Nuclei is a fast and customizable open-source vulnerability scanner powered by YAML-based templates. With its flexible templating system, Nuclei can be adapted to perform various security checks. It can send requests to multiple targets using customizable templates, ensuring zero false…
Tag: EN
ISC Stormcast For Monday, August 26th, 2024 https://isc.sans.edu/podcastdetail/9112, (Mon, Aug 26th)
This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from SANS Internet Storm Center, InfoCON: green Read the original article: ISC Stormcast For Monday, August 26th, 2024…
Alleged Karakut ransomware scumbag charged in US
Plus: Microsoft issues workaround for dual-boot crashes; ARRL cops to ransom payment, and more Infosec in brief Deniss Zolotarjovs, a suspected member of the Russian Karakurt ransomware gang, has been charged in a US court with allegedly conspiring to commit…
GenAI buzz fading among senior executives
GenAI adoption has reached a critical phase, with 67% of respondents reporting their organization is increasing its investment in GenAI due to strong value to date, according to Deloitte. “The State of Generative AI in the Enterprise: Now decides Next,”…
BlackSuit Ransomware
Key Takeaways In December 2023, we observed an intrusion that started with the execution of a Cobalt Strike beacon and ended in the deployment of BlackSuit ransomware. The threat actor … Read More This article has been indexed from The…
Pavel Durov’s Arrest Leaves Telegram Hanging in the Balance
Durov has reportedly been detained in France over Telegram’s alleged failure to adequately moderate illegal content on the messaging app. His arrest sparked backlash and left some associates asking, what now? This article has been indexed from Security Latest Read…
Traderie – 364,898 breached accounts
In September 2022, the in-game trading marketplace Traderie suffered a data breach that exposed almost 400k records (this preceded a subsequent breach the following year). The incident exposed email and IP addresses, usernames and links to social media profiles. The…
North Korea Exploited Windows Zero-Day Vulnerability to Install Fudmodule
North Korea’s Lazarus hacking group has once again exploited a zero-day vulnerability in Microsoft Windows to deploy malware on targeted devices. On August 13, Microsoft addressed this issue with its monthly Patch Tuesday updates, fixing a flaw in the…
The Port of Seattle and Sea-Tac Airport say they’ve been hit by ‘possible cyberattack’
The Port of Seattle, which also operates the Seattle-Tacoma International Airport, said it was hit with a “possible cyberattack” that appeared to affect websites and phone systems. The port first noted the outages via social media on Saturday morning, with…
Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says
Meta said it discovered a network of Iranian hackers, who posed as tech support agents for companies including AOL, Microsoft, Yahoo and Google. The post Iranian Hackers Targeted WhatsApp Accounts of Staffers in Biden, Trump Administrations, Meta Says appeared first…
Worried About Cash App Breach? These Three Steps Can Keep Your Financial Data Safe
You’re not alone if the most recent Cash App data hack made you nervous. In 2022, the parent company of Block, the peer-to-peer payment platform, failed to prevent unauthorised access to Cash App customer accounts. Cash App agreed to…
16 Years of Cybercrime: The Story of Greasy Opal’s CAPTCHA Solver
Certain tools and techniques have been persistent, continually adapting to new challenges and threats. One such tool is the CAPTCHA solver developed by Greasy Opal, a name that has become synonymous with cybercrime over the past 16 years. This blog…
New Styx Stealer Malware Targets Browsers and Instant Messaging for Data Theft
A new malware strain known as Styx Stealer has recently emerged, posing a significant threat to online security. Discovered in April 2024, Styx Stealer primarily targets popular browsers based on the Chromium and Gecko engines, such as Chrome and…
Sheltering From the Cyberattack Storm – Part Two
In the first part of this series, I discussed sophisticated cyberattacks, analyzed an example, and offered advice on how to remediate against such an attack. But the cybersecurity storm doesn’t stop… The post Sheltering From the Cyberattack Storm – Part Two…
Beyond CVSS: Advanced Vulnerability Prioritization Strategies for Modern Threats
The sheer volume of vulnerabilities discovered each year—combined with limited time and resources—demands a more sophisticated strategy for prioritization. While the Common Vulnerability Scoring System (CVSS) has long been the industry standard for assessing the severity of vulnerabilities, it has…
Dell Power Manager Privilege Escalation Vulnerability
Dell Technologies has issued a critical security update for its Dell Power Manager software following the discovery of a significant vulnerability that could allow attackers to execute code and escalate privileges on affected systems. The vulnerability, identified as CVE-2024-39576, has…
Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands
The Progress WhatsUp Gold team confirmed the existence of critical vulnerabilities in all versions of their software released before 2024.0.0. If exploited, these vulnerabilities could allow attackers to inject SQL commands, posing significant security risks to users. Although there have…
Chrome Zero-day Vulnerability Actively Exploited in the Wild
Google has announced the release of Chrome 128 to the stable channel for Windows, Mac, and Linux. This update, Chrome 128.0.6613.84 for Linux and 128.0.6613.84/.85 for Windows and Mac addresses a critical zero-day vulnerability actively exploited in the wild. The…
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 8
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Meet UULoader: An Emerging and Evasive Malicious Installer BlindEagle flying high in Latin America Finding Malware: Unveiling NUMOZYLOD with Google Security…
France police arrested Telegram CEO Pavel Durov
French police arrested Pavel Durov, founder and chief executive of Telegram, due to the lack of content moderation that advantaged criminal activity. Pavel Durov, the founder and CEO of Telegram, was arrested at Bourget airport near Paris on Saturday evening. According…