest Assets
When it comes to cybersecurity, you can never be too careful. After all, not...
By: Ravie Lakshmanan
Authentication services provider Okta on Wednesday named Sitel as the third-party linked to a security incident experienced by the company in late...
Authored by Ferhat Cil
CHMSC Elearning System version 1.0 suffers from a remote SQL injection vulnerability.
Change Mirror Download
# Exploit Title: CHMSC Elearning System 1.0 -...
Malicious email attachments with macros are one of the most common ways hackers get in through the door. Huntress security researcher John Hammond discusses...
DDoS threat to Lithuania continues. Hacktivists hit Iranian steel mill. Bumblebee loader takes C2C markteshare. CISA adds Known Exploited Vulnerabilities. Music piracy. Where do...
I Can Haz Domain Admin?
Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people...
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Usage
Flags
This...
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.
Sniffle has a number of useful features, including:
Support for BT5/4.2 extended...
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.
COMING SOON: SMB,...
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds...
Authored by h00die-gr3y | Site metasploit.com
The Acronis Cyber Protect appliance, in its default configuration, allows the anonymous registration of new protect/backup agents on new...
Authored by Stefan Viehboeck, Constantin Schieber-Knöbl | Site sec-consult.com
Various Siemens products suffer from vulnerabilities. There is an unlocked JTAG Interface for Zynq-7000 on SM-2558...
Authored by Daniel Hirschberger | Site sec-consult.com
Omada Identity versions prior to 15U1 and 14.14 hotfix #309 suffer from a persistent cross site scripting vulnerability.
advisories...