ThreatChat ThreatHistory Video Feed

Windows “PetitPotam” network attack – how to protect against it

US court gets UK Twitter hack suspect arrested in Spain

S3 Ep42: Viruses, Nightmares, patches, rewards and scammers [Podcast]

Windows “HiveNightmare” bug could leak passwords – here’s what to do!

Apple iPhone patches are out – no news if recent Wi-Fi bug is fixed

S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories [Podcast]

More PrintNightmare: “We TOLD you not to turn the Print Spooler back on!”

Want to earn $10 million? Snitch on a cybercrook!

The Code Red worm 20 years on – what have we learned?

Home delivery scams get smarter – don’t get caught out

Microsoft Rushes Fix for ‘PetitPotam’ Attack PoC

Malware Makers Using ‘Exotic’ Programming Languages

Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn

Kaseya Obtains Universal Decryptor for REvil Ransomware

The True Impact of Ransomware Attacks

Discord CDN and API Abuses Drive Wave of Malware Detections

5 Steps to Improving Ransomware Resiliency

FIN7 Liquor Lure Compromises Law Firm with Backdoor

FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics

Indictments, Attribution Unlikely to Deter Chinese Hacking

Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows

Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections

NPM Package Steals Chrome Passwords

Protecting Phones From Pegasus-Like Spyware Attacks

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

Spotlight on Cybercriminal Supply Chains

Breaking Down Joe Biden's $10B Cybersecurity 'Down Payment'

CISOs Prep For COVID-19 Exposure Notification in the Workplace

Pandemic-Bored Attackers Pummeled Gaming Industry

Exclusive Ransomware Poll: 80% of Victims Don’t Pay Up

Utilities 'Concerningly' at Risk from Active Exploits

Lewd Phishing Lures Aimed at Business Explode

CISOs Struggle to Cope with Mounting Job Stress

What’s Next for REvil’s Victims? 

What’s Making Your Company a Ransomware Sitting Duck

Insider Risks In the Work-From-Home World

SASE & Zero Trust: The Dream Team

Podcast: The State of Ransomware

Effective Adoption of SASE in 2021

Where Bug Bounty Programs Fall Flat

National Surveillance Camera Rollout Roils Privacy Activists

Malware Gangs Partner Up in Double-Punch Security Threat

How Email Attacks are Evolving in 2021

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

How the Pandemic is Reshaping the Bug Bounty Landscape

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Cybercriminals Step Up Their Game Ahead of U.S. Elections

A Cyber 'Vigilante' is Sabotaging Emotet's Return

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

Microsoft shares mitigations for new PetitPotam NTLM relay attack

Microsoft shares mitigations for new PetitPotam NTLM relay attack

Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots

Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots

Microsoft’s fix for Windows 10 gaming issues is coming soon

Twitter reveals surprisingly low two-factor auth (2FA) adoption rate

Twitter reveals surprisingly low two-factor auth (2FA) adoption rate

Microsoft Defender ATP now secures removable storage, printers

Apple fixes zero-day affecting iPhones and Macs, exploited in the wild

Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities

Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities

No More Ransom saves almost €1 billion in ransomware payments in 5 years

No More Ransom saves almost €1 billion in ransomware payments in 5 years

Signal fixes bug that sent random images to wrong contacts

Signal fixes bug that sent random images to wrong contacts

A closer look at Windows 11’s recent changes

Microsoft 365 drops support for Internet Explorer 11 in August

Windows 10 July security updates break printing on some systems

New PetitPotam attack allows take over of Windows domains

Fake Windows 11 installers now used to infect you with malware

Fake Windows 11 installers now used to infect you with malware

MacOS malware steals Telegram accounts, Google Chrome data

MacOS malware steals Telegram accounts, Google Chrome data

The Week in Ransomware - July 23rd 2021 - Kaseya decrypted

The Week in Ransomware - July 23rd 2021 - Kaseya decrypted

Microsoft backtracks on Windows 11 using dark mode by default

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows

Attackers deploy cryptominers on Kubernetes clusters via Argo Workflows

Emmanuel Macron ‘pushes for Israeli inquiry’ into NSO spyware concerns | France

An explosive spyware report shows limits of iOS, Android security

Microsoft: Here's how to shield your Windows servers against this credential stealing attack

CWE -

2021 CWE Top 25 Most Dangerous Software Weaknesses

Red Hat Security Advisory 2021-2881-01

Gentoo Linux Security Advisory 202107-55

WordPress SP Project And Document Remote Code Execution

Backdoor.Win32.Nbdd.bgz Buffer Overflow

Backdoor.Win32.Bifrose.acci Buffer Overflow

WordPress Modern Events Calendar Remote Code Execution

Kernel Live Patch Security Notice LSN-0079-1

Gentoo Linux Security Advisory 202107-54

Backdoor.Win32.PsyRat.b Code Execution

NoteBurner 2.35 Denial Of Service

Backdoor.Win32.PsyRat.b Denial Of Service

Backdoor.Win32.Agent.cu Code Execution

Backdoor.Win32.Agent.cu Man-In-The-Middle

Red Hat Security Advisory 2021-2883-01

XOS Shop 1.0.9 Arbitrary File Deletion

Red Hat Security Advisory 2021-2882-01

Backdoor.Win32.Agent.cu Authentication Bypass

Leawo Prof. Media 11.0.0.1 Denial Of Service

Backdoor.Win32.Mazben.me Unauthenticated Open Proxy

Backdoor.Win32.Hupigon.aaur Unauthenticated Open Proxy

Elasticsearch ECE 7.13.3 Database Disclosure

Zabbix 5.x SQL Injection / Cross Site Scripting

Gentoo Linux Security Advisory 202107-53

Logwatch 7.5.6

hardwear.io 2021 Netherlands Call For Papers

Researchers find new attack vector against Kubernetes clusters via misconfigured Argo Workflows instances

Kaseya says it has now got the REvil decryption key and it works

Israel to examine whether spyware export rules should be tightened | Israel

Critical Jira Flaw in Atlassian Could Lead to RCE

NSO Says ‘Enough Is Enough,’ Will No Longer Talk to the Press About Damning Reports

SC Media | Long-awaited bill would force breach victims to contact CISA

740 ransomware victims named on data leak sites in Q2 2021: report

Saudi Aramco denies breach after hackers hawk stolen files

NPM Package Steals Chrome Passwords

Home and office routers come under attack by China state hackers, France warns

SOC2 doesn’t mean what you think it means | by Trey Tacon | CodeX | Jul, 2021 | Medium

PCQ is (No) Picnic. And then there were three: CRYSTALS… | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Jul, 2021 | Medium

ASecuritySite: When Bob Met Alice – Medium

How to enable MFA delete for S3 buckets? | by Workfall | The Workfall Blog | Jul, 2021 | Medium

SOC2 doesn’t mean what you think it means | by Trey Tacon | CodeX | Jul, 2021 | Medium

Average ransomware payment declined by 38% in second quarter of 2021, new Coveware report says - CyberScoop

Scanning your iPhone for Pegasus, NSO Group's malware

Cybersecurity Strategies - Part 1 What Is A Cyber Strategy - YouTube

Friday Squid Blogging: The Evolution of Squid - Schneier on Security

Geico data breach exposed customers' driver's license numbers

What You Need to Know About PrintNightmare Vulnerability (CVE-2021-34527)

When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure | Microsoft Security Blog

Pan #2 CL - Entry for #1MillionScovilleLocksportClub - Mad Dog 357 25th Anniversary Edition - YouTube

[L155] Abus XP20S Lock - pick and gut - YouTube

Overcome Approach Anxiety with Exposure Therapy - The First Exercise for Beginners - YouTube

Researchers Hid Malware Inside an AI’s ‘Neurons’ and It Worked Scarily Well

60: Another Bosnianbill Update - YouTube

(ENG-211) Lockpicking - Giveaway entry #RPDoubleTrouble - YouTube

Important Notice July 26th, 2021 – Kaseya

16 of 30 Google results contain SQL injection vulnerabilities

‘Holy moly!’: Inside Texas' fight against a ransomware hack

Shielder - Mattermost server v5.32 > v5.36 Reflected XSS in OAuth flow

Vulnerability Summary for the Week of July 19, 2021 | CISA

my test lock - YouTube

Pre-Auth RCE in ManageEngine OPManager · Haxolot.com

Browsers — A Localhost Gateway: Client Port Scanning Using WebAssembly And Go | by Avi Lumelsky | Jul, 2021 | Medium

[14] Assa Twin Combi Pick and Gut - YouTube

[102] Ruko 2 padlock with 5 pin Zeiss Ikon snowman core picked and gutted - YouTube

The role of the cyber leader in building secure ecosystems | World Economic Forum

Python RE Bypass Technique

Commercial Location Data Used to Out Priest - Schneier on Security

Getting Partial AWS Account IDs for any Cloudfront Website

A guide to non-conventional WAF/IDS evasion techniques – 0xFFFF@blog:~$

China's new software policy weaponizes cybersecurity research | TheHill

GitHub - ShivamRai2003/Reconky-Automated_Bash_Script: Reconky is an amazing Content Discovery bash script for bug bounty hunters which automate lot of task and organized in the well mannered form which help them to look forward.

Fantastic Windows Logon types and Where to Find Credentials in Them

virusbtn: Why shouldn't a trojan be classed as malware? @struppigel explains in his latest video "Trojan horse is not a malware type". https://t.co/vDFwRExCWW

virusbtn: Trend Micro writes about an Android malware sample which was posted on the Syrian e-Gov website and which contained several clues that link it to the StrongPity APT group. https://t.co/z3wGURlFh4 https://t.co/dRvHzBTm8J

virusbtn: Cisco Talos reports on the most prevalent threats observed by its researchers between 16 and 23 July. https://t.co/svSxsfRTg6 https://t.co/vHgFXnS13v

virusbtn: Malwarebytes' @hasherezade writes about recent new ransomware AvosLocker, which doesn't distinguish itself much from other ransomware apart from being unusually noisy. https://t.co/KBEMKoagFU https://t.co/y97zR2GL3z

virusbtn: OALabs has posted a new tutorial video on building a Python config extractor for Warzone RAT. https://t.co/DSrppXsefF

TalosSecurity: This week's Talos Takes is all about business email compromise. How can you avoid being the next victim? And will it ever go away? https://t.co/Xi0c550zTa https://t.co/P7qSIx1CDY

TalosSecurity: The latest edition of the Threat Source newsletter is out now, bringing you the latest Talos research and #cybersecurity news. Today we've got #WhatsApp privacy features, #spyware and much more https://t.co/HlHQepyJr8 https://t.co/Cl5NqKTPLb

TalosSecurity: Simple DNS misconfigurations and typos can create gaping holes in an organization’s security posture. We found several examples in the wild to help you hunt down misconfigurations and mitigate similar threats to your network. https://t.co/knAvmlbg73 https://t.co/1bMhbrjBrK

TalosSecurity: Mark your calendars for the 28th at 11 a.m. ET/10 CT for our next live stream covering recent spam email attacks we've seen in the wild. Attackers are taking over corporate emails to scam users into giving them millions of dollars a year https://t.co/LQ2LifBBXi https://t.co/NIyf8WBcL2

TalosSecurity: Come join us over on Instagram! We'll have more video content, memes and a look into life at Talos (just as soon as we all start going back to the office) https://t.co/pHShOoM40x

MBThreatIntel: ℹ️In our latest blog, @hasherezade examines #AvosLocker, a new ransomware aiming to grow into the coveted big game hunting space. https://t.co/guOJtVGeUp

MBThreatIntel: 🚨 There was a Magecart skimmer on @Everlast_ according to a crawl submitted by @sansecio (https://t.co/iDaPKG4hWi). ➡️ Skimmer: sgtrek[.]com/jquery/jQuery.viewer.js ➡️ Exfiltration via Telegram API https://t.co/p7NqGwnXpe

MBThreatIntel: klPivotCellBlankCell.sct: 9ec372473f76c20f2d1249afdc0f8962 Dridex: e92d48a038b4208fafd89f2ed6c630fb C2s: 178.238.236.59:443 104.245.52.73:5007 81.0.236.93:13786

MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it using mshta.exe -> executes Dridex using rundll32.exe Maldocs: 3c0f480a02317e8354e8e3c05c3918f0 5d7e91a055573a70c596b58c5c7506d9 0ba7c0b5fb877d55039290fa68b6a40f https://t.co/0I2yvHF6ke

anyrun_app: TOP10 last week's threats by uploads ⬆️ #Redline 298 (274) ⬆️ #Njrat 248 (226) ⬆️ #Formbook 167 (141) ⬆️ #Raccoon 142 (59) ⬆️ #NanoCore 138 (101) ⬇️ #Lokibot 76 (134) ⬇️ #Vidar 59 (78) ⬇️ #AsyncRAT 57 (117) ⬇️ #Remcos 54 (79) ⬇️ #AgentTesla 39 (58) https://t.co/98nRpXOxWw

anyrun_app: @lsepaolo At the moment, on-premise isn't on the roadmap.

anyrun_app: How to deal with data breaches in big companies? Find tips on cybersecurity improvement and why risk assessment is important in a new guest post. Today @danielmartin_a explores the cybersecurity rules for large-scale industries. Check it out! https://t.co/wtRhNkLjmz

abuse_ch: I'm happy to welcome @threatint_eu as a sponsor for https://t.co/b7WQ1Ihzpw! Your financial support matters and allows us to continue to operate 💪👏🥳 https://t.co/69UkJHP8Yx

abuse_ch: @iptpnetworks Would it be possible to look into your customer AS213254 (OOO RAIT TELECOM) / AS51381 (ELITETEAM)? Despite abuse reports sent by URLhaus to automatic-abuse [at] eliteteam .to, malware sites stay active in your customer's network for months: https://t.co/3XAHSkpvJR https://t.co/uxTB5YOH0e

abuse_ch: @fr0gger_ It's all your work Thomas 💪 https://t.co/BiMAzjARp9

abuse_ch: You can now hunt on MalwareBazaar for icons of PE executables using dhash 🔍🪲🕵️‍♀️ Special thanks to @fr0gger_ for his code snipped 🙏 Happy hunting! 🔥 Example search query: 👉 https://t.co/7nYXFy2a3A https://t.co/MyPjSIdQ4n

abuse_ch: @malwrhunterteam Sounds like someone paid the ransome🤦🏼‍♂️ Threat actors will continue to commit financial crime as long as there are orgs who pay them 💵

QuoIntelligence: This week covers 2 major cyber revelations, which will undoubtedly impact the #geopolitical landscape. The #NSOgroup & #Candiru alleged #spyware incident & the joint stmt from westrn allies accusing China of #cyberespionage. Read more https://t.co/CexUAhqcTT

JAMESWT_MHT: "This is to inform you that you have won a prize money of (ONE MILLION GREAT BRITISH POUNDS) (£1,000,000.00) In the Yahoo Promotion 2021 which is organized by YAHOO, AOL & WINDOWS LIVE" #scam #fraud #spam email https://t.co/j9ZZcyGORG

JAMESWT_MHT: @malwrhunterteam https://t.co/1XFuUKNNND https://t.co/e3EW6kfccn https://t.co/r30PWt7hgi https://t.co/DfrzdUF3en

cyb3rops: @LibertyLucas26 @ben_brechtken @BenjaminLaepple Mit Baader bin ich damals eingestiegen. Das konnte man sehr gut lesen. Dann kam Hayek und von Mises, was etwas zäh war. Mit Rothbard hat es dann sein Ende genommen und ich habe die Politik sein lassen.

cyb3rops: @nemesis09 One of my favorites from my Ambience playlist : https://t.co/FJTKsVuPG9

cyb3rops: @LibertyLucas26 @ben_brechtken @BenjaminLaepple Gibt’s noch Liberale bei der FDP oder ist der Schäffler schon weg? Ich bin nicht mehr auf dem laufenden.

cyb3rops: @LibertyLucas26 @ben_brechtken @BenjaminLaepple Meinst Du FDPler oder Liberale?

Timele9527: #APT threat analysis report about #Lazarus: “Lazarus organizes social engineering attacks on the cryptocurrency industry“ report: https://t.co/VkL4v7gHCG https://t.co/Dq78V4NZRe https://t.co/rtQHlqtljV

inj3ct0r: #0day #WordPress SP Project And Document Remote Code Execution #Exploit #RCE https://t.co/IkPkDstDXV

inj3ct0r: #0day #WordPress Modern Events Calendar Remote Code Execution #Exploit #RCE https://t.co/IsYlk9fRWU

inj3ct0r: #0day #Zabbix 5.x SQL #Injection / Cross Site Scripting #Vulnerabilities #XSS https://t.co/979dHoBGgf

inj3ct0r: #0day #XOSShop 1.0.9 - (Multiple) Arbitrary File Deletion (Authenticated) #Vulnerability #Exploit https://t.co/SJvtVY0XQG

inj3ct0r: #0day #Elasticsearch ECE 7.13.3 - Anonymous #Database Dump #Exploit https://t.co/G7eZt96TxA

malwrhunterteam: "1_Signed.apk": 61553d0edf18b9f1fe753f7fe27e2bf0230513bb01a9fa00224a96078dfdbe71 🤔 https://t.co/UANhHtpxUS

malwrhunterteam: @RazoesSergio Some actors moved from Namecheap to NameSilo, so...

malwrhunterteam: @LukasStefanko Check "StrongPity APT Group Deploys Android Malware for the First Time" article: https://t.co/L6bDWMxZEz 🤔 "We first learned about the sample from a thread shared on the MalwareHunterTeam Twitter." -> the above sample. The thread with details from Lukas: https://t.co/RqobbvN1yz https://t.co/6QV99ZBGL8

malwrhunterteam: https://vibrant-nobel-f4b4c1.netlify[.]app/ 🤔 https://t.co/m3VpGFEurL

malwrhunterteam: @ov3rflow1 @LixaH_CL @Google @YouTube Still...

blackorbird: Tokyo Olympics wiper⚠️ https://t.co/4LUBxRcGv0 https://t.co/utaJR2j7GY

blackorbird: Lambert Lost https://t.co/RyvzqE59Qz

blackorbird: Mark Mobile Verification Toolkit https://t.co/UxEyFKNRg3 https://t.co/ctDOJBkhrI https://t.co/kAQqcS29cT

blackorbird: Learning iOS Forensics #Pegasus log: https://t.co/TcdIq9rBy3 research ref: https://t.co/Q0yGAr3xQL https://t.co/lRX13oxQEo

blackorbird: Stackoverflow & Tor https://t.co/It8wYMD1Ok https://t.co/jFInGwElEo

wugeej: Windows Command-Line Obfuscation 👉reg export HKCU o.reg = reg eˣport HKCU o.reg 👉wevtutil gli hardwareevents = wevtutil gࢯli hardwareevents 👉dir c:\windows\ = dir c:\"win"d""ow"s" 👉certutil /split -urlcache = certutil /ࣔsplit -₞u₞rᴸ"c₞a₞ch"e https://t.co/I8cE12fRxN https://t.co/47K7ycEIAq

malware_traffic: 2021-07-24 (Friday) - Sfter pushing #BazarLoader yesterday, #TA551 (#Shathak) is back to pushing #Trickbot today (gtag zev4) Doc: https://t.co/WeKwz0PfMB HTA: https://t.co/2il749XRlE Installer DLL: https://t.co/z0cO2RqxRt https://t.co/cT49AVcULd

malware_traffic: @juliet_kayanja Go to the "about" page on the website, which should show you what the password is.

malware_traffic: Blog post with #pcap files from the #TA551 (#Shathak) infection, malware samples, and IOCs available from the #BazarLoader and #CobaltStrike activity at: https://t.co/pQmqhvFMah

malware_traffic: jyheeckptwa.exe (https://t.co/U7aH8dJfDL) used during this #BazarLoader infection for #CobaltStrike appears to be based on the Gopurple shellcode runner - https://t.co/6UeEA7ffjq https://t.co/J7izEbhYnW

malware_traffic: In addition to waceko[.], it looks like #CobaltStrike is also using yiyuro[.]com on 18.222.162[.]20 - Waceko[.]com was first reported as Cobalt Strike on 2021-06-10 by @mojosec - https://t.co/xOtKAlkz6T https://t.co/qi8uRh5sEu

James_inthe_box: @thatskriptkid @LittleRedBean2 @JAMESWT_MHT @malwrhunterteam @Arkbird_SOLG decoded blob (yikes....) https://t.co/AS5qMOGC7X

James_inthe_box: @thatskriptkid @LittleRedBean2 @JAMESWT_MHT @malwrhunterteam @Arkbird_SOLG 🤔 https://t.co/RBm84WKpe7

James_inthe_box: @thatskriptkid @LittleRedBean2 @JAMESWT_MHT @malwrhunterteam @Arkbird_SOLG It's very noisy https://t.co/FwKxls5YkD

James_inthe_box: @sudosev @hasherezade @VK_Intel Sadly didn't appear to work with win10 :(

pmelson: @_hacknsec LimerBoy is a legit user, and StormKitty is a real repo which has been cloned to other public repos, and also uses that key, so I assume it was live at some point in the past.

pmelson: @kungfu_javeous @Ledtech3 found a clone of the missing repo, which confirmed that that was the default AES key from the original author

pmelson: Funny plot twist from yesterday: Asking for help finding the code from an deleted GitHub repo in hopes of getting encryption keys to decrypt a payload. Turns out, the key was the URL of the missing repo. Like, those bytes in the screenshot? That’s the key. https://t.co/pN1wbb5hqB

pmelson: TRUTH: There is very good money to be made cleaning up other people’s messes. Earning a reputation as a fixer can serve you well. https://t.co/eV1Nh3ysal

pmelson: @James_inthe_box @backsla3h @struppigel All set. Got the repo with help from @Ledtech3 https://t.co/FFlZikoJxX

demonslay335: @TRojen610 @pcrisk If you could DM me the RSA key, I can add it to the Emsisoft server.

demonslay335: @killasazores @albertzsigovits @VK_Intel @f0wlsec @Amigo_A_ @BleepinComputer @malwrhunterteam @siri_urz @James_inthe_box Any AV would be able to remove the malware... decryption is a separate issue. LockBit is impossible to decrypt without the criminal's private keys.

demonslay335: @JesusGenialogic @pussymalanga_ Phobos is 100% IMPOSSIBLE to decrypt without the criminal's private keys. It uses secure crypto.

demonslay335: @QVM36O @Amigo_A_ @fbgwls245 @petrovic082 Pretty trivial to decrypt at least. Makes a mess of the system though.

hackerfantastic: @Pets0undz @KinjaDeals I love it. That seems like a great looking mechanical keyboard for the price, thanks for sharing! 👍

hackerfantastic: @VoidBiscuit That's really funny, I can see this being someone who just really likes tanks and finds the inaccuracies frustrating.

hackerfantastic: EA sports code has leaked onto the Internet for FIFA 2021, the attackers have alluded that they developed an RCE that impacts any Frost Engine game - coming full circle on my point here which people seemed to dismiss at the time. ¯\_(ツ)_/¯ https://t.co/PmvI8Qpjbh

hackerfantastic: @Scott_Helme They are tied via PKI to the mainboard so you can't just swap them out, you will need a full board usually + new paired device. You might get lucky with a repair and be able to reconnect / replace the damaged part on the component but once those are gone it's difficult todo.

hackerfantastic: @Scott_Helme You can't just buy a new sensor sadly even though they cost about $35, welcome to the right2repair battle. If its under Apple Care or warranty then take it in and get Apple to repair/replace.

Cyb3rWard0g: @chiragsavla94 @0xanasjamal Great work @chiragsavla94 ! Thank you for sharing! 💥🍻

Cyb3rWard0g: @DebugPrivilege @Microsoft Niceeee! Congratulations! Welcome to the team @DebugPrivilege ! 😃🍻 https://t.co/WZogyyXKfM

Cyb3rWard0g: @cyb3rops No problem. If there is some other noisy stuff (lab env only) that I should add or remove, let me know. I use it for environments I share with the community 🍻

Cyb3rWard0g: @cyb3rops Hello @cyb3rops , I use the following one for testing. I hope it helps. https://t.co/yV1g3ykl9y

VK_Intel: [Insight] Can confirm as AnyDesk has become the *newer* evolving persistence tactics by the ransomware pentester team. One trick is to set up a new logon hidden admin account under HKLM\...\WinLogon\SpecialAccounts\UserList. Stay tuned for the upcoming blog 😉 https://t.co/dUGMilRJze https://t.co/uJzksccqei

VK_Intel: 📌Team, amazing opportunity to meet in person in Las Vegas during BLACKHAT/DEFCON from August 3 to August 8 as we will be there waving our flags and celebrating our incredible journey and success! Please reach out to me privately as well. https://t.co/kgp3rNRM3r

VK_Intel: @James_inthe_box Thank you kindly, James! 👍👊

securitydoggo: @GossiTheDog Would looking for a read/write on the \HarddiskVolumeShadowCopy*\Windows\System32\config\(SAM|SYSTEM|SECURITY) be something too? Not sure on the visibility, just the activity I see from procmon

securitydoggo: @gentilkiwi @jonasLyk Anyone got a good detection on this aside from touching of the VolumeShadowCopy\..(SYSTEM|SAM|SECURITY)? I didn't see anything from sysmon when I did the attack. #blueteam #SIEM #infosec

DrunkBinary: @jfslowik And before you troglodytes judge me, if you don't know Renee O'Connor in Xena from the back you obviously didn't grow up being raised by WGN Action Pack hours of Xena, Hercules, and Brisco County Jr.

DrunkBinary: @jfslowik How did you find a gif from Xena?

DrunkBinary: @WylieNewmark @jfslowik Joking but don't confuse convoluted suspense thriller plot with a tightly written and coherent script.

DrunkBinary: @WylieNewmark @jfslowik Leaner: (of an activity or a period of time) offering little reward, substance, or nourishment; meager. I see what kind of entertainment you are after now.

DrunkBinary: (h/t @colemankane) https://t.co/VaP1LeoSTo

Arkbird_SOLG: Cc @h2jazi @ShadowChasing1 https://t.co/Nq3XLDdw7A

Arkbird_SOLG: Yara rule for #Medusalocker ransomware H/T @r3dbU7z for the recent sample https://t.co/Vr0VilPYJ4 ref : https://t.co/79Dored9GZ cc @BushidoToken @c3rb3ru5d3d53c @JAMESWT_MHT @h2jazi @James_inthe_box

Arkbird_SOLG: @JaromirHorejsi @LittleRedBean2 @James_inthe_box @JAMESWT_MHT @malwrhunterteam Yep, another interesting point is that seems check if FSL virtualization is up, that a Symantec implementation. Looks also Windows System Configuration files too (fs_rec). https://t.co/ieuktTHCZy https://t.co/G31Ye2Lp3g Found another one in may 2021 https://t.co/CXI0gvcaJn https://t.co/m0gnoYnAe4

KorbenD_Intel: @James_inthe_box @malwrhunterteam @JAMESWT_MHT @Arkbird_SOLG 15.222.66[.]186 https://t.co/EvZtNdu8QQ

KorbenD_Intel: Windows Server version 2004 is after Windows Server 2019 makes sense..

KorbenD_Intel: @mojoesec 31.14.40.0/24 busy subnet wink wink

ShadowChasing1: #APT32 #Oceanlotus ITW:204e1ad9eb40cdb8270dc9f4d5dfa0ab filename:MpSvc.dll

ShadowChasing1: Today our reseachers have found APK implant which belongs to #Donot #APT group ITW:8c96d005c51c6d9d7112cf933065bc10 C2:picarts[.]xyz https://t.co/oLc9HfjUh6

ShadowChasing1: Today our researchers have found FakeJLI RAT which belongs to #Patchwork #APT group ITW:076b2e8f0e1c2e886a25dcac18ec2f77 filename:hxxp://altered.twilightparadox.com/

ShadowChasing1: @Skay_00 加油

ShadowChasing1: #Donot #APK implant C2:C2:picarts[.]xyz https://t.co/BxAWuiWB7X

ItsReallyNick: @ajohnsocyber @Microsoft @msftsecresponse @MsftSecIntel @JohnLaTwC @ianhellen @LeahLease @cglyer @MarkSimos Thanks for the signal boost 🙏🏼 We learn so much from our partner teams on the front lines of response & product research. We’re just over here trying to piece together the who & the how

ItsReallyNick: @TheDFIRReport Solid #threatintel cc: @BouncyHat in case you weren’t tracking Cobalt Strike server #1 & #3

cyberwar_15: #북한 #NorthKorea #Cyberwar https://t.co/ovuwUIwccd

cyberwar_15: #북한 #NorthKorea #Cyberwar #fonts #청봉체 #KP_CheongPong https://t.co/yFFqNTWojj

58_158_177_102: 昼らー 明日は台風来るからリモートワーク宣言した(チームも可能ならリモートワークにするよう要請済) https://t.co/R7YRISteX3

58_158_177_102: @kurutony 持ち込んだ人が悪すぎですね

IntezerLabs: https://t.co/3MUExFg7iy https://t.co/h8QtHAk7Xc

IntezerLabs: [3/3] clank[.]hazari[.]ru lump[.]semara[.]ru lovers[.]semara[.]ru aconitum[.]xyz blattodea[.]ru hierodula[.]online tomond[.]ru 94.228.124.131 🔥🔥

IntezerLabs: [2/3] 7c220b8dab7b2d95b01088959156a2ab 557a2e80b2a070bb2f873b6489b026ee 6d7559fc8048e61ba5e8a76cdd872d04 3caf1d5ca620947aa82f88e8d414c85f ff95a2f9d3f40802afaa528f563feeee d4c750a5ce9823883eb5164c5c1307d1 56f3985300d75fe2a4afe16b1be75222 f1131b69a9ce898502e9626c61c46e33 ->>

IntezerLabs: [1/3] New samples of malicious docx files targeting Ukraine GOV 🇺🇦 attributes to #Gamaredon Russian APT 🇷🇺 ff95a2f9d3f40802afaa528f563feeee https://t.co/zocMKvZ5Lg For information on @Anomali's report from April https://t.co/lrn7W3XJQw IOCs b2193f0fb8b5ee8b2fe161cde30f4d65 --> https://t.co/l3an1SrJcT

IntezerLabs: Now your team has all the malware analysis tools needed in one place: sandboxing, static analysis, unpacking, memory analysis and genetic code sequencing. Start with 50 file uploads https://t.co/yuQm8n5nQ1 https://t.co/SHqfVbWECm

aboutsecurity: @rogue_analyst @CertifyGIAC @SecurityMapper @eric_conrad @SOCologize @randymarchany Congrats!! 👏🏼👏🏼👏🏼 #AllAroundDefender

aboutsecurity: Call to the community! Please vote ⬇️ @jesse_netz #SOCWise #ptToolkit #purpleteaming https://t.co/hFO4uPEuSu https://t.co/ZXL5tKajUp

aboutsecurity: Jesse Netz (@jesse_netz), a seasoned @McAfee blueteamer presents us #ptToolkit at #SOCWise. Watch it live here: https://t.co/B0y0dL9cS3 https://t.co/6UkfNNG3gE

aboutsecurity: We're live and we have a surprise for you in the form of a new #purpleteaming tool! w/ @jesse_netz #ptToolkit Join us here: https://t.co/B0y0dL9cS3 https://t.co/hFO4uPEuSu https://t.co/Hntd8Zt8Xu

aboutsecurity: Is there value for you and your organization in using a Purple Teaming tool like the one we're going to present at #SOCWise right now? https://t.co/rowT3xvbxN w/ @jesse_netz

DissectMalware: @Dinosn @JohnLaTwC

Hexacorn: @mkolsek @jonasLyk same feeling, way too often :)

Hexacorn: It's really worth updating Process Hacker on regular basis TIL new versions include very advanced PE file viewer showing lots of cool info, both static and dynamic and from the file and file system, all in one place https://t.co/l4CNHoYmPE

Hexacorn: @bry_campbell https://t.co/uEgR4mQU3T

Hexacorn: @struppigel @hacks4pancakes your discussion about "worm" is fun too, so many corner cases

JCyberSec_: @BunkoPirate @bankofireland I do not deal with 'vishing' very much. Mainly only credential phishing

JCyberSec_: @BunkoPirate @bankofireland Not yet - We see a number of campaigns running over SMS targeting BOI. https://t.co/wVMFSSPwm6 https://t.co/D9POSG5Nty

JCyberSec_: 💥Brand new @bankofireland (BOI) #phishing site stood up in the last couple of minutes 🌐hxxps://365online.com.accountupgrade.co/ 🥷Using Uadmin as the controlling software 📳Using Telegram as the exfiltration https://t.co/zCuoFLLp5y

JCyberSec_: Think someone was hungry when they created this #phishing kit? 🥓🍳🍔 I eat phishing actors for breakfast! https://t.co/5T5B4TGEzY

JCyberSec_: You can't vote in your own polls but ... https://t.co/ixJUvc5D4M

nullcookies: @piffey Oh brutal

nullcookies: @XEJKnol @ABNAMRO @ingnl @Rabobank @SNSBank @TriodosNL @RegioBank @Namecheap @Cloudflare @ShortDotDomains @Politie @JAMESWT_MHT @malwrhunterteam @JCyberSec_ @phishunt_io @Spam404 Nice finds!

nullcookies: https://t.co/SmB6jd0atk https://t.co/FtUBDikvJE

campuscodi: @Matt_Gerlach yes

campuscodi: Apple really hates the jailbreaking community. Passing jailbreaks as actively exploited zero-days is a smart plan to trick users to update to a new release and avoid having them root their devices 😆

campuscodi: There is now a PoC for CVE-2021-30807: https://t.co/bQrZUDDShG I wouldn't rule out that this was a new jailbreaking exploit and not an actual zero-day exploited in the wild. Apple has done this before--passed jailbreaks as zero-days.

424f424f: Halp! What am I doing wrong here? Importing a certificate for the DC in Rubeus. https://t.co/U1WZParlHJ

424f424f: @HackingLZ Took some tweaking but, I figured out how to get the server working finally. https://t.co/RZq8RXnOCE

424f424f: @HackingLZ Ha! Current status... trying to figure out how to set it up in the lab. https://t.co/mTxVHZZlfE

lazyactivist192: @Yihiskayene Welcome back!

lazyactivist192: @asabikeshiinyag My HS's mascot was a falcon, so I definitely support any schools adopting bird themed mascots

FewAtoms: #malware #threathunting #cybersecurity #opendir #infosecurity hxxp://172.245.119.43/d/ https://t.co/W8JNWti53h https://t.co/klZgLYdN5V

FewAtoms: #malware #infosecurity #threathunting #cybersecurity #opendir hxxp://musicnote.soundcast.me/ https://t.co/NPPARe6Fju https://t.co/OG6fCR0HkB

FewAtoms: #malware #opendir #infosecurity #threathunting #cybersecurity hxxp://androidmedallo.duckdns.org/ https://t.co/XtPJDAj1az @abuse_ch @James_inthe_box @JAMESWT_MHT https://t.co/sqAbghp5lV

FewAtoms: #malware #cybersecurity #opendir #infosecurity #threathunting hxxp://datarcha.ga/ hxxp://78.62.182.29/ https://t.co/MApSQYd9Bs @abuse_ch @James_inthe_box @JAMESWT_MHT https://t.co/A3nkpW4nI6

luc4m: @Finch39487976 @rqu49 Ahahha, next time -> https://t.co/O16enCS6h4

----Vulners.com High Sev. Last 3 Days----

CVSS: 6.8 CVE-2020-15180

CVSS: 6.8 (RHSA-2021:2883) Important: thunderbird security update

CVSS: 6.8 (RHSA-2021:2882) Important: thunderbird security update

CVSS: 6.8 (RHSA-2021:2881) Important: thunderbird security update

CVSS: 6.5 WordPress SP Project And Document Remote Code Execution

CVSS: 6.8 thunderbird security update

CVSS: 6.8 MySQL vulnerabilities

CVSS: 6.5 WordPress Modern Events Calendar Remote Code Execution

CVSS: 6.8 Microsoft SharePoint Server 2019 Remote Code Execution

----NVD Last 3 Days----

CVE#: CVE-2021-32794 Published Date: 2021-07-26 CVSS: NO CVSS Description: ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code `POST /Api/ASF` ASF API endpoint responsible for updating global ASF config incorrectly removed `IPCPassword` from the resulting config when the caller did not specify it explicitly. Due to the above, it was possible for the user to accidentally remove `IPCPassword` security measure from his IPC interface when updating global ASF config, which exists as part of global config update functionality in ASF-ui. Removal of `IPCPassword` possesses a security risk, as unauthorized users may in result access the IPC interface after such modification. The issue is patched in ASF V5.1.2.4 and future versions. We recommend to manually verify that `IPCPassword` is specified after update, and if not, set it accordingly. In default settings, ASF is configured to allow IPC access from `localhost` only and should not affect majority of users.

CVE#: CVE-2021-37478 Published Date: 2021-07-26 CVSS: NO CVSS Description: In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database.

CVE#: CVE-2021-37477 Published Date: 2021-07-26 CVSS: NO CVSS Description: In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database.

CVE#: CVE-2021-37476 Published Date: 2021-07-26 CVSS: NO CVSS Description: In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database.

CVE#: CVE-2021-37475 Published Date: 2021-07-26 CVSS: NO CVSS Description: In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database.

CVE#: CVE-2021-37473 Published Date: 2021-07-26 CVSS: NO CVSS Description: In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database.

CVE#: CVE-2021-37394 Published Date: 2021-07-26 CVSS: NO CVSS Description: In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.

CVE#: CVE-2021-37393 Published Date: 2021-07-26 CVSS: NO CVSS Description: In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject XSS payloads into nickname variable, and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.

CVE#: CVE-2021-37392 Published Date: 2021-07-26 CVSS: NO CVSS Description: In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.

CVE#: CVE-2021-36563 Published Date: 2021-07-26 CVSS: NO CVSS Description: The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts), the XSS payload will be triggered when the user accesses some specific sections of the application. In the same sense a very dangerous potential way would be when an attacker who has the monitor role (not administrator) manages to get a stored XSS to steal the secretAutomation (for the use of the API in administrator mode) and thus be able to create another administrator user who has high privileges on the CheckMK monitoring web console. Another way is that persistent XSS allows an attacker to modify the displayed content or change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session.

CVE#: CVE-2021-32792 Published Date: 2021-07-26 CVSS: NO CVSS Description: mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.

CVE#: CVE-2021-32791 Published Date: 2021-07-26 CVSS: NO CVSS Description: mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.

CVE#: CVE-2021-32790 Published Date: 2021-07-26 CVSS: NO CVSS Description: Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.

CVE#: CVE-2021-31292 Published Date: 2021-07-26 CVSS: NO CVSS Description: An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.

CVE#: CVE-2021-31291 Published Date: 2021-07-26 CVSS: NO CVSS Description: A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0.27.3 allows attackers to cause a denial of service (DOS) via crafted metadata.

CVE#: CVE-2021-25804 Published Date: 2021-07-26 CVSS: NO CVSS Description: A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.

CVE#: CVE-2021-25803 Published Date: 2021-07-26 CVSS: NO CVSS Description: A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

CVE#: CVE-2021-25802 Published Date: 2021-07-26 CVSS: NO CVSS Description: A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

CVE#: CVE-2021-25801 Published Date: 2021-07-26 CVSS: NO CVSS Description: A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

CVE#: CVE-2021-32789 Published Date: 2021-07-26 CVSS: NO CVSS Description: woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.

CVE#: CVE-2021-32631 Published Date: 2021-07-26 CVSS: NO CVSS Description: Common is a package of common modules that can be accessed by NIMBLE services. Common before commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 did not properly verify the signature of JSON Web Tokens. This allows someone to forge a valid JWT. Being able to forge JWTs may lead to authentication bypasses. Commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 contains a patch for the issue. As a workaround, one may use the parseClaimsJws method to correctly verify the signature of a JWT.

CVE#: CVE-2021-33629 Published Date: 2021-07-26 CVSS: NO CVSS Description: isula-build before 0.9.5-8 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data.

CVE#: CVE-2021-37534 Published Date: 2021-07-26 CVSS: NO CVSS Description: app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.

CVE#: CVE-2021-26824 Published Date: 2021-07-26 CVSS: NO CVSS Description: DM FingerTool v1.19 in the DM PD065 Secure USB is susceptible to improper authentication by a replay attack, allowing local attackers to bypass user authentication and access all features and data on the USB.

CVE#: CVE-2021-3664 Published Date: 2021-07-26 CVSS: NO CVSS Description: url-parse is vulnerable to URL Redirection to Untrusted Site

CVE#: CVE-2021-35030 Published Date: 2021-07-26 CVSS: NO CVSS Description: A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet.

CVE#: CVE-2021-29784 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.

CVE#: CVE-2021-29770 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.

CVE#: CVE-2021-29769 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769.

CVE#: CVE-2021-29767 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681.

CVE#: CVE-2021-29766 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680.

CVE#: CVE-2021-22144 Published Date: 2021-07-26 CVSS: NO CVSS Description: In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

CVE#: CVE-2021-20560 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 199229.

CVE#: CVE-2021-20431 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342.

CVE#: CVE-2021-20430 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341.

CVE#: CVE-2021-20337 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448.

CVE#: CVE-2020-4623 Published Date: 2021-07-26 CVSS: NO CVSS Description: IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.

CVE#: CVE-2020-12681 Published Date: 2021-07-26 CVSS: NO CVSS Description: Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.

CVE#: CVE-2021-33900 Published Date: 2021-07-26 CVSS: NO CVSS Description: While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.

CVE#: CVE-2021-36092 Published Date: 2021-07-26 CVSS: NO CVSS Description: It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

CVE#: CVE-2021-36091 Published Date: 2021-07-26 CVSS: NO CVSS Description: Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.

CVE#: CVE-2021-21443 Published Date: 2021-07-26 CVSS: NO CVSS Description: Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.

CVE#: CVE-2021-21442 Published Date: 2021-07-26 CVSS: NO CVSS Description: In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x versions prior to 7.0.19.

CVE#: CVE-2021-21440 Published Date: 2021-07-26 CVSS: NO CVSS Description: Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

CVE#: CVE-2021-37449 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmlist?folder= (reflected).

CVE#: CVE-2021-37448 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via the Mailbox name (stored).

CVE#: CVE-2021-37447 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.

CVE#: CVE-2021-37446 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.

CVE#: CVE-2021-37445 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.

CVE#: CVE-2021-37444 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function.

CVE#: CVE-2021-37443 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion.

CVE#: CVE-2021-37442 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. to read files.

CVE#: CVE-2021-37441 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring.

CVE#: CVE-2021-37440 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.

CVE#: CVE-2021-37439 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability.

CVE#: CVE-2021-37470 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) exists in the Recipient Name field. An authenticated user can add or modify the affected field to inject arbitrary JavaScript.

CVE#: CVE-2021-37469 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH WebDictate v2.13 and earlier, authenticated users can abuse logprop?file=/.. path traversal to read files on the filesystem.

CVE#: CVE-2021-37468 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH Reflect CRM 3.01 allows local users to discover cleartext user account information by reading the configuration files.

CVE#: CVE-2021-37467 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, XSS exists via /conferencebrowseuploadfile?confid= (reflected).

CVE#: CVE-2021-37466 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, XSS exists via /conference?id= (reflected).

CVE#: CVE-2021-37465 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= (reflected).

CVE#: CVE-2021-37464 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, XSS exists via Conference Description (stored).

CVE#: CVE-2021-37463 Published Date: 2021-07-25 CVSS: NO CVSS Description: In NCH Quorum v2.03 and earlier, XSS exists via User Display Name (stored).

CVE#: CVE-2021-37462 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /ipblacklist?errorip= (reflected).

CVE#: CVE-2021-37461 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /extensionsinstruction?id= (reflected).

CVE#: CVE-2021-37460 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via /planprop?id= (reflected).

CVE#: CVE-2021-37459 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the customer name field (stored).

CVE#: CVE-2021-37458 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the primary phone field (stored).

CVE#: CVE-2021-37457 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the SipRule field (stored).

CVE#: CVE-2021-37456 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the blacklist IP address (stored).

CVE#: CVE-2021-37455 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the outbound dialing plan (stored).

CVE#: CVE-2021-37454 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the line name (stored).

CVE#: CVE-2021-37453 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and earlier via the extension name (stored).

CVE#: CVE-2021-37452 Published Date: 2021-07-25 CVSS: NO CVSS Description: NCH Quorum v2.03 and earlier allows local users to discover cleartext login information relating to users by reading the local .dat configuration files.

CVE#: CVE-2021-37451 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /msglist?mbx= (reflected).

CVE#: CVE-2021-37450 Published Date: 2021-07-25 CVSS: NO CVSS Description: Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmprop?id= (reflected).

CVE#: CVE-2021-37438 Published Date: 2021-07-25 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE#: CVE-2021-3663 Published Date: 2021-07-25 CVSS: NO CVSS Description: firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts

CVE#: CVE-2021-23413 Published Date: 2021-07-25 CVSS: NO CVSS Description: This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__, toString, etc) results in a returned object with a modified prototype instance.

CVE#: CVE-2021-37436 Published Date: 2021-07-24 CVSS: NO CVSS Description: Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations.

CVE#: CVE-2021-32783 Published Date: 2021-07-23 CVSS: NO CVSS Description: Contour is a Kubernetes ingress controller using Envoy proxy. In Contour before version 1.17.1 a specially crafted ExternalName type Service may be used to access Envoy's admin interface, which Contour normally prevents from access outside the Envoy container. This can be used to shut down Envoy remotely (a denial of service), or to expose the existence of any Secret that Envoy is using for its configuration, including most notably TLS Keypairs. However, it *cannot* be used to get the *content* of those secrets. Since this attack allows access to the administration interface, a variety of administration options are available, such as shutting down the Envoy or draining traffic. In general, the Envoy admin interface cannot easily be used for making changes to the cluster, in-flight requests, or backend services, but it could be used to shut down or drain Envoy, change traffic routing, or to retrieve secret metadata, as mentioned above. The issue will be addressed in Contour v1.18.0 and a cherry-picked patch release, v1.17.1, has been released to cover users who cannot upgrade at this time. For more details refer to the linked GitHub Security Advisory.

CVE#: CVE-2021-32686 Published Date: 2021-07-23 CVSS: NO CVSS Description: PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In PJSIP before version 2.11.1, there are a couple of issues found in the SSL socket. First, a race condition between callback and destroy, due to the accepted socket having no group lock. Second, the SSL socket parent/listener may get destroyed during handshake. Both issues were reported to happen intermittently in heavy load TLS connections. They cause a crash, resulting in a denial of service. These are fixed in version 2.11.1.

CVE#: CVE-2021-3169 Published Date: 2021-07-23 CVSS: NO CVSS Description: An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.

CVE#: CVE-2021-25809 Published Date: 2021-07-23 CVSS: NO CVSS Description: UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.

CVE#: CVE-2021-25808 Published Date: 2021-07-23 CVSS: NO CVSS Description: A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.

CVE#: CVE-2020-20741 Published Date: 2021-07-23 CVSS: NO CVSS Description: Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect.

CVE#: CVE-2021-25791 Published Date: 2021-07-23 CVSS: NO CVSS Description: Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address text fields.

CVE#: CVE-2021-25790 Published Date: 2021-07-23 CVSS: NO CVSS Description: Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.

CVE#: CVE-2021-23412 Published Date: 2021-07-23 CVSS: NO CVSS Description: All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization.

CVE#: CVE-2021-3159 Published Date: 2021-07-23 CVSS: NO CVSS Description: A stored cross site scripting (XSS) vulnerability in the /sys/attachment/uploaderServlet component of Landray EKP V12.0.9.R.20160325 allows attackers to execute arbitrary web scripts or HTML via a crafted SVG, SHTML, or MHT file.

CVE#: CVE-2021-25208 Published Date: 2021-07-23 CVSS: NO CVSS Description: Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php.

CVE#: CVE-2021-25206 Published Date: 2021-07-23 CVSS: NO CVSS Description: Arbitrary file upload vulnerability in SourceCodester Responsive Ordering System v 1.0 allows attackers to execute arbitrary code via the file upload to Product_model.php.

CVE#: CVE-2021-25204 Published Date: 2021-07-23 CVSS: NO CVSS Description: Cross-site scripting (XSS) vulnerability in SourceCodester E-Commerce Website v 1.0 allows remote attackers to inject arbitrary web script or HTM via the subject field to feedback_process.php.

CVE#: CVE-2021-25203 Published Date: 2021-07-23 CVSS: NO CVSS Description: Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\admin_add_post.php.

CVE#: CVE-2021-25201 Published Date: 2021-07-23 CVSS: NO CVSS Description: SQL injection vulnerability in Learning Management System v 1.0 allows remote attackers to execute arbitrary SQL statements through the id parameter to obtain sensitive database information.

CVE#: CVE-2021-25207 Published Date: 2021-07-23 CVSS: NO CVSS Description: Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.

CVE#: CVE-2019-9983 Published Date: 2021-07-23 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

CVE#: CVE-2021-20333 Published Date: 2021-07-23 CVSS: NO CVSS Description: Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6.20; MongoDB Server v4.0 versions prior to 4.0.21; MongoDB Server v4.2 versions prior to 4.2.10;

CVE#: CVE-2021-26799 Published Date: 2021-07-23 CVSS: NO CVSS Description: Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML.

CVE#: CVE-2020-14032 Published Date: 2021-07-23 CVSS: NO CVSS Description: ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.

CVE#: CVE-2021-24036 Published Date: 2021-07-23 CVSS: NO CVSS Description: Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1.

----#MALWARE----

NcsVentures: Loveable Ned Kelly it ‘aint. Why is Australia so complacent towards ransomware attacks? | #malware | #ransomware https://t.co/o72qzp45cQ Link with Tweet

GregoryDEvans: Loveable Ned Kelly it ‘aint. Why is Australia so complacent towards ransomware attacks? | #malware | #ransomware https://t.co/oVX5sA9woG Link with Tweet

AluraSolutions: Your employees know not to open suspicious links or download files from unknown senders, but do they know about fil… https://t.co/pagEk9Wci3 Link with Tweet

WilfridBlanc: Scanning your #iPhone for Pegasus, NSO Group's #malware https://t.co/SbrgFtKWXg Link with Tweet

devvibesbot: RT @DarkReading: Attackers' Use of Uncommon Programming Languages Continues to Grow https://t.co/ZEtX2uFRsN by @kellymsheridan #programming… Link with Tweet

CyberSecurityN8: RT @Dariansweb: #Coding Malware Makers Using ‘Exotic’ #Programming Languages: #CyberSecurity #Malware https://t.co/Ca33F7S6uM via @t… Link with Tweet

sectest9: RT @Dariansweb: #Coding Malware Makers Using ‘Exotic’ #Programming Languages: #CyberSecurity #Malware https://t.co/Ca33F7S6uM via @t… Link with Tweet

theDomainBot: RT @Dariansweb: #Coding Malware Makers Using ‘Exotic’ #Programming Languages: #CyberSecurity #Malware https://t.co/Ca33F7S6uM via @t… Link with Tweet

cybersec_feeds: RT @Dariansweb: #Coding Malware Makers Using ‘Exotic’ #Programming Languages: #CyberSecurity #Malware https://t.co/Ca33F7S6uM via @t… Link with Tweet

MaltrakN: RT @cybermaterial_: 🤖 Operacion Bitcoin: Login to hell https://t.co/H3lVJmcgao #cybersecurity #infosec #malware #cybermaterial #ransomware… Link with Tweet

RamonaEid: RT @YourAnonRiots: XLoader, a low-cost and popular Windows #malware available on rent, has now been upgraded to allow cybercriminals to spy…

theDomainBot: RT @YourAnonRiots: XLoader, a low-cost and popular Windows #malware available on rent, has now been upgraded to allow cybercriminals to spy…

cybersec_feeds: RT @YourAnonRiots: XLoader, a low-cost and popular Windows #malware available on rent, has now been upgraded to allow cybercriminals to spy…

markrobt: RT @DarkReading: Attackers' Use of Uncommon Programming Languages Continues to Grow https://t.co/ZEtX2uFRsN by @kellymsheridan #programming… Link with Tweet

CyberSecurityN8: RT @cybermaterial_: 🤖 Operacion Bitcoin: Login to hell https://t.co/H3lVJmcgao #cybersecurity #infosec #malware #cybermaterial #ransomware… Link with Tweet

----#PHISHING----

JamBase: Tour Dates: #Phish #PinkFloyd #TalkingHeads tribute act @PinkTalkingFish announced Fall 2021 tour dates - check out… https://t.co/LpsseppwKu Link with Tweet

ThanqFul4: The folks grunting and looking miserable at the gym have no idea the circus that I’m attending listening to 12/31/9… https://t.co/Bm70ByC9oM Link with Tweet

CashorTrade: FS: 2 pavs for deer creek #phish #facevaluetickets [VISIT: https://t.co/9JoGXKV1Sc] Link with Tweet

theDomainBot: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

cybersec_feeds: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

theDomainBot: RT @keepnetlabs: HOW IT REALLY HAPPENED: NINJIO SEASON 4, EPISODE 3, UP, UPVOTE, AND AWAY https://t.co/HbOgqUXPsT #phishing #cybersecurit… Link with Tweet

theDomainBot: RT @phishingorguk: Email Security Software: 5 Things to Consider! https://t.co/aRmM47o63G #phishing #cybersecurity #spearphishing https:/… Link with Tweet

keepnetlabs: HOW IT REALLY HAPPENED: NINJIO SEASON 4, EPISODE 3, UP, UPVOTE, AND AWAY https://t.co/HbOgqUXPsT #phishing… https://t.co/M7kGd2bF9z Link with Tweet Link with Tweet

phishingorguk: Email Security Software: 5 Things to Consider! https://t.co/aRmM47o63G #phishing #cybersecurity #spearphishing https://t.co/dIEhcQAzHN Link with Tweet

theDomainBot: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

cybersec_feeds: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

TourTweet: RT @deadhead111: If I was going to #Phish in Arkansas, I’d absolutely wear a mask, mostly so that the people around me wouldn’t know that B…

deadhead111: If I was going to #Phish in Arkansas, I’d absolutely wear a mask, mostly so that the people around me wouldn’t know… https://t.co/UkRbO8BQdx Link with Tweet

CashorTrade: FS: Phish - Hersheypark Stadium - 2 Day Ticket - Aug 10 and Aug 11 - GA Field - PTBM #phish #facevaluetickets [VISI… https://t.co/EWEIWnA26C Link with Tweet

CashorTrade: FS: Hershey Tuesday Fields #phish #facevaluetickets [VISIT: https://t.co/RW2DWuGmGp] Link with Tweet

----#OSINT----

theprescomm: RT @wondersmith_rae: A bit late on this one but I wrote a quick blog explaining AIS spoofing surrounding the #HMSDefender https://t.co/SLZo…

pragmatic_noob: RT @WHInspector: [#DailyOSINT - Day#169] Trying to automate #OSINT stuff via APIs? Maybe this API Directory will help you find some interes…

Sueknowsthings: RT @SlickRockWeb: This Fazze story is crazy. There will likely be a bunch of fascinating stories coming out on this ... and yes it is a Rus…

GhostWilber: RT @SlickRockWeb: This Fazze story is crazy. There will likely be a bunch of fascinating stories coming out on this ... and yes it is a Rus…

Ivan30394639: My followers will now get a grove of new #OSINT tools. From now on, I will not just post links to #Github, but link… https://t.co/gmBCd58mV5 Link with Tweet

KrisNoel65: RT @SlickRockWeb: This Fazze story is crazy. There will likely be a bunch of fascinating stories coming out on this ... and yes it is a Rus…

AnonAKAB: RT @aware_online: ★ #OSINT tip ★ Learn 4 ways to view Instagram profiles without logging in [repost] https://t.co/EAxp85KjTD #socmint Link with Tweet

Forensication: Congratulations to @WhiskingWords who just earned her #OSINT GOSI certification!

AletheDenis: Two years ago today I found out that I was placed THIRD, based on the #OSINT phase and report scoring for the Soci… https://t.co/8SL5KhoFWP Link with Tweet

Usersearch_web: RT @Usersearch_web: How to find profiles online? Discover secret dating profiles! (part 1) https://t.co/tcH8m2UBEV #OSINT #MissingPerson… Link with Tweet

cybersec_feeds: RT @cyberanalyzer: C:\Windows\System32\wbadmin.exe abused by #Ransomware to delete system backups: wbadmin DELETE SYSTEMSTATEBACKUP and wba…

aldochimal: RT @JanesINTEL: Summary of reporting and analysis on China, covering the South China Sea, tech and foreign and domestic affairs. https://t.…

jan_forney: RT @SlickRockWeb: Another shout out to @riskiq and their great #OSINT tools like @PassiveTotal. When we looked a few days ago the Russian o…

MyLibertyID: RT @threatshub: ThreatsHub Cybersecurity News | Fortinet's security appliances hit by remote code execution vulnerability - https://t.co/Yj…

jan_forney: RT @SlickRockWeb: This Fazze story is crazy. There will likely be a bunch of fascinating stories coming out on this ... and yes it is a Rus…

----#THREATINTEL----

InfoSec_Pom: No login required! https://t.co/q1yOWjgK9G https://t.co/pr9bgSO7xF Leaked NSO Group Data Hints at Widespread Pegas… https://t.co/F7fqrWcqTo Link with Tweet Link with Tweet Link with Tweet

theDomainBot: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

cybersec_feeds: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

theDomainBot: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

cybersec_feeds: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

cybsecbot: RT @JinibaBD: 👏👏👏 How to develop a skilled cybersecurity team #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatIntel…

theDomainBot: RT @JinibaBD: 👏👏👏 How to develop a skilled cybersecurity team #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatIntel…

cybersec_feeds: RT @JinibaBD: 👏👏👏 How to develop a skilled cybersecurity team #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatIntel…

PeterRydzynski: We're hiring a #ThreatIntelligence Analyst to join our Threat Analysis Team here at IronNet. The company is fully r… https://t.co/yUSb9IXGyC Link with Tweet

Truthbuster: RT @RecordedFuture: Cyber security is in an unprecedented state. Learn about the 6 critical security functions you need to protect your org…

cyberreport_io: What We Learn from MITRE's Most Dangerous Software Weaknesses List https://t.co/vLcokssaEs #cybersecurity #threatintelligence #cybernews Link with Tweet

beefyspace: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #Dridex 2️⃣ #AZORult 3️⃣ #AgentTesla 4️⃣ #RedLine 5️⃣ #NanoCore 6️⃣ #FormBoo…

cybersec_feeds: RT @cyberanalyzer: C:\Windows\System32\wbadmin.exe abused by #Ransomware to delete system backups: wbadmin DELETE SYSTEMSTATEBACKUP and wba…

maldatabase: RT @maldatabase: Top malware families analyzed last week: 1️⃣ #Dridex 2️⃣ #AZORult 3️⃣ #AgentTesla 4️⃣ #RedLine 5️⃣ #NanoCore 6️⃣ #FormBoo…

cybsecbot: RT @PhishSecurity: If Attacks Are Tailored to You—Your Intelligence Should Be, Too! @silentpush empowering enterprise #threatintel team wit…

----#RANSOMWARE----

DefconParrot: RT @MalwareMcFly: MalwarePatrol: Disrupting Ransomware by Disrupting Bitcoin #Infosec #Ransomware #Cybersecurity https://t.co/x7nD8pZfkM h… Link with Tweet

theDomainBot: RT @MalwareMcFly: MalwarePatrol: Disrupting Ransomware by Disrupting Bitcoin #Infosec #Ransomware #Cybersecurity https://t.co/x7nD8pZfkM h… Link with Tweet

MalwareMcFly: MalwarePatrol: Disrupting Ransomware by Disrupting Bitcoin #Infosec #Ransomware #Cybersecurity… https://t.co/xJHF2jH6bC Link with Tweet

theDomainBot: RT @SystemSoft_Tech: Ransomware attacks are estimated to reach 65,000 by year’s end. Our experts will share critical steps so your organiza…

cybersec_feeds: RT @SystemSoft_Tech: Ransomware attacks are estimated to reach 65,000 by year’s end. Our experts will share critical steps so your organiza…

Necio_news: Kaseya Denies Paying Ransom for Decryption Tool #CyberAttack #ransomware https://t.co/5DKtlF5OVM Link with Tweet

Air_landscape_X: RT @Grav1: The day Russians attacked Texas: ⁦@AP⁩ presents a vivid case study in what happens behind the scenes when small-town America is…

BufferBandit: RT @WilfridBlanc: Average #ransomware payment declined by 38% in second quarter of 2021, new Coveware report says https://t.co/94cuI5wQlP Link with Tweet

NcsVentures: Loveable Ned Kelly it ‘aint. Why is Australia so complacent towards ransomware attacks? | #malware | #ransomware https://t.co/o72qzp45cQ Link with Tweet

GregoryDEvans: Loveable Ned Kelly it ‘aint. Why is Australia so complacent towards ransomware attacks? | #malware | #ransomware https://t.co/oVX5sA9woG Link with Tweet

Sec_Cyber: AvosLocker #ransomware Gang Recruiting Affiliates, Partners https://t.co/PoNJLjTYFu Link with Tweet

theDomainBot: RT @HIPAAJournal: FBI warns of ongoing Conti #ransomware attacks on healthcare organizations and first responders https://t.co/qXVs5hBcTQ… Link with Tweet

pcmatic: This is why #ApplicationWhitelistingMatters These #ransomware attacks are preventable with the right protection.… https://t.co/4O6z9FqB7d Link with Tweet

HIPAAJournal: FBI warns of ongoing Conti #ransomware attacks on healthcare organizations and first responders… https://t.co/xSq3WPyPAE Link with Tweet

WilfridBlanc: Average #ransomware payment declined by 38% in second quarter of 2021, new Coveware report says https://t.co/94cuI5wQlP Link with Tweet

-----#OPENDIR----

beefyspace: RT @ecarlesi: Threat on hxxps://nationwide-decline-registration[.]digital/admin[.]zip #phishing #opendir

ecarlesi: Threat on hxxps://nationwide-decline-registration[.]digital/admin[.]zip #phishing #opendir

AndreGironda: RT @r3dbU7z: #MedusaLocker #opendir ip: 62.182.158.226 Sample on VT -> https://t.co/N9OOxLjhAI Sample on bazaar -> https://t.co/cLU32ODt… Link with Tweet

beefyspace: RT @ecarlesi: Possible threat on hxxp://miheritagebank[.]com/3[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://miheritagebank[.]com/3[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://miheritagebank[.]com/2[.]zip #phishing #opendir

ecarlesi: Threat on hxxps://confirmandcontinue[.]com/odrder/amazknc/amazknc/amazknc/mazon/27fb7/ #phishing #opendir #amazon #namesilo

ecarlesi: Threat on hxxps://confirmandcontinue[.]com/odrder/amazknc/amazknc/amazknc/mazon/ #phishing #opendir #amazon #namesilo

ecarlesi: Threat on hxxps://confirmandcontinue[.]com/odrder/amazknc/amazknc/mazon/0f95d/ #phishing #opendir #amazon #namesilo

beefyspace: RT @ecarlesi: Threat on hxxps://confirmandcontinue[.]com/odrder/amazknc/amazknc/mazon/ #phishing #opendir #amazon #namesilo

ecarlesi: Threat on hxxps://confirmandcontinue[.]com/odrder/amazknc/amazknc/mazon/ #phishing #opendir #amazon #namesilo

beefyspace: RT @ecarlesi: Possible threat on hxxps://powerball2021lottoclaimsxyz[.]com/545654444434555/block[.]zip #phishing #opendir

beefyspace: RT @ecarlesi: Possible threat on hxxp://mycitiworld[.]online/New%20Banking%20Script[.]zip #phishing #opendir https://t.co/cBhiifiTGX

ecarlesi: Possible threat on hxxps://powerball2021lottoclaimsxyz[.]com/545654444434555/block[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://mycitiworld[.]online/New%20Banking%20Script[.]zip #phishing #opendir https://t.co/cBhiifiTGX

-----#MALSPAM----

reubenbraham: Cyberint has been tracking a rise in #AgentTesla activity in July. Unsolicited #malspam campaigns where Agent Tesla… https://t.co/5RuNAUEeUP Link with Tweet

cyber_int: [NEW BLOG] Cyberint Research has observed a number of unsolicited #malspam campaigns in July where #AgentTesla 🔎 ha… https://t.co/qYaZ2ymuVR Link with Tweet

shotgunner101: RT @Racco42: #malspam campaign with .hta in .img attachment gets #guloader from hxxp://linkso.duckdns.org/11d/dyno.exe, which get the #remc…

fe_tsoc: RT @Racco42: #malspam campaign with .hta in .img attachment gets #guloader from hxxp://linkso.duckdns.org/11d/dyno.exe, which get the #remc…

Racco42: #malspam campaign with .hta in .img attachment gets #guloader from hxxp://linkso.duckdns.org/11d/dyno.exe, which ge… https://t.co/RGo9Eul5Dl Link with Tweet

Paladin3161: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

javierjardon: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

Otrodok: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

RootkitHalo: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

valentinetwork: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

PoleAI: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

gus3rmr: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

MrsYisWhy: HackRead: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> D… https://t.co/pkj8E5gGBu Link with Tweet

HackRead: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

jhonosps: RT @MBThreatIntel: #Dridex #malspam new maldoc template: "Microsoft Document Protection" Excel file -> Drops sct file and executes it usin…

----#EMOTET----

ClosureCyber: RT @ClosureCyber: #Current #cyber #threats? #Emotet is a sophisticated #trojan that can steal #data and also load other malware. Emotet thr…

ClosureCyber: #Current #cyber #threats? #Emotet is a sophisticated #trojan that can steal #data and also load other malware. Emot… https://t.co/WZvx3Yweng Link with Tweet

sectest9: RT @IYS_GmbH: 👮 This year, thanks to a coordinated effort by @Europol & @Eurojust, the nightmare #malware, EMOTET, was finally disrupted, a…

CyberSecurityN8: RT @IYS_GmbH: 👮 This year, thanks to a coordinated effort by @Europol & @Eurojust, the nightmare #malware, EMOTET, was finally disrupted, a…

IYS_GmbH: 👮 This year, thanks to a coordinated effort by @Europol & @Eurojust, the nightmare #malware, EMOTET, was finally di… https://t.co/nmyJQlcVNz Link with Tweet

CyberSecurityN8: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

sectest9: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

MaltrakN: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

cybersec_feeds: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

theDomainBot: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

femtech_: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

femtech_: RT @rneelmani: In Q2 2021, 43% of all #malware downloads were malicious @Office365 docs, compared to just 20% at the beginning of 2020. Thi…

dynamicCISO: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

dynamicCISO: RT @rneelmani: In Q2 2021, 43% of all #malware downloads were malicious @Office365 docs, compared to just 20% at the beginning of 2020. Thi…

cybersec_feeds: RT @rneelmani: #Malware delivered over the #cloud increased by 68% in Q2, says #cybersecurity firm ⁦@Netskope⁩. Even after #Emotet takedown…

-----#BUGBOUNTY----

adonaigautier: RT @bugbounty0: ■■□□□ Bug-Bounty 101 #bugbounty #bugbountytips #infosec https://t.co/p0xdCBYAcX Link with Tweet

1000dayscodingb: RT @programmerjoke9: Github stars be like... https://t.co/RgMVC9JHHf #100Daysofcode #javascript #programming #dev #linux #java #programming… Link with Tweet

ntoniw: RT @disclosedh1: Shopify disclosed a bug submitted by @auguzanellato: https://t.co/Ao2wkVAhQQ - Bounty: $50,000 #hackerone #bugbounty https… Link with Tweet

JAX_MASTERS: RT @MistSpark: Sharing a new dns wordlist, enjoy subdomain enumeration https://t.co/x7dJslPjAI @ofjaaah @jeff_foley #bugbountytips #BugB… Link with Tweet

SparwanTeam: RT @hackinarticles: Android Penetration Testing: WebView Attacks https://t.co/dujfjNQnLx #infosec #cybersecurity #bugbounty #Pentesting… Link with Tweet

theDomainBot: RT @hackinarticles: Android Penetration Testing: WebView Attacks https://t.co/dujfjNQnLx #infosec #cybersecurity #bugbounty #Pentesting… Link with Tweet

CybersecArtist: RT @hackinarticles: Android Penetration Testing: WebView Attacks https://t.co/dujfjNQnLx #infosec #cybersecurity #bugbounty #Pentesting… Link with Tweet

medsadali: RT @ChhotrayDevi: Differentiation rules 🔣 #100Daysofcode #javascript #programming #dev #java #CodeNewbie #python #reactjs #bugbounty #Da…

M7moud_mk99: RT @cycatz2: #bugbountytips #bugbounty #CSRF Trick to #bypass Cross site request forgery (CSRF) leads to Account Takeover 1. CSRF 2. Rese…

theDomainBot: RT @nomanramzan91: Burp Suite > Proxy > Options > TLS Pass Through. Add these: .*\.google\.com .*\.gstatic\.com .*\.mozilla\.com .*\.googl…

FLH: RT @nomanramzan91: Burp Suite > Proxy > Options > TLS Pass Through. Add these: .*\.google\.com .*\.gstatic\.com .*\.mozilla\.com .*\.googl…

v3d_bug: RT @bugbounty0: ■■□□□ Bug-Bounty #bugbounty #bugbountytips #infosec https://t.co/rybZDjV9Fz Link with Tweet

GamebotIndie: RT @programmerjoke9: index.js: abandoned nuclear testing site https://t.co/dnw8qkb05j #100Daysofcode #javascript #programming #dev #linux #… Link with Tweet

CoderYounes: RT @daffainfo: Go scripts for checking API key/access token validity https://t.co/XGfS7NrnD9 #bugbounty #bugbountytips #infosec #pentest… Link with Tweet

senorarroz: RT @disclosedh1: Shopify disclosed a bug submitted by @auguzanellato: https://t.co/Ao2wkVAhQQ - Bounty: $50,000 #hackerone #bugbounty https… Link with Tweet

----#CYBERCRIME----

Air_landscape_X: RT @Grav1: The day Russians attacked Texas: ⁦@AP⁩ presents a vivid case study in what happens behind the scenes when small-town America is…

theDomainBot: RT @Lightedge: CNA Financial's network breached by hackers due to fake browser update @BleepinComputer #CyberSecurity #CyberCrime #DataBrea…

Lightedge: CNA Financial's network breached by hackers due to fake browser update @BleepinComputer #CyberSecurity #CyberCrime… https://t.co/G0OJLimHI8 Link with Tweet

theDomainBot: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

cybersec_feeds: RT @JinibaBD: True! 😱 For Hackers, #APIs are Low-Hanging Fruit #DataBreaches #DarkWeb #CyberSec #infosec #Security #cybercrime #ThreatInte…

theDomainBot: RT @BforeAi: Predicted Malicious Domain : wanwanshixun[.]com PreCrime Threat Intelligence Threat Agnostic Near-Zero False Positives #…

BforeAi: Predicted Malicious Domain : wanwanshixun[.]com PreCrime Threat Intelligence Threat Agnostic Near-Zero False Po… https://t.co/Gs2mjpT8FO Link with Tweet

theDomainBot: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

cybersec_feeds: RT @javier_carriazo: Careful where you download Windows 11, some installers are packed with malware #DataBreaches #DarkWeb #CyberSec #info…

theDomainBot: RT @iSecurity: What Does Definitely Make You A Hacker’s Next Target? https://t.co/HqOvBx1T5I #hacking #cybersecurity #cybercrime Link with Tweet

botcybersec: RT @iSecurity: What Does Definitely Make You A Hacker’s Next Target? https://t.co/HqOvBx1T5I #hacking #cybersecurity #cybercrime Link with Tweet

iSecurity: What Does Definitely Make You A Hacker’s Next Target? https://t.co/HqOvBx1T5I #hacking #cybersecurity #cybercrime Link with Tweet

DarkwebToday: RT @DarkwebToday: Top 10 Cybersecurity Best #100DaysOfCode #cybersecuritytips #infosecurity @ADanielHill https://t.co/5fmcRHPlqv #blog #cyb… Link with Tweet

databreach9111: RT @PsychFriend: You are invited! Yes you! Virtual CyberVSR Symposium (August 10, 9-12noon EDT, or UTC-4) presenting over 10 new cybersecur…

----Hacking Updates----

luisprado-ar updated LaborDigitalONG. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- Winter Hack de NUCBA

MvpAlej updated DiscordMultiTool. This repo has 2 stars and 1 watchers. This repo was created on 2021-07-26. --- Hacking Discord MultiTool Made for fun

evilcater updated H4cX. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-22. --- All my hacking doc

trailofbits updated empirehacking.nyc. This repo has 3 stars and 41 watchers. This repo was created on 2016-09-02. --- Empire Hacking NYC Meetup

FabioDefilippo updated winallenum. This repo has 4 stars and 1 watchers. This repo was created on 2020-09-24. --- Thi powershell script has got to run in remote windows host, even for pivoting

quietust updated dfhack-23a. This repo has 2 stars and 1 watchers. This repo was created on 2012-11-30. --- Memory hacking library for Dwarf Fortress version 0.23.130.23a and a set of tools that use it.

xBurnsed updated CSGOTriggerBot. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-23. --- C++ CSGO combination of aimbot + triggerbot hack using WinAPI as a Proof Of Concept.

smallwat3r updated hack-font-customised. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- Customised version of the Hack font using alternative glyphs with alt-hack.

THZoria updated switchtools. This repo has 2 stars and 4 watchers. This repo was created on 2019-10-30. --- SwitchTools is a command line script to help users on the switch hack

The-Art-of-Hacking updated h4cker. This repo has 9770 stars and 685 watchers. This repo was created on 2017-06-19. --- This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

FabioDefilippo updated linuxallremote. This repo has 20 stars and 1 watchers. This repo was created on 2020-09-24. --- This bash script will help you to hack remote hosts

aigars-github updated blacklist. This repo has 0 stars and 1 watchers. This repo was created on 2020-10-24. --- IP's from which scanning, spaming or hacking attempts detected

hackclub updated webring. This repo has 16 stars and 2 watchers. This repo was created on 2020-07-15. --- A webring for the personal websites of Hack Club members

javisth updated password-hacking. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- A simple brute-force program to hack two letter passwords using bcrypt

flaviogf updated hackerrank. This repo has 0 stars and 1 watchers. This repo was created on 2020-04-12. --- :question: This repository is destined to save my solved challenges at Hacker Rank.

RfidResearchGroup updated proxmark3. This repo has 1131 stars and 73 watchers. This repo was created on 2018-08-12. --- RRG / Iceman repo, the most totally wicked repo around if you are into Proxmark3 and RFID hacking

MichaelDim02 updated Narthex. This repo has 1 stars and 1 watchers. This repo was created on 2021-07-10. --- Modular personalized dictionary generator.

sabertazimi updated dotfiles. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-17. --- Sensible Hacker Defaults for Linux

pages-themes updated hacker. This repo has 502 stars and 45 watchers. This repo was created on 2016-10-06. --- Hacker is a Jekyll theme for GitHub Pages

dead-hosts updated The-Big-List-of-Hacked-Malware-Web-Sites_git_mitchellkrogza. This repo has 6 stars and 3 watchers. This repo was created on 2018-01-10. --- Test of https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites

snolab updated CapsLockX. This repo has 81 stars and 5 watchers. This repo was created on 2017-06-09. --- Operate the computer like a hacker! 像黑客一样操作电脑!

jaroslaw-majka updated hacker-rank-exercises. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- Exercises from Hacker Rank page

ARAldhafeeri updated ethical-hacking-ar. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- هدفها أن يتم مشاركة الاكواد والامثلة وكل ما يتعلق بسلسلة الهاكر الاخلاقي على قناتي في اليوتيوب

EthanC2 updated Notes-and-Writeups. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-10. --- A collection of notes and study guides on various subjects (C, C#, Assembly, Hacking, Vim...)

MKme updated probemaster. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-16. --- Probing breakout for hardware hacking. Hook measurement equipment & components into DUT

----Security Updates---- jaksi updated sshesame. This repo has 1079 stars and 36 watchers. This repo was created on 2016-11-01. --- An easy to set up and use SSH honeypot, a fake SSH server that lets anyone in and logs their activity

TOAST-DOCS updated Security-Monitoring. This repo has 1 stars and 13 watchers. This repo was created on 2020-01-06. --- None

ossf updated scorecard. This repo has 1724 stars and 34 watchers. This repo was created on 2020-10-09. --- Security Scorecards - Security health metrics for Open Source

Roave updated SecurityAdvisories. This repo has 2156 stars and 81 watchers. This repo was created on 2014-11-05. --- :closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily

cycoslave updated ITSecMegaRepo. This repo has 1 stars and 2 watchers. This repo was created on 2021-04-05. --- Just a mega dump of everything security we could find.

purificant updated python-paseto. This repo has 6 stars and 2 watchers. This repo was created on 2018-10-15. --- Platform-Agnostic Security Tokens for Python

facebook updated pyre-check. This repo has 5477 stars and 101 watchers. This repo was created on 2017-11-10. --- Performant type-checking for python.

BlackburnHax updated inntinn. This repo has 1 stars and 1 watchers. This repo was created on 2021-07-19. --- Meta risk analysis and scoring system based on open-source fully automated intelligence gathering

rockthemicro updated almost-empty-backend-template. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- basic security (sign-in & sign-up)

bkoz updated container-security. This repo has 1 stars and 2 watchers. This repo was created on 2018-02-19. --- A Practical Introduction to Container Security

pyptec updated security_access. This repo has 0 stars and 0 watchers. This repo was created on 2020-04-27. --- repositorio del código de parqueadero

Aimalohiodia updated Network-and-Information-Security. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- None

kata-containers updated kata-containers. This repo has 1373 stars and 71 watchers. This repo was created on 2017-12-07. --- Kata Containers version 2.x repository. Kata Containers is an open source project and community working to build a standard implementation of lightweight Virtual Machines (VMs) that feel and perform like containers, but provide the workload isolation and security advantages of VMs. https://katacontainers.io/

EaseFilterSDK updated EaseFilterCPPExample. This repo has 3 stars and 1 watchers. This repo was created on 2021-06-15. --- A C++ file security filter driver example implemented with EaseFilter File Security Filter Driver SDK. EaseFilter Comprehensive File Security SDK is a set of file system filter driver software development kit which includes file monitor filter driver, file access control filter driver, transparent file encryption filter driver, process filter driver and registry filter driver. In a single solution, EaseFilter Comprehensive File Security SDK encompasses file security, digital rights management, encryption, file monitoring, file auditing, file tracking, data loss prevention, process monitoring and protection, and system configuration protection.

fayazsin updated springSecurity. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- None

mozilla updated django-csp. This repo has 379 stars and 25 watchers. This repo was created on 2010-07-14. --- Content Security Policy for Django.

PurpleI2P updated i2pd. This repo has 1668 stars and 127 watchers. This repo was created on 2013-09-01. --- 🛡 I2P: End-to-End encrypted and anonymous Internet

digimach updated docker-acme.sh. This repo has 1 stars and 1 watchers. This repo was created on 2021-02-22. --- ACME Shell script: acme.sh available in Docker with compatibility and security in mind. This container holds the official upstream acme.sh​ artifacts.

Luiz-Papoy updated Micronaut_JWT. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Application with Micronaut Security using JWT

GrapheneOS updated kernel_google_crosshatch. This repo has 11 stars and 5 watchers. This repo was created on 2019-03-28. --- Pixel 3, Pixel 3 XL, Pixel 3a and Pixel 3a XL kernel sources.

microsoft updated ComplianceCxE. This repo has 0 stars and 4 watchers. This repo was created on 2021-04-23. --- Customer Experience Engineering (CxE) is a World Wide team, our charter is helping customers deploy M365 security and compliance products.

LeDragoX updated Win10SmartDebloat. This repo has 29 stars and 3 watchers. This repo was created on 2020-08-26. --- This is an adapted version from https://github.com/W4RH4WK/Debloat-Windows-10. These scripts will Customize, Debloat and Improve Security/Performance on Windows 10/Newer.

mozilla-mobile updated mozilla-vpn-client. This repo has 108 stars and 21 watchers. This repo was created on 2020-08-15. --- A fast, secure and easy to use VPN. Built by the makers of Firefox.

Verlihub updated ledokol. This repo has 6 stars and 4 watchers. This repo was created on 2014-03-04. --- Biggest multifunctional security and entertainment Lua script for Verlihub | Support hub: nmdcs://hub.verlihub.net:7777

intrigueio updated intrigue-core. This repo has 1051 stars and 71 watchers. This repo was created on 2015-07-06. --- Discover Your Attack Surface!

----PoC Updates----

jeremyz updated godot-stuff. This repo has 0 stars and 1 watchers. This repo was created on 2019-01-22. --- godot Proof Of Concepts

taylorjg updated continuo-app-phaser-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-05. --- Learning Phaser by creating a proof-of-concept Continuo app

xBurnsed updated CSGOTriggerBot. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-23. --- C++ CSGO combination of aimbot + triggerbot hack using WinAPI as a Proof Of Concept.

ACK-J updated SHAME_Model_PoC. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- A proof of concept attack against Amazon Alexa and Google Home devices using the SHAME model

kangalioo updated poise. This repo has 3 stars and 1 watchers. This repo was created on 2021-03-30. --- Proof of concept Discord bot command framework for serenity, with advanced features like edit tracking and flexible argument parsing

mfgoes updated turn-based-rogue. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-25. --- Proof of concept level generator with roguelike elements

andresorjuela updated MT-DB-Backend. This repo has 0 stars and 3 watchers. This repo was created on 2020-01-08. --- Proof of concept project for MT product database

sascha-lecours updated cyoa-notes-proof-of-concept. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-03. --- Proof of concept for multiplayer note-sharing CYOA using react and nodejs

charlessoarez updated capsula. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-24. --- Source code, prototypes and ideas for a proof of concept related to combinational circuits of the project: Crop capsule and auto harvest system.

ET-13 updated myProjects. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- Most of these are proof-of-concepts, exercises, or ideas that are stored here more for my own sake

RobertTheSable updated fe3-voice-poc. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- Proof of concept for voice acting in FE3.

DLab updated PoC-NY-data. This repo has 0 stars and 5 watchers. This repo was created on 2020-11-03. --- This a proof of concept of the standardised data for the State of NY

faceslog updated d9hook. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-19. --- Internal hack for any game using DirectX9. Still only a Proof of Concept and can be improved

developer-guy updated container-image-sign-and-verify-with-cosign-and-opa. This repo has 29 stars and 5 watchers. This repo was created on 2021-06-25. --- This is just a proof-of-concept project that aims to sign and verify container images using cosign and OPA (Open Policy Agent)

milesrack updated pynet. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- A proof-of-concept botnet written in Python.

robinsonkwame updated labeling-fixtheform. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-17. --- Proof of concept project for labeling, characterizing semi-structured form data on basis of NER. Uses prodi.gy, python.

0xmons updated zknft. This repo has 7 stars and 3 watchers. This repo was created on 2021-05-25. --- NFT marketplace proof of concept using zkSync's NFT API

codecreative updated newsminder. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-22. --- Proof of concept Puppeteer and Actions

treykapfer updated Kingdoms-Proof. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-19. --- Proof of concept for my first mobile app - a magic the gathering companion app

Payne325 updated bongosero. This repo has 1 stars and 1 watchers. This repo was created on 2019-10-06. --- A proof of concept for a space-invaders style game with face tracking for character movement and support for Gamecube Donkey Konga Bongos to fire the gun.

JohnDorsey updated PyCellEliminationRun. This repo has 1 stars and 1 watchers. This repo was created on 2021-06-26. --- A proof of concept for lossless compression of audio

CaravanaCloud updated thedevconf. This repo has 0 stars and 4 watchers. This repo was created on 2021-02-16. --- Proof of Concept for TDC

hmcts updated ccd-party-manager-poc. This repo has 0 stars and 9 watchers. This repo was created on 2021-06-16. --- Proof of concept party interaction manager for complex cases.

kbasar updated YesWebApp. This repo has 0 stars and 1 watchers. This repo was created on 2021-07-26. --- YES Web App is possible. This is also web app. Proof Of Concept WebApp. Beyond Boundary Web App.

rxgx updated speech-recognition. This repo has 0 stars and 2 watchers. This repo was created on 2017-07-23. --- Proof of concept for browser-based speech recognition