Metasploit 6.2.0 improves credential theft, SMB support features, more
​Metasploit 6.2.0 has been released with 138 new modules, 148 new improvements/features, and 156 bug fixes since version 6.1.0 was released in August 2021. [...]
Showing only posts by Lawrence Abrams. Show all posts.
New Vytal Chrome extension hides location info that your VPN can't
A new Google Chrome browser extension called Vytal prevents webpages from using programming APIs to find your geographic location leaked, even when using a VPN. [...]
The Week in Ransomware - June 10th 2022 - Targeting Linux
It has been relatively quiet this week with many companies and researchers at the RSA conference. However, we still had some interesting ransomware reports released this week. [...]
Bizarre ransomware sells decryptor on Roblox Game Pass store
A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. [...]
Roblox Game Pass store used to sell ransomware decryptor
A new ransomware is taking the unusual approach of selling its decryptor on the Roblox gaming platform using the service's in-game Robux currency. [...]
Kali Linux team to stream free penetration testing course on Twitch
Offensive Security, the creators of Kali Linux, announced today that they would be offering free access to their live-streamed 'Penetration Testing with Kali Linux (PEN-200/PWK)' training course later this month. [...]
US seizes SSNDOB market for selling personal info of 24 million people
SSNDOB, an online marketplace that sold the names, social security numbers, and dates of birth of approximately 24 million US people, has been taken offline following an international law enforcement operation. [...]
Exploit released for Atlassian Confluence RCE bug, patch now
Proof-of-concept exploits for the actively exploited critical CVE-2022-26134 vulnerability impacting Atlassian Confluence and Data Center servers have been widely released this weekend. [...]
Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack
Hackers reportedly stole over $257,000 in Ethereum and thirty-two NFTs after the Yuga Lab's Bored Ape Yacht Club and Otherside Metaverse Discord servers were compromised to post a phishing scam. [...]
The Week in Ransomware - June 3rd 2022 - Evading sanctions
Ransomware gangs continue to evolve their operations as victims refuse to pay ransoms due to sanctions or other reasons. [...]
Novartis says no sensitive data was compromised in cyberattack
Pharmaceutical giant Novartis says no sensitive data was compromised in a recent cyberattack by the Industrial Spy data-extortion gang. [...]
Critical Atlassian Confluence zero-day actively used in attacks
Hackers are actively exploiting a new Atlassian Confluence zero-day vulnerability tracked as CVE-2022-26134 to install web shells, with no fix available at this time. [...]
Ransomware gang now hacks corporate websites to show ransom notes
A ransomware gang is taking extortion to a new level by publicly hacking corporate websites to publicly display ransom notes. [...]
New Windows Search zero-day added to Microsoft protocol nightmare
A new Windows Search zero-day vulnerability can be used to automatically open a search window containing remotely-hosted malware executables simply by launching a Word document. [...]
Industrial Spy data extortion market gets into the ransomware game
The Industrial Spy data extortion marketplace has now launched its own ransomware operation, where they now also encrypt victim's devices. [...]
DuckDuckGo browser allows Microsoft trackers due to search agreement
The privacy-focused DuckDuckGo browser purposely allows Microsoft trackers on third-party sites due to an agreement in their syndicated search content contract between the two companies. [...]
Fake Windows exploits target infosec community with Cobalt Strike
A threat actor targeted security researchers with fake Windows proof-of-concept exploits that infected devices with the Cobalt Strike backdoor. [...]
Elon Musk deep fakes promote new BitVex cryptocurrency scam
Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency. [...]
Elon Musk deep fakes promote new cryptocurrency scam
Cryptocurrency scammers are using deep fake videos of Elon Musk and other prominent cryptocurrency advocates to promote a BitVex trading platform scam that steals deposited currency. [...]
Ransomware attack exposes data of 500,000 Chicago students
The Chicago Public Schools has suffered a massive data breach that exposed the data of almost 500,000 students and 60,000 employee after their vendor, Battelle for Kids, suffered a ransomware attack in December. [...]
The Week in Ransomware - May 20th 2022 - Another one bites the dust
Ransomware attacks continue to slow down, likely due to the invasion of Ukraine, instability in the region, and subsequent worldwide sanctions against Russia. [...]
Conti ransomware shuts down operation, rebrands into smaller units
The notorious Conti ransomware gang has officially shut down their operation, with infrastructure taken offline and team leaders told that the brand is no more. [...]
National bank hit by ransomware trolls hackers with dick pics
After suffering a ransomware attack by the Hive operation, the Bank of Zambia made it clear that they were not going to pay by posting a picture of male genitalia and telling the hackers to s... (well, you can use your imagination). [...]
US recovers $15 million from global Kovter ad fraud operation
The US government has recovered over $15 million from Swiss bank accounts belonging to operators behind the '3ve' online advertising fraud scheme. [...]
Kali Linux 2022.2 released with 10 new tools, WSL improvements, and more
Offensive Security has released ​Kali Linux 2022.2, the second version in 2022, with desktop enhancements, a fun April Fools screensaver, WSL GUI improvements, terminal tweaks, and best of all, new tools to play with! [...]
« newer articles | page 24 | older articles »