Red Hat Security Advisory 2020-0378-01 Link to post -- PacketStorm
Windscribe WindscribeService Named Pipe Privilege Escalation Link to post -- PacketStorm
Wago PFC200 Remote Code Execution Link to post -- PacketStorm
Ubuntu Security Notice USN-4263-2 Link to post -- PacketStorm
Socat 1.7.3.4 Heap Overflow Link to post -- PacketStorm
Red Hat Security Advisory 2020-0431-01 Link to post -- PacketStorm
Ubuntu Security Notice USN-4266-1 Link to post -- PacketStorm
Red Hat Security Advisory 2020-0375-01 Link to post -- PacketStorm
Kronos WebTA 4.0 Privilege Escalation / Cross Site Scripting Link to post -- PacketStorm
Verodin Director Web Console 3.5.4.0 Password Disclosure Link to post -- PacketStorm
Red Hat Security Advisory 2020-0374-01 Link to post -- PacketStorm
Ubuntu Security Notice USN-4265-2 Link to post -- PacketStorm
AVideo Platform 8.1 User Enumeration Link to post -- PacketStorm
Red Hat Security Advisory 2020-0366-01 Link to post -- PacketStorm
Red Hat Security Advisory 2020-0406-01 Link to post -- PacketStorm
AVideo Platform 8.1 Cross Site Request Forgery Link to post -- PacketStorm
xglance-bin Local Root Privilege Escalation Link to post -- PacketStorm
ISO-8385 Protocol Fuzzer Link to post -- PacketStorm
HiSilicon DVR/NVR hi3520d Firmware Backdoor Account Link to post -- PacketStorm
Ubuntu Security Notice USN-4265-1 Link to post -- PacketStorm
Ashley Madison Breach Extortion Scam Targets Hundreds Link to post -- PacketStorm
AZORult Campaign Adopts Novel Triple-Encryption Technique Link to post -- PacketStorm
Hacker pleads guilty to stealing Nintendo secrets Link to post -- PacketStorm
New ransomware doesn’t just encrypt data. It also meddles with critical infrastructure Link to post -- PacketStorm
Charges dropped against Coalfire security team who broke into courthouse during pen test Link to post -- PacketStorm
The CIA’s Infamous, Unsolved Kryptos Cryptographic Puzzle Gets a ‘Final Clue’ - VICE Link to post -- PacketStorm
TrickBot Switches to a New Windows 10 UAC Bypass to Evade Detection Link to post -- PacketStorm
Trump congratulates state of Kansas after Chiefs win Super Bowl but they play in Missouri - CNNPolitics Link to post -- PacketStorm
Huduma Namba: Kenya court halts biometric ID over data fears Link to post -- PacketStorm
Jeff Bezos met FBI investigators in 2019 over alleged Saudi hack | Technology Link to post -- PacketStorm
How to Get Into Bug Bounties - The Startup Link to post -- Medium
How to Protect Yourself from Unscrupulous Fraudsters Link to post -- Medium
CVE-2020-1925: Requests to arbitrary URLs in Apache Olingo Link to post -- Medium
Don’t Make This Common Salary Negotiation Mistake. It Can Easily Backfire Link to post -- Medium
When Raising a Round, Not All Capital is Equal - Inc Magazine Link to post -- Medium
How the Japanese Word ‘Ikigai’ Can Help Your Business Be More Successful Link to post -- Medium
Personal cybersecurity posture for when you’re just this guy, you know? Link to post -- Medium
Indexing Network Traffic with Moloch and Elastic - The Startup Link to post -- Medium
Building a UDP Scanner in Python - Software for the Utopian Link to post -- Medium
Past the Internet: The Emergence of the Modnet - Rachel Aliana Link to post -- Medium
A Look at Chrome's Security: Understanding V8 | Software for the Utopian Link to post -- Medium
Open-Sourcing riskquant, a library for quantifying risk Link to post -- Medium
Security Questions Are a Terrible, Horrible, Bad Idea Link to post -- Medium
How I built Heimdall, an open-source personal email guardian. Link to post -- Medium
The Bug That Exposed Your PayPal Password - Alex Birsan Link to post -- Medium
Why you should switch to Signal or Telegram from WhatsApp, Today Link to post -- Medium
I Opened My Connection To SSH Attacks, And These Were The Requests I Saw Link to post -- Medium
UK: Data leak exposes 17,000 yachting industry professionals Link to post
Salesforce Data Breach Suit Cites California Privacy Law Link to post
Golden Entertainment addresses data breach Link to post
Data Forensics Expert Witness: Facebook Exposes Personal Data! – Digitalmunition Link to post
Iranian-Backed APT34 Tries to Compromise Company Linked to U.S. Government – HOTforSecurity Link to post
AppSec Lessons Learned In 2019 | Information Security Buzz Link to post
Weather.com Has Become the Pawn of A Huge Data Theft Scheme Link to post -- Medium
Weekly Threat Briefing: Government Spyware Company Spied On Hundreds Of Innocent People Link to post
Warzone RAT Service Getting Popular Among Cybercriminals Link to post
DoppelPaymer Ransomware Gang Threatens to Dump Victims' Data Link to post
8 of the 10 Most Exploited Bugs Last Year Involved Microsoft Products – STE WILLIAMS Link to post
Twitter Suspends Fake Accounts for Exploiting API Vulnerability | SecurityWeek.Com Link to post
Come on, NSA, it’s time to join the fight against Windows hacking | Computerworld Link to post
These are the top ten software flaws used by crooks: Make sure you've applied the patches Link to post
Hackers Pose Increasing Risk to Medical Research Data Link to post
Protect Yourself From Cyberwarfare & Rootkit Threats – Digitalmunition Link to post
Analyzing WhatsApp Calls with Wireshark, radare2 and Frida Link to post
This is not Huawei to reassure people about Beijing's spying eyes: Trivial backdoor found in HiSilicon's firmware for net-connected cams, recorders • The Register Link to post
Anonymous creates pro-Taiwan page inside UN w... | Taiwan News Link to post
Reversing WannaCry Part 2 - Diving into the malware with #Ghidra - YouTube Link to post
Adding a Backdoor to AD in 400 Milliseconds Link to post
New Research on the Adtech Industry - Schneier on Security Link to post
Indian airline breach impacts 1.2m passengers | Information Age | ACS Link to post
SVG animate XSS vector | PortSwigger Research Link to post
Electrospaces.net: Review of Snowden's book Permanent Record - Part I: At the CIA Link to post
Wacom drawing tablets track the name of every application that you open | Robert Heaton Link to post
Researcher: Backdoor mechanism still active in devices using HiSilicon chips | ZDNet Link to post
Revisiting ReDoS: A Rough Idea of Data Exfiltration by ReDoS and Side-channel Techniques - Speaker Deck Link to post
Google, Tinder under investigation in Ireland over data processing | New Europe Link to post
GitHub - llamasoft/polyshell: A Bash/Batch/PowerShell polyglot! Link to post
Bouygues Construction Shuts Down Network to Thwart Maze Ransomware Link to post
Best Hacking Tools of 2019 – The Chinese Annual Hit List – Cyber Threat Insider Blog Link to post
Serious flaw that lurked in sudo for 9 years hands over root privileges | Ars Technica Link to post
@Th3G3nt3lman Shares His Recon Methodology and How He Consistently Collects $15,000 Bounties! - YouTube Link to post
CDPwn: 5 Zero-Days in Cisco Discovery Protocol | Armis Link to post
Researcher detects multiple security flaws in WhatsApp; helps Facebook to patch Link to post
Package 📦 Day via #PennFoster Online Locksmithing Course (334) - YouTube Link to post
Pro-Russian CyberSpy Gamaredon Intensifies Ukrainian Security Targeting - SentinelLabs Link to post
The Dark Side of Smart Lighting: Check Point Research Shows How Business and Home Networks Can Be Hacked from a Lightbulb - Check Point Software Link to post
Critical Security Flaw Found in WhatsApp Desktop Platform Allowing Cybercriminals Read From The File System Access Link to post
VPNs will change forever with the arrival of WireGuard into Linux | ZDNet Link to post
Schlage Primus Everest Picked and Gutted!!! - YouTube Link to post
Reversing WannaCry Part 2 - Diving into the malware with #Ghidra - YouTube Link to post
CVE-2019-12180 – ReadyAPI & SoapUI command execution via malicous project file | @Mediaservice.net Technical Blog Link to post
CVSS: 7.5 CentOS: Security Advisory for emacs-git (CESA-2020:0316) Link to vuln / exploit
----NVD Last 3 Days----
CVE#: CVE-2019-10784 Published Date: 2020-02-04 CVSS: NO CVSS Description: phppgadmin through 7.12.1 allows sensitive actions to be performed without validating that the request originated from the application. One such area, "database.php" does not verify the source of an HTTP request. This can be leveraged by a remote attacker to trick a logged-in administrator to visit a malicious page with a CSRF exploit and execute arbitrary system commands on the server.
CVE#: CVE-2019-10786 Published Date: 2020-02-04 CVSS: NO CVSS Description: network-manager through 1.0.2 allows remote attackers to execute arbitrary commands via the "execSync()" argument.
CVE#: CVE-2019-10787 Published Date: 2020-02-04 CVSS: NO CVSS Description: im-resize through 2.3.2 allows remote attackers to execute arbitrary commands via the "exec" argument. The cmd argument used within index.js, can be controlled by user without any sanitization.
CVE#: CVE-2019-10788 Published Date: 2020-02-04 CVSS: NO CVSS Description: im-metadata through 3.0.1 allows remote attackers to execute arbitrary commands via the "exec" argument. It is possible to inject arbitrary commands as part of the metadata options which is given to the "exec" function.
CVE#: CVE-2019-11251 Published Date: 2020-02-03 CVSS: NO CVSS Description: The Kubernetes kubectl cp command in versions 1.1-1.12, and versions prior to 1.13.11, 1.14.7, and 1.15.4 allows a combination of two symlinks provided by tar output of a malicious container to place a file outside of the destination directory specified in the kubectl cp invocation. This could be used to allow an attacker to place a nefarious file using a symlink, outside of the destination tree.
CVE#: CVE-2019-11256 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11257 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11258 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11259 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11260 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11261 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11262 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11263 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11264 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11265 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11266 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-11267 Published Date: 2020-02-03 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019.
CVE#: CVE-2019-12528 Published Date: 2020-02-04 CVSS: NO CVSS Description: An issue was discovered in Squid before 4.10. It allows a crafted FTP server to trigger disclosure of sensitive information from heap memory, such as information associated with other users' sessions or non-Squid processes.
CVE#: CVE-2019-15610 Published Date: 2020-02-04 CVSS: NO CVSS Description: Improper authorization in the Circles app 0.17.7 causes retaining access when an email address was removed from a circle.
CVE#: CVE-2019-15611 Published Date: 2020-02-04 CVSS: NO CVSS Description: Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications.
CVE#: CVE-2019-15612 Published Date: 2020-02-04 CVSS: NO CVSS Description: A bug in Nextcloud Server 15.0.2 causes pending 2FA logins to not be correctly expired when the password of the user is reset.
CVE#: CVE-2019-15613 Published Date: 2020-02-04 CVSS: NO CVSS Description: A bug in Nextcloud Server 17.0.1 causes the workflow rules to depend their behaviour on the file extension when checking file mimetypes.
CVE#: CVE-2019-15614 Published Date: 2020-02-04 CVSS: NO CVSS Description: Missing sanitization in the iOS App 2.24.4 causes an XSS when opening malicious HTML files.
CVE#: CVE-2019-15615 Published Date: 2020-02-04 CVSS: NO CVSS Description: A wrong check for the system time in the Android App 3.9.0 causes a bypass of the lock protection when changing the time of the system to the past.
CVE#: CVE-2019-15616 Published Date: 2020-02-04 CVSS: NO CVSS Description: Dangling remote share attempts in Nextcloud 16 allow a DNS pollution when running long.
CVE#: CVE-2019-15617 Published Date: 2020-02-04 CVSS: NO CVSS Description: A missing check in Nextcloud Server 17.0.0 allowed an attacker to set up a new second factor when trying to login.
CVE#: CVE-2019-15618 Published Date: 2020-02-04 CVSS: NO CVSS Description: Missing escaping of HTML in the Updater of Nextcloud 15.0.5 allowed a reflected XSS when starting the updater from a malicious location.
CVE#: CVE-2019-15619 Published Date: 2020-02-04 CVSS: NO CVSS Description: Improper neutralization of file names, conversation names and board names in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3 and Nextcloud Deck 0.6.5 causes an XSS when linking them with each others in a project.
CVE#: CVE-2019-15620 Published Date: 2020-02-04 CVSS: NO CVSS Description: Improper access control in Nextcloud Talk 6.0.3 leaks the existance and the name of private conversations when linked them to another shared item via the projects feature.
CVE#: CVE-2019-15621 Published Date: 2020-02-04 CVSS: NO CVSS Description: Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to be able to reshare with write permissions when sharing the mount point of a share they received, as a public link.
CVE#: CVE-2019-15622 Published Date: 2020-02-04 CVSS: NO CVSS Description: Not strictly enough sanitization in the Nextcloud Android app 3.6.0 allowed an attacker to get content information from protected tables when using custom queries.
CVE#: CVE-2019-15623 Published Date: 2020-02-04 CVSS: NO CVSS Description: Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled.
CVE#: CVE-2019-15624 Published Date: 2020-02-04 CVSS: NO CVSS Description: Improper Input Validation in Nextcloud Server 15.0.7 allows group admins to create users with IDs of system folders.
CVE#: CVE-2019-16893 Published Date: 2020-02-03 CVSS: NO CVSS Description: The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120 devices allows an unauthenticated attacker to reboot the device via a reboot.cgi request.
CVE#: CVE-2019-18193 Published Date: 2020-02-03 CVSS: NO CVSS Description: In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key material may be inadvertently logged if certain diagnostics are enabled.
CVE#: CVE-2019-18567 Published Date: 2020-02-03 CVSS: NO CVSS Description: Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
CVE#: CVE-2019-19119 Published Date: 2020-02-03 CVSS: NO CVSS Description: An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials.
CVE#: CVE-2019-19273 Published Date: 2020-02-04 CVSS: NO CVSS Description: On Samsung mobile devices with O(8.0) and P(9.0) software and an Exynos 8895 chipset, RKP (aka the Samsung Hypervisor EL2 implementation) allows arbitrary memory write operations. The Samsung ID is SVE-2019-16265.
CVE#: CVE-2019-19968 Published Date: 2020-02-04 CVSS: NO CVSS Description: PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.
CVE#: CVE-2019-20174 Published Date: 2020-02-03 CVSS: NO CVSS Description: Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
CVE#: CVE-2019-20446 Published Date: 2020-02-02 CVSS: NO CVSS Description: In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG file with nested patterns can cause denial of service when passed to the library for processing. The attacker constructs pattern elements so that the number of final rendered objects grows exponentially.
CVE#: CVE-2019-4451 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Identity Manager 6.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 163493.
CVE#: CVE-2019-4540 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813.
CVE#: CVE-2019-4541 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 165814.
CVE#: CVE-2019-4548 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Directory Server 6.4.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 165950.
CVE#: CVE-2019-4550 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Directory Server 6.4.0 is deployed with active debugging code that can create unintended entry points. IBM X-Force ID: 165952.
CVE#: CVE-2019-4551 Published Date: 2020-02-04 CVSS: 1.4 Description: IBM Security Directory Server 6.4.0 does not perform an authentication check for a critical resource or functionality allowing anonymous users access to protected areas. IBM X-Force ID: 165953.
CVE#: CVE-2019-4562 Published Date: 2020-02-04 CVSS: 1.4 Description: IBM Security Directory Server 6.4.0 stores sensitive information in URLs. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referer header or browser history. IBM X-Force ID: 166623.
CVE#: CVE-2019-4674 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Identity Manager 7.0.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 171510.
CVE#: CVE-2019-4675 Published Date: 2020-02-04 CVSS: NO CVSS Description: IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 171511.
CVE#: CVE-2019-4732 Published Date: 2020-02-03 CVSS: NO CVSS Description: IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. By placing a specially-crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 172618.
CVE#: CVE-2019-9501 Published Date: 2020-02-03 CVSS: NO CVSS Description: The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. By supplying a vendor information element with a data length larger than 32 bytes, a heap buffer overflow is triggered in wlc_wpa_sup_eapol. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
CVE#: CVE-2019-9502 Published Date: 2020-02-03 CVSS: NO CVSS Description: The Broadcom wl WiFi driver is vulnerable to a heap buffer overflow. If the vendor information element data length is larger than 164 bytes, a heap buffer overflow is triggered in wlc_wpa_plumb_gtk. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions.
CVE#: CVE-2019-9674 Published Date: 2020-02-04 CVSS: NO CVSS Description: Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
----Hacking Updates----
buserror updated simavr. This repo has 915 stars and 73 watchers. This repo was created on 2012-05-14. --- simavr is a lean, mean and hackable AVR simulator for linux & OSX Link to Repo
JJkip updated hacking-with-swift. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-13. --- None Link to Repo
hhvm updated user-documentation. This repo has 85 stars and 14 watchers. This repo was created on 2015-07-27. --- Documentation for those that use HHVM and write Hack code. http://twitter.com/HHVMDocCommits Link to Repo
hackclub updated workshops. This repo has 3 stars and 4 watchers. This repo was created on 2020-01-07. --- A new home for Hack Club Workshops (WIP) Link to Repo
thyroneproject updated Thyrone-Project. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-01. --- CS:GO BEST HACK Link to Repo
wtheisen updated TerminusBrowser. This repo has 24 stars and 4 watchers. This repo was created on 2017-06-11. --- CLI Reddit, Hacker News, 4chan, and lainchan browser Link to Repo
josephvisaac updated 1st-Project-2d-game. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-02. --- 1st Iron Hack Coding Boot-camp project: 2d video-game Link to Repo
wh-hackerexploit updated HackerExploit-v2. This repo has 8 stars and 2 watchers. This repo was created on 2019-12-22. --- Usage of WH-HackerExploit Hacking - v2 Tool for attacking targets without prior mutual consent is illegal. It's the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program. Only use for educational purposes. Link to Repo
abhaynayar updated ctf. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-17. --- 🚩 hacking write-ups, notes Link to Repo
facebook updated hhvm. This repo has 16410 stars and 1095 watchers. This repo was created on 2010-01-02. --- A virtual machine for executing programs written in Hack. Link to Repo
dead-hosts updated The-Big-List-of-Hacked-Malware-Web-Sites_git_mitchellkrogza. This repo has 5 stars and 2 watchers. This repo was created on 2018-01-10. --- Test of https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites Link to Repo
aravindvnair99 updated Phishing. This repo has 4 stars and 1 watchers. This repo was created on 2019-04-15. --- Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details by disguising as a trustworthy entity in an electronic communication. This is a demo of a phishing attack by a web site. Link to Repo
hipniusF updated mixEjerciciosJavaScript. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-29. --- Mix de Ejercicios JavaScript del Bootcamp de Hack a Boss por el alumno Marco Pérez González Link to Repo
vic4key updated Vutils. This repo has 5 stars and 1 watchers. This repo was created on 2018-05-12. --- Vutils or Vic Utilities is an utility library written in Modern C++ and for Modern C++. It helps your programming go easier, faster and simpler. Link to Repo
NoahSteam updated RomHackingTools. This repo has 3 stars and 1 watchers. This repo was created on 2018-04-20. --- Tools to help patching roms Link to Repo
Wurst-Imperium updated Wurst7. This repo has 58 stars and 6 watchers. This repo was created on 2019-09-04. --- Minecraft Wurst Hacked Client v7 Link to Repo
jcschubert updated hack-assembler. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- An Assembler for the Hack Computer Architecture. Link to Repo
miner updated hack. This repo has 0 stars and 1 watchers. This repo was created on 2015-10-20. --- Private Clojure hacks Link to Repo
hipniusF updated entregas-hab. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-25. --- Repositorio para las entregas de Hack A Boss del alumno Marco Pérez González. En la siguiente url se puede ver el resultado final de la última entrega a realizar: Link to Repo
praveenhm updated HackerNews-Bookmark. This repo has 14 stars and 4 watchers. This repo was created on 2013-03-08. --- Everyday collection of my Hacker news bookmark Link to Repo
ZQiu233 updated QTRHacker. This repo has 16 stars and 1 watchers. This repo was created on 2018-07-21. --- A hack for Terraria Link to Repo
jonasmagnusson updated hacking-setup. This repo has 1 stars and 1 watchers. This repo was created on 2020-01-30. --- Hacking tools and small scripts in CTFs and Bug Bounty. Link to Repo
RedHatNordicsSA updated iot-hack. This repo has 2 stars and 7 watchers. This repo was created on 2020-01-22. --- Hack event with Red Hat products and IoT devices Link to Repo
hackforla updated website. This repo has 12 stars and 16 watchers. This repo was created on 2018-04-18. --- Hack for LA's website Link to Repo
DFHack updated dfhack. This repo has 922 stars and 110 watchers. This repo was created on 2010-02-14. --- Memory hacking library for Dwarf Fortress and a set of tools that use it Link to Repo
----Security Updates----
dewebdes updated Iranian-Cyber-Army. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-04. --- Pure Security Development Link to Repo
mgmeisinger updated Py3.0-Security-Suite. This repo has 1 stars and 1 watchers. This repo was created on 2019-11-19. --- Terminal-based system with three programs: Authenticator, Pwd Cracker, Pwd Evaluator Link to Repo
Whonix updated Whonix. This repo has 381 stars and 72 watchers. This repo was created on 2012-05-28. --- Whonix is an operating system focused on anonymity, privacy and security. It's based on the Tor anonymity network, Debian GNU/Linux and security by isolation. DNS leaks are impossible, and not even malware with root privileges can find out the user's real IP. https://www.whonix.org Link to Repo
lf-edge updated eve. This repo has 122 stars and 19 watchers. This repo was created on 2019-04-19. --- EVE is Edge Virtualization Engine Link to Repo
CodaProtocol updated coda. This repo has 381 stars and 27 watchers. This repo was created on 2017-12-18. --- Coda is a new cryptocurrency with a constant size blockchain, improving scaling while maintaining decentralization and security. Link to Repo
trimstray updated nginx-admins-handbook. This repo has 10992 stars and 325 watchers. This repo was created on 2019-01-28. --- How to improve NGINX performance, security, and other important things. Link to Repo
project-everest updated hacl-star. This repo has 1257 stars and 102 watchers. This repo was created on 2016-06-23. --- HACL*, a formally verified cryptographic library written in F* Link to Repo
motzne updated security.enz.lu. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-09. --- None Link to Repo
jzharris updated 209AS-Embedded-Security. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-22. --- Special Topics in Circuits and Embedded Systems: Security and Privacy for Embedded Systems, Cyber-Physical Systems, and Internet of Things Link to Repo
andrew-chang-dewitt updated rpi-security-gpio2mqtt. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-21. --- A docker image for reading GPIO input from a PIR & publishing a message via MQTT on detection Link to Repo
Psy367 updated Psy-Plosion. This repo has 1 stars and 1 watchers. This repo was created on 2019-10-24. --- "Salute in salutations world‐wisely, electric air‐wavers, temporal materialists, the bloody dirty and non for we all swim in Sol. Alleviated we, Quasi‐Satya⸗Empyrean‐Theatre modifying in intent extend our reach into the abysmal‐abyssal of the deepest quarks to the incredibly expansive superstar‐clusters. You may all rest in peace your security is assured. Prestigious, of heightest order our leveraging solicitors and hardened, bleach marshal‐militant enforcers will claim existence."(+∞-~∞)psy367. Link to Repo
haroonawanofficial updated flameapk. This repo has 13 stars and 3 watchers. This repo was created on 2019-11-05. --- Artifical Intelligence Suite for Android Application Security Link to Repo
pivotal-cf updated docs-pcf-security. This repo has 3 stars and 43 watchers. This repo was created on 2017-01-25. --- None Link to Repo
Galmeno updated ContingencyPlan. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Risk management is normally a field of large corporations, however smaller businesses are often exposed to more direct risk exposures due to lack of spend on security. I want to build a easy-to-maintain contingency planning tool for the small and growing business. Link to Repo
tuliogoncalves5 updated spring. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Project JAVA, Spring Boot, Web, JPA, Devtools, Security, Thymeleaf, PostgreSQL Link to Repo
limetech updated sysdream. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Mitigation for security vulnerability reported by sysdream.com Link to Repo
JulienRC updated API_Security. This repo has 0 stars and 2 watchers. This repo was created on 2020-01-15. --- VET - Projet Link to Repo
nusenu updated OrNetStats. This repo has 15 stars and 2 watchers. This repo was created on 2017-05-08. --- Stats about the Tor network (website) Link to Repo
nusenu updated OrNetRadar. This repo has 3 stars and 2 watchers. This repo was created on 2017-06-08. --- Automatically detected Relay Groups on the Tor Network Link to Repo
ntop updated ntopng. This repo has 3095 stars and 140 watchers. This repo was created on 2015-04-30. --- Web-based Traffic and Security Network Traffic Monitoring Link to Repo
aelkz updated microservices-security. This repo has 2 stars and 2 watchers. This repo was created on 2019-09-14. --- This project is a demonstration on how to add security layer on applications using Red Hat Single Sign-On, Fuse and 3Scale. Link to Repo
CSVNetLab updated VanetSecurity. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- None Link to Repo
hectorm updated hblock-resolver. This repo has 9 stars and 2 watchers. This repo was created on 2018-06-11. --- A Docker image of Knot DNS Resolver with hBlock. Link to Repo
rehamashrafshouman updated Security-Ciphers. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- My CSE codes for security subject Link to Repo
cilium updated cilium. This repo has 4973 stars and 196 watchers. This repo was created on 2015-12-16. --- API-aware Networking and Security using eBPF and XDP Link to Repo
----PoC Updates----
companieshouse updated poc-ch-sdk-node. This repo has 0 stars and 26 watchers. This repo was created on 2020-02-03. --- Proof of Concept for an SDK for Node.JS written in JavaScript Link to Repo
ReillyKeith updated PrivateGroupChat. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-30. --- This is a demo proof of concept Link to Repo
jjgccg updated f35v2. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-31. --- Classfied proof of concept stuff, you know. Link to Repo
corkami updated pocs. This repo has 977 stars and 70 watchers. This repo was created on 2015-03-26. --- Proof of Concepts (PE, PDF...) Link to Repo
alxdavids updated voprf-poc. This repo has 4 stars and 3 watchers. This repo was created on 2019-12-01. --- Proof-of-concept implementation of the (V)OPRF protocol in https://datatracker.ietf.org/doc/draft-irtf-cfrg-voprf/ Link to Repo
fatihyildizli updated spiderfy. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-22. --- 🕷 crawling , 🕸 scraping | Tech stack: (🍃 Spring boot , 🌐 Selenium, 🗃 Jsoup, 🧾Tesseract ⚛️ React.js ) This project is only proof of concepts, does not relate commercial use. Link to Repo
MaxWMacaluso updated Team-Matrix. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Rapid Prototyping Proof of Concept Link to Repo
amit8-88 updated learningjava. This repo has 0 stars and 1 watchers. This repo was created on 2017-10-16. --- A collection of proof-of-concept programs which help in grasping the concepts of the java language. Link to Repo
joncolque updated fcmreactnative. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-04. --- Integrating Firebase Cloud Messaging on React Native. Proof of concept. Link to Repo
gsmalley10 updated QuickBite. This repo has 0 stars and 1 watchers. This repo was created on 2019-09-15. --- Proof-of-concept food delivery app 🍔 Link to Repo
tflearydev updated React-Parts. This repo has 0 stars and 2 watchers. This repo was created on 2020-01-21. --- Simple React.js Proof of Concept for a Daimler project, client side lives in my-app folder Link to Repo
970037201 updated Console-ZORK-application. This repo has 0 stars and 2 watchers. This repo was created on 2020-02-02. --- This is a simple proof of concept that I am trying out to self educate myself. Link to Repo
iRaySpace updated nutrition_app. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-14. --- Thesis' Proof-of-Concept App Link to Repo
outlandnish updated poc-vpn-detection. This repo has 17 stars and 0 watchers. This repo was created on 2020-02-05. --- Proof of Concept for simple Javascript based VPN detection Link to Repo
ldz-w updated proof-of-concept. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-16. --- TecDoc Proof Of Concept Link to Repo
Darrekt updated Sprout. This repo has 0 stars and 1 watchers. This repo was created on 2020-01-30. --- Marketing website and front-end interface for a proof-of-concept IoT device! Link to Repo
lorenzosinisi updated retex. This repo has 18 stars and 4 watchers. This repo was created on 2019-11-04. --- A boilerplate/proof-of-concept for a Rete Algorithm implementation in Elixir Link to Repo
JHDeerin updated notesPageTest. This repo has 0 stars and 0 watchers. This repo was created on 2018-06-13. --- A quick-n'-dirty proof of concept page for my school notes Link to Repo
awtyler updated beacon-bt-poc. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Proof-of-Concept app that utilizes Beacons to activate Bluetooth devices in the background Link to Repo
MengxuanChen updated Messaging-API. This repo has 0 stars and 1 watchers. This repo was created on 2020-02-05. --- Proof of concept Link to Repo
zrrrzzt updated lndr-poc. This repo has 0 stars and 1 watchers. This repo was created on 2019-12-29. --- Proof of concept for lndr Link to Repo
zcash updated zcash-android-wallet-sdk. This repo has 20 stars and 6 watchers. This repo was created on 2018-10-05. --- Wallet Proof of Concept Link to Repo
ForumViriumHelsinki updated CityLogistics. This repo has 0 stars and 4 watchers. This repo was created on 2019-12-03. --- Proof of concept app for last mile city logistics Link to Repo
Fattigman updated projectHt2019Jacob. This repo has 0 stars and 2 watchers. This repo was created on 2019-11-15. --- A proof of concept plugin for gene coexpression network with the ability to add personalized modules. Link to Repo
adamstewart1980 updated PoC. This repo has 0 stars and 1 watchers. This repo was created on 2014-07-16. --- Dumping ground for my proof of concepts and tech spikes Link to Repo
----#MALWARE----
quttera --> #Quttera FREE Web #Malware Scanner https://t.co/0eUOW7jUlk Keep your website safe! #HTML #JavaScript. Link with Tweet
AaronCuddeback --> RT @quttera: #Quttera #website #malware #scanner #API https://t.co/X3enkxwAA0 #wordpress #joomla #javascript #cybersec Link with Tweet
quttera --> #Quttera #website #malware #scanner #API https://t.co/X3enkxwAA0 #wordpress #joomla #javascript #cybersec Link with Tweet
devopsdotcom --> Cybereason discovered a malware campaign that has been leveraging Bitbucket repositories from Atlassian to launch c… https://t.co/zQT6ZYipRn Link with Tweet
quttera --> Website Anti #Malware for Small and Medium Business â Myths Revealed * #Quttera web security blog https://t.co/KcmhZ1jnvN Link with Tweet
CapitalAreaSIM --> RT @CSOonline: The sizable fines assessed for #databreaches in 2019 suggest that regulators are getting more serious about companies that d…
risksint --> RT @colCERT: !Alerta! campaña maliciosa está siendo enviada por correo electrónico a nombre de la @Registraduria con asunto “Su cedula de c…
securityblvd --> Check out latest blog from Michael Vizard: Cybereason discovered a malware campaign that has been leveraging Bitbu… https://t.co/wBYRFwWxLS Link with Tweet
Veracode --> Despite a decrease in malicious activity in the fourth quarter of 2019, Emolet #malware threats continue to thrive:… https://t.co/dzKZOQlX8m Link with Tweet
MaltrakN --> RT @xristfer: ⚠️ #Cybersecurity 🔓vulnerabilities discovered in the desktop client of #WhatsApp expose #Mac & #Windows 🖥️ users to #phishin…
----#PHISHING----
Ironcove --> The ways your personal information can be obtained are becoming more complex to detect. Read here for some tips on… https://t.co/du2HdT6j3a Link with Tweet
kupruz --> RT @InspiredeLearn: “Thanks to massive botnets, attackers are generating large-scale spam campaigns on-demand and immediately using them to…
Arianna_FCG --> "Il phishing è una delle minacce più diffuse e una delle più pericolose. Si stima che un’email su 99 sia un tentati… https://t.co/qsmnwKG9Eb Link with Tweet
phishin4pebbles --> RT @JamBase: #2nd #phish song during Super Bowl = “Free” #weareeverywhere https://t.co/V3K7h88Ill
Karambolager --> RT @CofenseIntel: What trends in the #phishing threat landscape did we observe over the last 3 months? And what can you expect in the comin…
cybersec_feeds --> RT @CofenseIntel: What trends in the #phishing threat landscape did we observe over the last 3 months? And what can you expect in the comin…
BarracudaMSP --> Our next #webinar is available tomorrow! Join us as we explain whey #MSPs should add an advanced… https://t.co/i0PDYcBgME Link with Tweet
There's an ongoing #phishing attempt targetting #XRP users.
⚠️If you receive a random,…
InspiredeLearn --> “Thanks to massive botnets, attackers are generating large-scale spam campaigns on-demand and immediately using the… https://t.co/dpWtrSN8U9 Link with Tweet
SyndicusInc --> Is #CyberTraining part of your new employee #OnBoarding? It should be! https://t.co/F5x80He5AE #HR #HumanResources… https://t.co/gYUf58VQ3c Link with TweetLink with Tweet
SocEngineerInc --> Cybercriminal impersonates executive to request information on New York nursing center patients… https://t.co/joelFJBquh Link with Tweet
EdGtslFcbngq6sk --> RT @lampyre_io: Do your #OSINT sock puppet user pics still look like stock ones? Try this unique face generator! It works on the basis of A…
jabnehov --> RT @fs0c131y: In this thread, I did a deep dive into the companies behind the faulty app during the #IowaCaucuses2020. I added all the sour…
akawombat42 --> RT @lampyre_io: Do your #OSINT sock puppet user pics still look like stock ones? Try this unique face generator! It works on the basis of A…
luis87c --> RT @Hakin9: TorBot - Open Source Intelligence Tool for the Dark Web https://t.co/tOcEyx8dXa
#infosec #hacking #hackers #Pentesting #progr… Link with Tweet
1234hormiga --> RT @PutinIsAVirus: USS Harry Truman in multiple satellite spottings in last couple of weeks.
Interestingly compared to past she appears to…
ShakiraSecurity --> RT @lampyre_io: Do your #OSINT sock puppet user pics still look like stock ones? Try this unique face generator! It works on the basis of A…
RDSWEB --> RT @ArrowontheHill: NBC Sky World News #osint unit is looking for journalists! Today’s challenge - a nuclear engineer is about to leave Hea…
RDSWEB --> RT @sherrod_im: See the awesome work from @peteruxer
RDSWEB --> RT @lampyre_io: Do your #OSINT sock puppet user pics still look like stock ones? Try this unique face generator! It works on the basis of A…
SourcingLover --> RT @lampyre_io: Do your #OSINT sock puppet user pics still look like stock ones? Try this unique face generator! It works on the basis of A…
n3r0x42 --> RT @sherrod_im: See the awesome work from @peteruxer
rickhholland --> If you love #threatintel and don't take yourself too seriously, apply for our .@digitalshadows Director of Intellig… https://t.co/3Mb4QEqxpT Link with Tweet
resecurity_com --> If you're building a #cybersecurity team this year, you definitely don't want to miss a recent podcast with our CEO… https://t.co/dIZOYVeJmm Link with Tweet
rickhholland --> Not only do we work together to produce high quality #ThreatIntel, but we also work together to produce high qualit… https://t.co/8DvZ64N3Mh Link with Tweet
rickhholland --> Whatever you do, don’t apply for this .@digitalshadows Director of Intelligence role unless you can sing.… https://t.co/CvoqEBLDCC Link with Tweet
SourceILS --> RT @SourceILS: Democracy Defenders Like AI: The Future of Artificial Intelligence for the US Intelligence Community
cyberreport_io --> USB armory Mk II: A secure computer on a USB stick featuring open source hardware design - Help Net Security… https://t.co/KMuJ6IP8yk Link with Tweet
RossMcPhaden --> RT @happygeek: By me @Forbes and @ForbesEurope: Google gets critical Android vulnerability patch rolling, but fragmented ecosystem undermin…
SourceILS --> RT @SourceILS: Genius Machines: The Future of Intelligence and Elite Soldiering
ThisMustStop5 --> RT @TrendMicro: Were you affected by the CVE-2020-0601 vulnerability? Use our Vulnerability Assessment Tool to find out if you're properl…
GRBail --> RT @likethecoins: My first-ever @redcanaryco blog is live! I hope this helps people discuss attribution in a more productive way. #threatin…
Reynolds_Global --> RT @TrendMicro: Were you affected by the CVE-2020-0601 vulnerability? Use our Vulnerability Assessment Tool to find out if you're properl…
FortinetFinServ --> #Cybercriminals continue to modify their attack strategies to increase accuracy and achieve their primary goals. Le… https://t.co/hG5UKuLEeh Link with Tweet
nscrutables --> RT @likethecoins: My first-ever @redcanaryco blog is live! I hope this helps people discuss attribution in a more productive way. #threatin…
SearchSecurity --> Download the latest issue of our online magazine "Information Security: Defending the Digital Infrastructure" here:… https://t.co/VZXmS6v9lI Link with Tweet
BongoFett7 --> RT @likethecoins: Today in my latest post, I share my top 10 recommendations for free resources to check out if you're getting started in #…
----#RANSOMWARE----
ESFERARED --> RT @ESFERARED: Y si, #Ransomware puede ser una forma de financiación como cualquier otra,#room39 https://t.co/7JHhFJArTt Link with Tweet
cybersec_feeds --> RT @Fabriziobustama: New strain of ransomware spreads via SYSVOL shares
sectest9 --> RT @DavidJOberly: FTC Announces Improved Data Security Orders With Greater Specificity and Accountability: https://t.co/fNoDDIO9BX #cyberse… Link with Tweet
CyberSecurityN8 --> RT @DavidJOberly: FTC Announces Improved Data Security Orders With Greater Specificity and Accountability: https://t.co/fNoDDIO9BX #cyberse… Link with Tweet
_israel_rivera --> RT @SonicWall: What is going on with the #Snake #EKANS ransomware? @WIRED takes a look at what @SentinelOne have been investigating - #rans…
DavidJOberly --> FTC Announces Improved Data Security Orders With Greater Specificity and Accountability: https://t.co/fNoDDIO9BX… https://t.co/O24LZJbKen Link with TweetLink with Tweet
MikeOSecurity --> #Ransomware has been a threat for almost a decade now. There is no excuse for cities to be falling prey to these cr… https://t.co/nVK1SeFSfm Link with Tweet
DivergentCIO --> You Need to Know About Your Healthcare Breach https://t.co/y2ZhS8nbSi #Healthcare #Breach #HealthRecord #Security… https://t.co/0T6OCZi0tl Link with TweetLink with Tweet
JF_Davis_ --> RT @menlosecurity: More than half of US organizations were affected by #ransomware and #phishing attacks last year according to new researc…
gdlinux --> #Ransomware is a serious threat to all organizations, and a successful attack can result in significant downtime, h… https://t.co/6AEnw2MaDV Link with Tweet
MaltrakN --> RT @xristfer: ⚠️ #Cybersecurity 🔓vulnerabilities discovered in the desktop client of #WhatsApp expose #Mac & #Windows 🖥️ users to #phishin…
mosterman --> RT @proofpoint: To Avoid Disruption, #Ransomware Victims Continue to Pay Up. https://t.co/Qeljs6XTsN #InfoSec Link with Tweet
wsann --> RT @IronNetTR: Phishing page targeting University of Amsterdam logins at hxxp://caibw1eshop.club/loading/
#opendir #phishing @UvA_Amsterda…
IronNetTR --> Phishing page targeting Unity National Bank logins at hxxp://getaccesslive.com/unitynationalbk/system/login.php… https://t.co/BUMNuiROAs Link with Tweet
TigzyRK --> Big "Annual bonus" #phishing currently sent through #malspam. I've seen 3 different emails in less than 30 mns. https://t.co/zQrDvtS6WM
sharmarohit19 --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
538355 --> RT @Chiardoni: Oggi, come ieri, strade di #Roma e mezzi di trasporto praticamente vuoti. E intanto i #Cracker sfruttano emotività e paura c…
cybersec_feeds --> RT @Chiardoni: Oggi, come ieri, strade di #Roma e mezzi di trasporto praticamente vuoti. E intanto i #Cracker sfruttano emotività e paura c…
Iglocska --> RT @D3LabIT: Today we have received 628 eMails of this malicious campaign! 🙄
Our #MISP Feed is full of details! 🤟
Thanks to the whole Twi…
Cryptolaemus1 --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
threat_osint --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
sectest9 --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
CyberSecurityN8 --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
ActorExpose --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
JAMESWT_MHT --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
M11Sec --> RT @bit_dam: #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
file sha1: 1d…
bit_dam --> #malspam #macro detected in-the-wild by
@BitDamSecurity
Missed by Office365 for the past 4 hours (now blocked)
iCyberFighter --> #Emotet Activity Rises as It Uses #Coronavirus Scare to Infect Targets in #Japan: https://t.co/wEf7hB2F8y |… https://t.co/SdskpZkfqj Link with TweetLink with Tweet
MakyCore --> RT @Slvlombardo: #EmoCheck, il tool che controlla se siamo stati infettati da #Emotet: ecco come funziona...
Il mio contributo via #CyberS…
HolgerJunker --> Currently collecting feature requests for ProcessBouncer that helps you prevent #emotet infections via DM https://t.co/tLocc9dhO4 Link with Tweet
TigermanRoot --> RT @Slvlombardo: #EmoCheck, il tool che controlla se siamo stati infettati da #Emotet: ecco come funziona...
Il mio contributo via #CyberS…
tuyoty --> RT @teamcymru: New #EmoCheck Tool Checks if You're Infected With #Emotet https://t.co/SXCV8CiTRM https://t.co/4wCtkZh6jE Link with Tweet
BBarnoux --> RT @teamcymru: New #EmoCheck Tool Checks if You're Infected With #Emotet https://t.co/SXCV8CiTRM https://t.co/4wCtkZh6jE Link with Tweet
malware28 --> RT @CofenseLabs: #emotet Sometimes makes mistakes... Here's their filename generation regex... https://t.co/LIkQSjpJJJ
megan_precious --> RT @USCERT_gov: ☠️ #MalwareMonday: #Emotet is a banking Trojan that functions as a downloader or dropper of other banking Trojans. It conti…
HaunterSec --> RT @CofenseLabs: #emotet Sometimes makes mistakes... Here's their filename generation regex... https://t.co/LIkQSjpJJJ
gh0std4ncer --> RT @Cryptolaemus1: #Emotet Daily Summary Post for 2020/02/04: E3 doc links hosting E1 docs? New loader on all 3 botnet distro 20:40-22:00UT…
malware28 --> Thanks @jpcert_en for this EmoCheck tool...My host is not infected
#Emotet
#Emocheck
#malware https://t.co/zpsgYtg2Uc
gh0std4ncer --> RT @CofenseLabs: #emotet Sometimes makes mistakes... Here's their filename generation regex... https://t.co/LIkQSjpJJJ
NelosoP --> RT @CofenseLabs: #emotet Sometimes makes mistakes... Here's their filename generation regex... https://t.co/LIkQSjpJJJ
gh0std4ncer --> RT @LadislavZezula: #Emotet DOCX files launch powershell.exe with BASE64 parameter, which is merged from (amongst other) document's variabl…
-----#BUGBOUNTY----
clevernyyyy --> RT @golfhackerdave: Bug Bounties are FUN especially when you get paid and can use free tools like @contrastsec CE https://t.co/9xp40X3USr #… Link with Tweet
davidtavarez --> RT @CyberWarship: Exploiting File Uploads Pt. 2 – A Tale of a $3k worth RCE.
myrmidae --> RT @scspcommunity: Into #bugbounties? Here's how you can take your #bugbounty game to a higher level!!
#bugbountytips #bugbounty #bughunti…
YoKoAcc --> RT @intigriti: How to Pwn A Pwned Citrix? Is it possible to upgrade your recon with the @discordapp and tweeted @jobertabma the best #bugbo…
steemdollars --> RT @insolario: #Insolar launches a bug #bounty program with leading ethical-hacker platform @Hacker0x01 to test its products.
intx0x80 --> RT @intigriti: How to Pwn A Pwned Citrix? Is it possible to upgrade your recon with the @discordapp and tweeted @jobertabma the best #bugbo…
Yumi_Sec --> Play with your HTTP headers, you can get a ton of
interesting behaviors in web applications solely by adding/removi… https://t.co/IRQgQ1nmR0 Link with Tweet
intigriti --> How to Pwn A Pwned Citrix? Is it possible to upgrade your recon with the @discordapp and tweeted @jobertabma the be… https://t.co/voOXh4eFhk Link with Tweet
FullDepo --> RT @insolario: #Insolar launches a bug #bounty program with leading ethical-hacker platform @Hacker0x01 to test its products.
Learn more:…
security_prince --> RT @PentesterLand: How to reach “cosmic brain level 10”, which bugs are dead 'cause of Samesite, IDORs the gift that keeps on giving, and m…
----#CYBERCRIME----
ZurichAdvocacy --> #CyberCrime is an ever-evolving threat that affects every industry. Zurich aims to be a market leader in combating… https://t.co/Tv4hYZhDFY Link with Tweet
cyansol --> Is it time your charity gained your Cyber Essentials accreditation?
#cybersecurity #cybercrime #cyberattack… https://t.co/B2Cui30Ora Link with Tweet
lifesciences_GE --> How vulnerable is healthcare to cyber-attack? Ian Trump explores the answer in this blog. @phathobbit… https://t.co/5vWIzRWK1V Link with Tweet
CMoschovitis --> German Researchers Accessed Service Members’ Sensitive Medical Data—and One Lawmaker Wants Answers
kaywhiteley1 --> RT @VanessaConIT: Have you signed up to attend our first #cybersecurity event tomorrow?
If not there is still time! Just drop me a DM to…
cyberse85817495 --> RT @PopcornSecurity: Did you know more than 1 in 5 #websites operated by #airports contain publicly known and exploitable #vulnerabilities,…
#cybercrime can impact an organisation’s reputation, customer ba…
sectest9 --> RT @AllianceNwc: Check out this graphic that explains what type of CYBER ATTACKS occurred last year & the potentially TRIGGERED POLICIES!…
CyberSecurityN8 --> RT @AllianceNwc: Check out this graphic that explains what type of CYBER ATTACKS occurred last year & the potentially TRIGGERED POLICIES!…
RedDrip7: It should be #CVE-2019-1367 rather than #CVE-2020-0674, and seems targeting #China from #Darkhotel #APT group. https://t.co/5QGHq98Q2i Link to Tweet
malware_traffic: 2020-02-03 - #malspam with attachment for #Emotet epoch 2 - Paste of headers/message text: https://t.co/dp33lyFbi6 - Pastebin raw: https://t.co/Twvet7dV1H - Sandbox analysis of Word doc: https://t.co/nxACjl64Bp https://t.co/lFeCudMQJG Link to Tweet
malware_traffic: Thanks to everyone who replied. Confirmed it's #Dridex, which is something I've seen from #RigEK in recent weeks. Link to Tweet
malware_traffic: 2020-02-03 - #malspam pushing #Qbot (#Qakbot) - email spoofed a Gmail address from a mailbox on a lab host I infected last year - The message is completely made up - Paste: https://t.co/UrcT4NCQbj - Pastebin raw: https://t.co/sNTIPfcA0E - Sandbox analysis: https://t.co/kw0cVyxeq3 https://t.co/MutzPv4gBv Link to Tweet
malware_traffic: 2020-02-03 - #Trickbot gtag ono29 - from PDF attachments in emails: Example of the PDF attachment available at: https://t.co/6500Lf3FSt - Link in PDF file --> password-protected zip archive (password in PDF message text) --> Trickbot EXE disguised as some sort of document/report https://t.co/zJFnsFHUmJ Link to Tweet
malware_traffic: 2020-02-03 - #Trickbot EXE files from URLs ending in ".png" - caused by Trickbot's mshareDll/mwormDll/TabDll modules - Paste of info: https://t.co/txhHVMjUnF - Pastebin raw: https://t.co/xUERRL4c7f https://t.co/L1eGZMBMpu Link to Tweet
jeromesegura: @AffableKraut @olihough86 @EKFiddle It started with EKs, but is for malicious HTTP/S traffic of any kind: malvertising, browlocks, web skimmers, C2 call backs, etc
Comes with public regexes but you can add your custom ones too. Link to Tweet
RedDrip7: It should be #CVE-2019-1367 rather than #CVE-2020-0674, and seems targeting #China from #Darkhotel #APT group. https://t.co/5QGHq98Q2i Link to Tweet
blackorbird: #ATTCK #PenetrationTest
wugeej: [PoC] Heap Overflow in F-Secure Internet Gatekeeper
malware_traffic: 2020-02-03 - #malspam with attachment for #Emotet epoch 2 - Paste of headers/message text: https://t.co/dp33lyFbi6 - Pastebin raw: https://t.co/Twvet7dV1H - Sandbox analysis of Word doc: https://t.co/nxACjl64Bp https://t.co/lFeCudMQJG Link to Tweet
jeromesegura: @AffableKraut @olihough86 @EKFiddle It started with EKs, but is for malicious HTTP/S traffic of any kind: malvertising, browlocks, web skimmers, C2 call backs, etc