Information Security

Iranian state TV was hacked to show a broadcast calling for Khamenei’s death

On: January 28, 2022

This Thursday night, multiple Iranian state TV channels broadcasted footage showing the leaders of an exiled dissident group and explicitly calling for the death of the country’s supreme leader, anRead More →

Novel phishing technique uses hacker-operated devices connected to an organization’s network via lateral phishing

On: January 28, 2022

In: Data Security

This week, Microsoft security teams reported the discovery of a phishing campaign characterized by the inclusion of a novel technique that consists of attaching a malicious device to the networkRead More →

Remote code execution vulnerability in Ghidra, NSA’s reverse engineering tool

On: January 27, 2022

In: Vulnerabilities

Information security specialists report the detection of a critical vulnerability in Ghidra, a free and open-source reverse engineering tool developed by the U.S. National Security Agency (NSA), broadly used byRead More →

New RAT malware evades detection using JavaScript code embedded in HTML receipt files instead of downloading an ISO file from remote servers

On: January 27, 2022

In: Malware

Cybersecurity specialists report the detection of a new phishing campaign dedicated to the delivery of the AsyncRAT Trojan hidden in an HTML attachment. This malware allows threat actors to monitorRead More →

Code from the BotenaGo botnet is posted on GitHub. Millions of companies at risk of DDoS attack

On: January 27, 2022

In: Malware

In late 2021, an AT&T security team published research on a new malware variant written in Golang, a popular open-source programming language. The source code of this malware, known asRead More →

New Linux LPE vulnerability affects millions of Ubuntu, Debian, CentOS and Fedora servers worldwide. Exploit code published

On: January 26, 2022

In: Vulnerabilities

Cybersecurity specialists report the detection of a critical vulnerability in the pkexec component of Polkit whose exploitation would allow obtaining root user privileges in the main Linux distributions. Tracked asRead More →

New vulnerability on Mac provides full access to iCloud accounts, PayPal and more of the affected users, as well as granting access to their microphone, camera and screen. The greatest reward ever delivered by Apple

On: January 26, 2022

In: Vulnerabilities

This week, a young cybersecurity researcher demonstrated how to hack the webcams of Mac devices to leave the devices completely open to other attack variants. Ryan Pickren submitted his reportRead More →

Privilege escalation flaw in Cisco Unified Contact Center Management Portal

On: January 25, 2022

In: Vulnerabilities

Cybersecurity specialists reported the finding of a critical vulnerability affecting Cisco Unified Contact Center Management Portal (Unified CCMP). According to the report, successful exploitation would allow hackers compromise the targetRead More →

Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (SMA) gateways. Update immediately

On: January 25, 2022

In: Vulnerabilities

Cybersecurity specialists report that hacking groups are actively exploiting CVE-2021-20038, a severe vulnerability in SonicWall Secure Mobile Access (SMA) gateways, fixed in late 2021. The flaw was described as anRead More →

These hexadecimal and octal IP addresses can bypass your security solution. Block them to avoid getting hacked by Emotet malware

On: January 25, 2022

In: Malware

Cybersecurity specialists from Trend Micro report the detection of a spam campaign dedicated to the deployment of the Emotet banking Trojan in which threat actors use hexadecimal and octal representationsRead More →

Information Security

Iranian state TV was hacked to show a broadcast calling for Khamenei’s death

Novel phishing technique uses hacker-operated devices connected to an organization’s network via lateral phishing

Remote code execution vulnerability in Ghidra, NSA’s reverse engineering tool

New RAT malware evades detection using JavaScript code embedded in HTML receipt files instead of downloading an ISO file from remote servers

Code from the BotenaGo botnet is posted on GitHub. Millions of companies at risk of DDoS attack

New Linux LPE vulnerability affects millions of Ubuntu, Debian, CentOS and Fedora servers worldwide. Exploit code published

New vulnerability on Mac provides full access to iCloud accounts, PayPal and more of the affected users, as well as granting access to their microphone, camera and screen. The greatest reward ever delivered by Apple

Privilege escalation flaw in Cisco Unified Contact Center Management Portal

Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (SMA) gateways. Update immediately

How Chinese APT hackers stole Lockheed Martin F-35 fighter plane to develop its own J-20 stealth fighter aircraft [VIDEO]

Nigeria spends more than any other African country in spying its citizens

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting

HOW TO ORGANIZE A PROTEST ANONYMOUSLY: RAISE YOUR VOICE AGAINST GOVERNMENT AND PROTEST WITHOUT BEING ARRESTED

Remote code execution vulnerability in Ghidra, NSA’s reverse engineering tool

New Linux LPE vulnerability affects millions of Ubuntu, Debian, CentOS and Fedora servers worldwide. Exploit code published

New vulnerability on Mac provides full access to iCloud accounts, PayPal and more of the affected users, as well as granting access to their microphone, camera and screen. The greatest reward ever delivered by Apple

Privilege escalation flaw in Cisco Unified Contact Center Management Portal

Threat actors are actively exploiting a critical vulnerability, CVE-2021-20038, in SonicWall Secure Mobile Access (SMA) gateways. Update immediately

How to hack WhatsApp easily with a very effective Termux WhatsApp phishing website

TOP 10: The best web browsers for cybersecurity specialists

Here’s how hackers remotely attack smartphones: Taking control of victim’s camera and microphone using just 11 commands

How to perform Kubernetes pentesting and secure it?

How to perform digital forensics of malicious PDF files? Easily checking if a PDF document has malware or backdoors

Top 6 tools used by hackers for stealing Windows domain cache credentials. 5 alternatives of Mimikatz

How to do penetration testing of IoT devices easily

How to do digital forensics of a hacked network with TCPDUMP

How to hack into WAF (Web application firewall) using XSS attacks?

How to do automatic vulnerability analysis and assessment of your applications & network free of cost?

New RAT malware evades detection using JavaScript code embedded in HTML receipt files instead of downloading an ISO file from remote servers

Code from the BotenaGo botnet is posted on GitHub. Millions of companies at risk of DDoS attack

These hexadecimal and octal IP addresses can bypass your security solution. Block them to avoid getting hacked by Emotet malware

Microsoft to turn off macros en Excel 4.0 by default to protect users from ransomware attacks

New made in China MoonBounce UEFI malware can’t be removed even if you replace your hard disk

Cyber Security Channel

How to Hack Bank’s Voice Recognition System – Voice Biometrics with DeepFake Voice Cloning

Step by step process of hacking ATMs using black box. ATM jackpotting

HOW TO ORGANIZE A PROTEST ANONYMOUSLY: RAISE YOUR VOICE AGAINST GOVERNMENT AND PROTEST WITHOUT BEING ARRESTED