OpenCTI & HarfangLab : a connector to enrich CTI data and optimize incident response | by Frédéric Basler | Apr, 2024 | Filigran Blog
IntelBroker Claims Space-Eyes Breach, Targeting US National Security Data
SOC Project with full Automation LAB | by Anupam Gaur | Apr, 2024 | Medium
New SteganoAmor attacks use steganography to target 320 orgs globally
Ransomware gang starts leaking alleged stolen Change Healthcare data
Advanced Ransomware Detection with Next-Gen SIEM
Cisco Duo's Multifactor Authentication Service Breached
Roku Mandates 2FA for Customers After Credential-Stuffing Compromise
Defense Award Launches Purdue Project to Strengthen Cyber-Physical Systems
Microsoft’s ‘AI Watchdog’ defends against new LLM jailbreak method
Cisco Duo warns telephony supplier data breach exposed MFA SMS logs
Giant Tiger Data Breached, 2.8M Records Leaked Online | Daily Security Review
This Week In Cybersecurity: April – April 12th: Home Depot Data Breached | Daily Security Review
A click can cause 1600$ | Auth0 misconfig . | by Nauman Khan | Apr, 2024 | Medium
Blackjack group used ICS malware Fuxnet against Russian targets
Collaborative Scheduling: Enhancing Team Coordination With Open-Source Tools
Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor
Microsoft will limit Exchange Online bulk emails to fight spam
Crypto miner arrested for skipping on $3.5 million in cloud server bills
Palo Alto Network Issues Hot Fixes for Zero-Day Bug in Its Firewall OS
Delinea patches API vulnerability in Secret Server Cloud
Iran-Backed Hackers Blast Out Threatening Texts to Israelis
Russia and Ukraine Top Inaugural World Cybercrime Index
Roku activates 2FA for 80M users after breach of 576K accounts
Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw
Chipmaker Nexperia confirms breach after ransomware gang leaks data
Cisco Duo warns third-party data breach exposed SMS MFA logs
Daixin ransomware gang claims attack on Omni Hotels
Microsoft Wants You to Watch What It Says, Not What It Does
Web3 Game Developers Targeted in Crypto Theft Scheme
New LockBit Variant Exploits Self-Spreading Features
Palo Alto Networks Zero-Day Flaw Exploited in Targeted Attacks
Forensics Chall: Bluetooth For The Win(Shunya CTF Arambha) Writeup | by Anant | Apr, 2024 | Medium
Sophos Guidance on the Digital Operational Resilience Act (DORA)
Hamas spox faces US sanctions for leading cyber influence operations
Key cybersecurity concerns among CISOs examined
CISA adds Palo Alto Networks PAN-OS Command Injection flaw to its Known Exploited Vulnerabilities catalog
Software Support: 7 Essential Reasons You Can't Overlook
Palo Alto Networks fixes zero-day exploited to backdoor firewalls
Chipmaker Giant Nexperia Confirms Cyber-Attack Amid Ransomware Group C
Cyberattack remediation efforts at The Heritage Foundation underway
Nearly 3M Giant Tiger records exposed by purported hacker
Novel C2 tool leveraged in latest MuddyWater attacks
Section 702 reauthorization bill receives House OK
AI Copilot: Launching Innovation Rockets, But Beware of the Darkness Ahead
Muddled Libra Shifts Focus to SaaS and Cloud for Extortion and Data Theft Attacks
Texting Secrets: How Messenger Apps Guard Your Chats
Privacera adds access control and data filtering functionality for Vector DB/RAG
Safeguard Your Business Impersonation Protection Solutions
Threat actors exploited Palo Alto Pan-OS issue to deploy a Python Backdoor
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution
FBI and AFP Arrest Alleged Developer, Marketer of Firebird/Hive RAT
A critical vulnerability in Delinea Secret Server allows auth bypass, admin access
eBook: Why CISSP?
Microsoft lifts Windows 11 block on some Intel systems after 2 years
What if we made ransomware payments illegal?
FBI Warns of Massive Toll Services Smishing Scam
Police Swoop on €645m Cannabis Investment Fraud Gang
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users
Palo Alto Networks Releases Urgent Fixes for Exploited PAN-OS Vulnerability
US and Australian police arrested Firebird RAT author and operator
ShadowDragon Horizon enhancements help users conduct investigations from any device
Expand your library with these cybersecurity books
How to protect IP surveillance cameras from Wi-Fi jamming
Zarf: Open-source continuous software delivery on disconnected networks
HTB CTF: Cracking Passwords with Hashcat | InfoSec Write-ups
Geopolitical tensions escalate OT cyber attacks
Exposing the top cloud security threats
Critical Flaw In D-Link NAS Devices Under Active Exploitation | Daily Security Review
Hackers Use Fake Facebook Midjourney AI Pages To Infect Over 1 Million With Malware | Daily Security Review
Targus Hit By Cyberattack, File Systems Compromised | Daily Security Review
CVS Cyberattack Disrupts Veterinary Operations | Daily Security Review
Major Data Breach At US Environmental Protection Agency, Over 8.5 Million Records Leaked By USDoD | Daily Security Review
OpenTable won't add first names, photos to old reviews after backlash
Medium bans AI-generated content from its paid Partner Program
HTB — Bashed. Bash your way through! | by Dfaults | Apr, 2024 | InfoSec Write-ups
Giant Tiger data breach may have impacted millions of customers
Delinea has cloud security incident in Thycotic Secret Server gaff | by Kevin Beaumont | Apr, 2024 | DoublePulsar
When Fiat and Shamir Changed The World of Cybersecurity and Privacy | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Apr, 2024 | Medium
Week in review: Palo Alto Networks firewalls under attack, Microsoft patches two exploited zero-days
newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Unauthorized Admin Account Access via Google Authentication | by Sahil Mehra | Apr, 2024 | Medium
bcrypt or Argon 2?. We were so priviledged to have the… | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Apr, 2024 | Medium
Dark Web: Here’s How You Can Explore It Anonymously! | by Parikanksha Venkatesh | Apr, 2024 | Medium
XZ Backdoor — Breaching Trust in Open-Source Collaborative Development | by Abdul Issa | Apr, 2024 | InfoSec Write-ups
Best Practices for Optimizing Web Development Standards for Media Sites
Crooks manipulate GitHub's search results to distribute malware
The Race for AI-Powered Security Platforms Heats Up
Knostic Brings Access Control to LLMs
Firebird RAT creator and seller arrested in the U.S. and Australia
What You Need to Know About the Critical PAN-OS Zero-Day
Enhancing Digital Security: Strategies for Secret Detection and Management | by Sushant Mimani | Apr, 2024 | InfoSec Write-ups
BatBadBut flaw allowed an attacker to perform command injection on Windows
Ex-Security Engineer Jailed 3 Years for $12.3 Million Crypto Exchange Thefts
Hacker claims Giant Tiger data breach, leaks 2.8M records online
Palo Alto Networks zero-day exploited since March to backdoor firewalls
Service Unavailable – Medium
U.S. Treasury Hamas Spokesperson for Cyber Influence Operations
Windows Apps Vulnerable to Command Injection via "BatBadBut" Flaw
Can we trust AI to take care of us? | by Linda Margaret | Brain Labs | Apr, 2024 | Medium
UK flooded with forged stamps despite using barcodes — to prevent just that
Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Bypassed the Amazon CloudFront Logic and got XSS at the National Weather Agency of the U.S. | by Prince Roy(RoyzSec) | Apr, 2024 | Medium
Why Do Some Companies Not Upgrade All Their Hash Passwords To Enhanced Versions? Meet Enhanced Entropy | by Prof Bill Buchanan OBE | ASecuritySite: When Bob Met Alice | Apr, 2024 | Medium
What is threat informed defense and how can you advance it? | MITRE-Engenuity
Hijacking your JavaScript using prototype pollution | by sushil phuyal | Apr, 2024 | InfoSec Write-ups
TryHackMe CTF Collection Vol. 2. A beginner-friendly CTF walkthrough… | by Abdul Issa | Apr, 2024 | InfoSec Write-ups
Random account takeover via misconfigured OAuth | by Berserker | Apr, 2024 | Medium
How I managed to bypass 2FA on image line | by Bishwajeet | Apr, 2024 | Medium
LLM Security: Protect Your Business from 3 Critical Threats | Generative AI
How to Learn Cybersecurity at Home | by Tyler Wall | Mar, 2024 | Medium
Sanitising Your Git History. How to clear your Git to improve… | by Jake Teo | Apr, 2024 | Level Up Coding
Upgrades!!! — Everything new with Kubernetes 1.30 | by Imran Roshan | Google Cloud - Community | Mar, 2024 | Medium
Understanding ETW Patching. Introduction | by Jonathan Johnson | Apr, 2024 | Medium
My Grandfather Didn’t Trust Banks. Now, Digital Banking Makes People Feel the Same Way. | by George “Ace” Acevedo | ILLUMINATION-Curated | Apr, 2024 | Medium
Explore topics
Medium
GitHub - 6abd/horus: A digital forensics tool built in Python
oss-security - CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client
(127) PACLOCK 90A PRO PICKED (200K CLUB!) - YouTube
Sniping at web applications to discover input-handling vulnerabilities | Journal of Computer Virology and Hacking Techniques
PuTTY vulnerability vuln-p521-bias
Fixing Typos and Breaching Microsoft’s Perimeter  – John Stawinski IV
GitHub - msoedov/langalf: Agentic LLM Vulnerability Scanner
Hospital websites share visitors' data with Google, Meta • The Register
Lockpicking Cowboy Introduction - YouTube
Invision Community Vulnerabilities Risk E-Commerce Websites
Amplified exposure: How AWS flaws made Amplify IAM roles vulnerable to takeover | Datadog Security Labs
The US Government Has a Microsoft Problem | WIRED
What Is A Lishi? | How To Use A Lishi | The Lishi Defeats The American 1100 - YouTube
GitHub - dark-warlord14/CVENotifier: Customized CVE FEED Notifier
Baldur
Fully Homomorphic Encryption | We are a community of researchers and developers interested in advancing homomorphic encryption and other secure computation techniques.
The LockPicking Lawyer Challenged Me: Pick This Lock Without Knowing What's Inside - YouTube
Brief #47: Palo Alto Zero-Day Exploited, AI-Powered Malware, CISO Burnout, and the Value of Mentorship
The World's Fastest Growing Subdomain & Shadow IT Database
[251] Brinks Commercial Promax out of the package pick #sandman_locksport - YouTube
JavaScript Quiz
“Highly capable” hackers root corporate networks by exploiting firewall 0-day | Ars Technica
What Is A Lishi? | How To Use A Lishi - YouTube
'Spy film type thing' - Alarm grows over Cook Islands cryptocurrency bill
Branch History Injection - vusec
891. Where in the lock keyway do you put the tension tool when raking padlocks open with a City Rake - YouTube
Cloudflare Turnstile Update - Apache2 retirement · fin3ss3g0d/evilgophish@6bf9f29 · GitHub
Kaspersky analysis of the backdoor in XZ | Securelist
HORI Trident (Spooled T-pins) picked and gutted - YouTube
GitHub - trap-bytes/hauditor: hauditor is a tool designed to analyze the security headers returned by a web page.
SSD Advisory - IP.Board 'nexus' RCE and Blind SQLi - SSD Secure Disclosure
Seccomp: Enhance Security for Linux Applications
IBM QRadar - When The Attacker Controls Your Security Stack (CVE-2022-26377)
CTO at NCSC Summary: week ending April 14th
Holberton CyberSecurty course
Gleam OpenTelemetry Proof-of-Concept
Web App made as proof of concept for Angular, .NETcore API and mongodb database
Proof of concept for using EIP-4788 beacon root oracle on L2 to prove L1 state.
hackingtool
My notes and code samples / exploits from "Hacking: The Art of Exploitation, 2nd Edition" by Jon Erickson [No Starch Press]
Software Security Assignment 5 https://cs.lmu.edu/~ray/classes/ssd/assignment/5/
This configuration provides a robust setup for reverse proxying with NGINX, ensuring high availability and security for your application.
auth-spring-security
10-backend-usersapp-security-jwt
SpringBootSecurityJDBC
Security-Homelab
HackingSmartBulbs
this repo contain my progress learning swift ui on 100 days of swift ui by hacking with swift.
How to access iPhone information remotely by tomcyberghost hacker
Kuzu-Advanced-Security-Bot-V3
Implement proactive security measures in DevSecOps with automated Runtime Self-Protection (RASP) integration. Configure RASP on security issue detection, create version-controlled configurations, and mitigate vulnerabilities until patches deploy.
CVE-2023-48788-Proof-of-concept-SQLinj
This is the spring boot project using security with authentication and authorization. In this project two panels are there for Admin and for user. The pages are authenticated and authorized based on role of user or admin.
Proof of concept for a diagonal carousel in Svelte
brasil eternity web site for the hackers the game
Just a proof of concept, injecting so file inside a game and calling game functions. tested with sauerbraten 2020_12_29-1 (Arch Linux)
Warzone Milonity Hack 2024 aim wh esp wallhack
Project developed in Hack MAIT 5.0 by TechVyto Team
codehawks-security-portfolio
security
Information-Security
War of Evolution codes for Amethyst Hacks with Mod menu guide
This repository contains a Python script for automatically downloading XBRL and TXT filings from the U.S. Securities and Exchange Commission (SEC) database. It is designed to fetch recent filings for specified companies using their Central Index Key (CIK)
DayZ Milonity Hack 2024 aim wh esp wallhack
Hack for the Homeless 2024 - Game For Raising Awareness
spring-security-jwt-learn3
Wanna hack ctf 2024
Broadway-Security.com
Backend repository of Acarreos Appa using Spring Boot : Acarreos Appa is an application for carriages and packages delivery service, it was previously developed using Django, here is a new version using Spring Boot y Spring Security.
Proof of concept work for jsHarmony integration for NextJS
REST API para aplicación de planificación de tareas con Spring Boot, Spring Data JPA y Spring Security.
Proof of concept ASP.NET CORE WEB API for automating slack workspace creation through the official Slack API
Proof of concept demo's for migration to Fabric
Dynamic and innovative Full Stack Web Developer with a proven track record of delivering high-quality web solutions. Proficient in front-end and back-end technologies, including HTML, CSS, JavaScript, React, Node.js , MySQL, MongoDb and PHP. Efficient in
SpringSecurity-BharathThippireddy
Proof-of-Concept for KGTM protocol
Bot to get reservations from resy
Python based network sniffer for ethical hackers
HACKING-MD
Biddady game hack
Information Security
Spring Security
Rust Hack 2024
This script is about to enhance yourself security in terminal as we know attacker sometimes acess your shell with this script if an attacker gain acess to terminal they can't execute command until the password enter
A connector service that gathers data from Hacker News and store it in a database protected by OAuth2
This is a simple app that will show a collection of different views from the source Public API called Hacker News.
web-security-test
Hacks for your Open Hardware Summit 2024 badge
20CYS114 Cyber Security Essentials Lab-4 tasks
with Spring Security 6 and MySQL - basic application to generate a JWT token and register/login users to give access to protected endpoints
memory overflow attacks
Book Social Network: Gestiona colecciones de libros, interactúa con la comunidad, registra usuarios, gestiona libros (creación, actualización, préstamo, devolución), seguridad con tokens JWT, API REST con Spring Boot 3 y Spring Security 6, frontend en Ang
Proof of concept of Ring-LWE encryption/decryption
meta-security
Spring-security
Spring-security
My Attempt at documenting the Security Breaches in Pakistan so far.
An extremely basic proof-of-concept command and control framework (python server, powershell implant) used for an antivirus analysis project for CPEN 442
personal blooket hacks
Door Locker Security System Project using Atmega32/AVR
Ethical Hacking - ..................................
The Spring Boot Security Admin User Panel provides a secure and user-friendly interface for managing user authentication and authorization in Spring Boot applications.
A proof of concept whole exome analysis pipeline for running on AWS EKS
IARS-Proof-of-Concept
Monitor the Hacker News posts that you're interested in and let ChatGPT give a summary of the Post.
Proof of concept, how the help for online manager Brejk could look like.
Proof of concept (POC) concurrency with Ractor and Sidekiq
ProofOfConcepts
The proof of concept (POC) for Kong AI
Proof-of-concept
kaggle competition (HuBMAP - Hacking the Human Vasculature)
Security
Chrome extension to easily identify comments by the OP in Hacker News threads.
Hacking
indicia-php-security
Warzone Ghost Hack 2024 aim wh esp wallhack
python-security
SecurityOperationsCenter-builder
Customer Segmentation: Analyzing data for personalized marketing. Churn Prediction: Building models to retain customers. Sales Forecasting: Using data to optimize inventory. Social Sentiment Analysis: Refining communication strategies. Fraud Detection: Im
Frost_Hack_lowDose_HighDOse
SecurityPlan
Hack pull request 2
This project focuses on securing PIN data across its entire lifecycle. It covers security within individual systems and during transfer between them, considering all components involved (networks, servers, applications, etc.). An innovative method (CFSL
Hack Cupertino CTF Problems + Live Leaderboard Setup
Proof of concept: using the hook length formula to enumerate ballot words
A proof of concept for an AI that is able to find the mathematical function that explains a given integer sequence.
Conducted a Penetration Test on a vulnerable VM provided to us in the course “Security Tools for Information Security” and reported multiple vulnerabilities such as RCE via Arbitrary File Upload, Insecure Credentials, and much more leading to the leak of
Proof of concept to use many visual components.
PostReviewWithSecurityWithSwaggerAndDocker
AWS-Security_Architect_Challenge
Vanilla Python tools for hacking/penetration testing.
A proof of concept for an AI that is able to find the mathematical function that explains a given integer sequence.
This tool is designed to remove the Bananasquad/Funcaptcha malware from infected systems. The malware, consisting of `pl.py` (Bananasquad) and `gruppe.py` (Funcaptcha), can compromise system security and privacy. This tool provides a simple yet effective
only education purpose
A Proof of Concept using the 0x57 Passkey Package
A not-curated list of cloud hacking labs
Funnint's Basic Hack
SecureSphere Labs, your go-to destination for a curated collection of powerful hacking tools designed for cybersecurity professionals, ethical hackers, and security enthusiasts alike.
New Base By Kio For Il2CPP Unity Game Hacking
Valorant Milonity Hack 2024 aim wh esp wallhack
Fortnite Milonity Hack 2024 aim wh esp wallhack
AI clothes trying on built at Bath Hack 2024
Repositorio para recopilar las maquinas realizadas en hack the box
spring-security-core
Endless Altitude Website for Klein Hacks 2024
structural subtyping hack for rust
To Detect the Hacking Tools Used Based on the PCPAP files
hacking......
Unveiling-Securing-File-Uploads-A-Guide-for-Ethical-Hackers
Repositório destinado as atividades do programa Hackers do Bem.
Hacked from [How to use OxyPlot Diffrent Series in WPF C#](https://csharp.agrimetsoft.com/exercises/OxyPlot_Series)
securityProject
Proof of concept of a requirement machine for hylo compiler
Assembler built for generating binary output for the nand2tetris Hack computer
Fork of jsfuzz https://gitlab.com/gitlab-org/security-products/analyzers/fuzzers/jsfuzz
The 代写代做 编程辅导, code help, CS tutor, WeChat: cstutorcs Email: tutorcs@163.com
repo for Coffee order UI with security
Web sitelerinde ki resimleri toplayıp exif verilerini ayrıştıran bir programdır.
This is a browser extension scanner tool that scans your Chrome|Firefox extension from a security standpoint
Handle every reporting request, process sanctions and implement security.
spring-security
security_camera
spring-mvc-security
repo for coffee order with security implemented
backup_security_main
SpringSecurity
A study on cloudflare turnstile.Proof of concept.
Cyber Block is a Website that Deals with Spam-Emails-Detector and also Provide Quizzes and News Related to Cyber Security and also Provide many More Things.
Spring security features tests
A proof on concept of creating an application in PyQt6
crypto_keeper: An open-source utility for cryptocurrency enthusiasts to securely store and manage sensitive data like exchange information and wallet private keys. It offers robust encryption, a user-friendly interface, and cross-platform support, enhanci
ByteUprise_task4_CyberSecurity
Welcome to GAMExPUNK, your hub for all things Future gaming. Enter the neon-ending realm for gamers, where every click is a hack and every choice is a gamble. Embrace the chaos, navigate the shadows, and rewrite the rules of the digital frontier.
notes
Hack Cupertino 2024 Project - Creekside Coders
решение для хакатона Gagarin Hack по треку распознавания документов
fastapi_base_security_project
Proof of Concepts of Design Patterns for Java applications
Spring-Security
Hacked
hackathon-security-project
This little project is just my university lab work
Cyber Security Blog WebSite
Scarlet-hacks
angel hack contest
proof of concept for a content based recommendation algorithm with NLP & Machine Learning
Sense-Hacking-Game
Inspect Food Security
security_test
hacking_tool
Simple proof of concept for using aruco markers to quickly find an inventory position based on its marker ID
intro-spring-security-devmedia
Google_hackingQuerries
Using IaC tool Terraform for setting up AWS Cloud infrastructure. Setting VPC, public subnet, EC2 instance inside it, security group. Configuring internet gateway and route table.
Submission for CMPE 172 Hackathon
Shark Hack 2024 Project @ Simmons University
dmdevSecurity
The final results for the first lab in Network Security subject
spring_boot_3_security_implementation
Security-Toolbox
get note from hack md
CoAP Spring Boot application that implements Californium's Constrained Application Protocol implementation using Datagram Transport Layer Security in PSK mode
security-lab-4
My personal efforts at hacking JC3, with a final goal of scripting the gameplay
spring security 완전정복
AITA proof of concept beginning
security-lab-5
FreeRTOS-security-tutorial
security-center
proof of concept filter
SpringSecurity full setup
My project aims to implement user authentication and authorization using JWT and cookies. It ensures secure transmission of user data, manages session persistence, and enforces access control to protected resources. The system employs robust encryption an
File-Security-App
https://github.com/bonsall2004/lumos-compiler is a proof of concept, we're working on developing it with LLVM and that is what this repository is for
Security-Engineering
Cybersecurity History and Groundhog Day
hacking
Authentication-Security
Explore our repository containing the backend code for a Clothe Shop E-commerce site, built with Spring Boot. We've prioritized by incorporating Spring Security for reliable user authentication and authorization.
SafetyAndSecurity
Proof Of Concept (POC) for go-cron
Data Security Tutorial: Protect your critical data
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
5c hack project!
The need for secure and convenient cardless cash withdrawal at ATMs, leveraging mobile phones and OTP authentication, to reduce frauds arising due to security risks associated with physical ATM cards.
proof of concept for quarto + marimo
Analytics on food security and nutrition by state, etc
Ark_security-system
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
2024 Hack-A-Damien Project
Naan-Mudhalvan-CyberSecurity
Config files for my GitHub profile.
Repository with insecure Python code snippets to demonstrate Snyk code security scanning during SDLC
Maui WebView2 Project Proof of Concept
securitycopilot
Proyect for angel hack 2024
hacking.cmr
HACK UR WAY
Projects refferring to the "Elements of Applied Data Security" course
Proof of concept. Uses Google Drive as a document store for an Angular application that persists user data in the form of JSON documents.
A social deduction game where a detective needs to deduce who is human and who is AI. Made for Bath Hack 2024 in 24hrs
A Chromium-based extension that analyzes the sentiment of comments on a Hacker News post.
Hard Hack 2024
Terraform-security-gcp-project1
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Enhancing security and user management in the JWKS Server
PrivacyOps transforms law enforcement with its innovative criminal case filing system, powered by Web3 technology. With robust security measures like secure authentication and encryption, it safeguards sensitive data while also offering selective anonymiz
Arduino Code for NJIT Hardware Hack 2024
Hack KU 2024 Project
Stuff to put here for ECE_382V Enterprise Network Security
This repo will host my study notes on my journey to becoming an ethical hacker.
Naan-mudhalvan-cyber-security-
Easily setup Linux distribution inside a docker/podman container with full X/Wayland/sound and hardware acceleration support for both CLI and GUI apps. No compromise on security which can be increased or decreased as per your requirements.
terraform-aws-security-group
security
List of programs written in java From Advanced Programming course. Servers Client-Server Architecture and Encryption used in Computer Security
Security-App
Bl<HACK> project
This game is based on traditional snake game to develop a education game about awareness of security for people. It is simple to understand and easy to play. Moreover, it provides knowledge for people when playing this game
EsproSecurityBot
spring-security-demo
Python methods to create binomial interest rate models for fixed income security pricing: caps, swaps, bonds, etc.
A simple API for a list of football players with basic spring security and pagination
Password Generator: Easily create secure passwords with customizable options for length and character types. Enhance online security effortlessly.
Repo for Dragon Hacks
Simple Spring security with using JWT + REST
Collaborative notes for becode cyber security bootcamp
add invisible watermarks to generated images without compromising quality. proof of concept.
AetherScope 🛡️: A powerful bug bounty reconnaissance tool for security enthusiasts, enabling efficient discovery and analysis of potential vulnerabilities. 🔍
This repo contain python codes that performs various tasks required for a hacker. Tasks like performing tcp-port scan, password crack, mac-address changing and many more with the help of python...
Proof of concept / example of reading from a PDM mic with ESP-IDF 5.1
This is a Spring Boot based Blog REST Api with Spring Security.
My team (STEM Phlegm)'s project for IEEE's H.A.R.D Hack 2024 hackathon
Collection of modules for the Frieren micro-framework, enhancing functionality for routers and Single Board Computers (SBCs). Explore a range of modules aimed at boosting security, performance, and user experience.
NationalSecurityMatter
Fortnite External Source With Prediction Leak slotted source leak. tags: fortnite cheat, fortnite driver, fortnite offsets, valorant offsets, valorant cheat, data pointer, data ptr, ioctl, offsets, driver, valorant driver, cheats, hacks, hack, undetected,
Sem2_CyberSecurity
info on hacking web apps
My team (STEM Phlegm)'s project for IEEE's H.A.R.D Hack 2024 hackathon
Developing a Web Form for Software Security First Assignment.
checkbox_hacking
PHP script for Linux systems: Utilize Magika, Google's AI-powered tool, for seamless file type detection. Enhance automation and security with local installation, ensuring accurate analysis.
Our Apex Legends hacks and cheats stand out as some of the most accessible and dependable options in the online realm. Sign up on our platform, ascend to VIP membership, and acquire access to our suite of hacks. With our instant delivery system
هک میکروفون کامپیوتر با پایتون
A telegram bot used for so called hacking first bot to support both pyrogram and telethon string session
security_test
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui
This guides in refining any association's security strategy because of identification of weaknesses and ensures that the safety efforts taken really gives the assurance that the association expects and requires.
Naan-muthalvan-cyber-security
A VR Simulation based on India's successful Moon landing mission Chandrayaan 3. Consolation prize winning project oat IEEE Inida's "Hack The Metaverse".
MultiSignatureToken is a Solidity smart contract for Ethereum, enabling decentralized governance with a multi-signature mechanism. Owners collaboratively manage and execute transactions, enhancing security and control over blockchain assets.
Hub for projects focusing on machine learning, automation, data sorting, security, and workflow improvements.
External Game Project primarily written in C++, utilizing external libraries. Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui.
Learn Real Hacking Email- rasan123760@gmail.com
To hack cameras
SpringWefluxAndSecurity
Are you passionate about cybersecurity and interested in learning how to protect systems from cyber threats? Look no further! DevHacks is your ultimate destination for ethical hacking resources, tutorials, and community support.
In the enchanting realm of gaming, DLLX1 reigns supreme as a paragon of excellence. A fully realized internal hack tailored exclusively for Valorant,
Bookmarklets for hacking game such as Prodigy, Blooket, Quizizz, Quizlet, etc.
Basically a repository covered by my full knowledge of hacking
Enhance the security of your KeyAuth ImGui example by implementing server-side controls, packet encryption, and single-use packets, offering robust protection against unauthorized access.
Game Cheat Imgui Hack Menu Cpp
Some example code related to some security topics (windows api calls, dll hijacking stuff, etc) for relearning c basics.
hacking
Data_security_Gr5
This repo contains associated files used and generated during the Puppy raffle lesson of the Cyfrin Security and Auditing course
created this to learn the concept of web and its security
Website design is used to help businesses provide information security knowledge and specific security policies for the company's recruitment tests.
This repository contains the codes of the Python scripting task required for security engineer intern position at Bugbase.
Stealth Health is a health and fitness application that aims to provide privacy-focused health tracking and analytics to users. The system is designed to collect and analyze user health data while prioritizing user privacy and data security.
A Variety of Scripts to fix security limitations in popular HomeBrew OS Setups
Notes about spring security
Hack project is gonna be awesome for us and we are happy to create this project
Project which use neural network expert systems to monitor information security in automated information systems
3.1.2.-Spring-Boot-Security
Project for Yantra Central Hack, VIT Vellore
spring-security
Working around public methods in Livewire...
A dev-tools website which includes DB Schema editor to JSON Formatter. Considering privacy and security nothing will be sent to servers, everything will be within client's machine.
extreme-hacking-web-five
Information-Security-Service Service of neural network expert systems for the Diptych of information security in AIS
security
Server Side Events Proof-of-Concept
waxaan rabaa inaan challange naftayda la galo midkaaso ah 30 maalin midkaaso aanku tijaabinaayo jokten tayda iyo cilmigayga hackinka walibo anigo isticmaalayo website loo yaqaano teyhackme
Projeto ADA hack 2024
Advanced Password Inspector is a Python tool designed to evaluate password strength, estimate cracking time, and check against breached databases. It aims to enhance user security by providing detailed password assessments and recommendations.
Following along François Chollet's Deep Learning with Python
Ankara Science University / MIS202 - Network Security Midterm Project
An electron app that tracks deaths, exits cleared and time passed since hack started for SMW romhacks, utilising Qusb2Snes.
security
Employee management CRUD operations in Microsoft SQL Server 2022 utilize stored procedures. These precompiled SQL statements enhance performance and security. T-SQL code defines procedures for Create, Read, Update, and Delete actions, ensuring data integ
Privacy, security, and analytics on the National Survey of Drug Use and Health 2022
spring-security
ComputerCraft-ShopSecurity
growth-hacking
Final Project Files for Advanced Computer and Network Security (Comp 7370)
Poc_Spring_Security
CyberSecurity-Labs
Windy City Hacks 2024 🏙️
A website developed with Nuxt + Vuetify that lets the user learn Information Security concepts
Security-Dynamic-Link-Library-Patcher-Winform
This is all about powershell!
Yet another CLI tool to browse Hacker News.
Recursos sobre ciber inteligencia
jwt-security-oauth2
My thesis project with the name "Model-based security for Cyber-Physical Systems" my masters at the Budapest University of Technology and Economics.
see-security-service
valorant cheat, valorant esp, valorant cheat download, valorant hack esp, valorant cheat free,v alorant aimbot download, valorant esp hack, valorant cheat download free, cheat valorant, valorant hack, valorant hack free, free valorant hack, valorant hack
Cyberez website is made for cyber security and programming courses.
Simple scripts repo for ethical hacking
Study Spring Security
Spring Boot project for describe the spring security
Submission for G2 Hack
CYBER-SECURITY
Scripts to replace the vihome software on orvibo/gynoid hubs for a serial gateway to home assistant
Security-
A tool to add a runtime security layer for Java applications
sb-security
Proof of concept for migrating bot based on Slack Node package to Bolt
Cyber security pptx
A proof of concept to get a selected set of the features of the Inkplate 10 working.
The Food Waste Reduction System is a system designed to address the issue of food waste by connecting restaurants, grocery stores, and consumers with surplus food. The system aims to prevent food waste by facilitating the redistribution of excess food to
Compiled oversecured ovaa apk for Android hacking
Cyber-security-project-submission-
Java, Spring 6 and Spring Boot 3 with JDBC, JPA, Security, Docker and Microservices
BitLocker Hacked: Decrypting Windows Disk Encryption
Challenges used in the Chronos Security CTF 2024. This repo contains the Dockerfiles and applications used during the CTF.
Cyber-Security.
Final-project---Information-Security
RequestCount proof-of-concept application
Blockchain Security
Discord bot, made for security of servers.
Dotfiles improved: a hackable, cross-platform dotfile manager
Discover the epitome of web browsing with Google Chrome. Lightning-fast, intuitive, and secure, Chrome redefines how we explore the internet. Experience seamless multitasking, a plethora of extensions, and top-notch security in one sleek package. Join the
SmartContract-Security-Analyser
Organizations release Security Advisories about the products they build to inform their users of potential security risks and vulnerabilities. This repository contains the links to each listed organization's Security Advisories and their RSS Feed Link if
smart-contract-hacking-foundry-exercises-part-1
Computer and Network Security's course @UNIPD
security_study
This product is the final year project submission for my bachelor of Science degree in computer science and engineering with specialisation in cyber security for the 8th semester.
SecurityWebApi-PermissionBased
I created this project during Hack KU
Academic Papers about LLM Application on Security
E-commerce shop build with springBoot 3, Spring Security 6, Postgres and React
This subject refers to the ethical hacker of elective 6 of software engineering
Home_security
This is a repository that contains vulnerable code snippets. This is used to test my security assistant repo
Hotel booking app using Java, Spring Boot, and ReactJS for the frontend, and we will be using JWT Authentication with Spring Security.
Challenge of list from Hacker Rank
The "Project User System JWT Token And Refresh Token Authenticate" is a Java Spring Framework backend project with SQL database integration. It focuses on user authentication and authorization using JWT tokens. Key features include user signup and login,
SRSI
A Personal Ecommerce web application made using python (Flask), javascript, html, css in traditional MVC architecture ensuring security of database or any security credentials at it's best
Ghofle is a web service for securely exchanging your files. With Ghofle, you can easily sell your files. For enhanced file security, the AMAZON AWS S3 storage service is utilized, and expiring links are issued.
This repo was created to practise spring security
Staff Management Software Proof Of Concept
This tool is useful in information gathering about IP address. It will help you to find detail of any IP in one click.
Cross-platform Password Manager (Java/SWT)
This repository contains the backend API for AlgoRiddle, a platform for practicing algorithmic challenges inspired by LeetCode. This backend is built using Spring Boot, Gradle, Spring Security with Firebase Authentication, and utilizes testing with JUnit
Envoy Sidecar Proof of Concept
Networking and Data Security Project
LLMs + RAG + CVEs + Security = SecAIOps
NDiS is a repository of diagrams, cheatsheets, and other hacking-related stuff made by myself.
Dos tool for server security for Linux
csi4109-information-security
WARNING: This is a proof-of-concept idea - it might be removed again
Current online identification systems face redundancy and security issues. Blockchain-based solutions offer enhanced security by decentralizing data, reducing vulnerabilities. This approach streamlines processes, mitigates breaches, and empowers users wi
Proof of concept game taking place in the physical world
security-guides
A web component for securely rendering markdown
Open Security Controls Assessment Language Toolbox
Knowledge about cyber security
Hacker Rank coding practices (Algorithm, Data Structures, Logic, Puzzles, etc.)
Web-Security-Academy-Series
verse.db isn't just a database, it's your universal data bridge. Designed for unmatched flexibility, security, and performance, verse.db empowers you to manage your data with ease.
Hack 4 LA: City of Los Angele's Crime and Arrest Data Project
Transparency about an organization's security and compliance practices has become pivotal in third-party risk management (TPRM). This repository contains the links to each listed organization's Security & Compliance information.
Hacking notes
SpringSecurity
Sofware Engineering project aiming to create a RPG / Hack and Slash style game
Rutgers CS:419 | Computer Security Spring 2024
This repository outlines my software security lab materials for the lab conducted by Imtiaj Ahmed Chowdhury, Lecturer, IUT along with Sabrina Islam, Lecturer, IUT
Automate network analysis with this Python program that performs Nmap stealth scans, extracts open ports, and gathers detailed service information. Ideal for quick and efficient security assessments.
A digital forensics tool built in Python
Fully Uncensored Hacking & Unethical AI
This space is dedicated to hosting and showcasing all the projects submitted for the B-Cubed Hackathon 2024 - Hacking Biodiversity Data Cubes for Policy
Explore security nuances with File Comparator CTF Challenge. This Flask-based web app invites CTF enthusiasts to navigate file uploads, hashing, and comparisons. Uncover vulnerabilities, test your skills, and enhance your CTF experience in a controlled en
This repository contains all my learnings from the 100 days of SwiftUI course from hacking with swift.
A Hackintosh (/ˈhækɪntɒʃ/, a portmanteau of "Hack" and "Macintosh") is a computer that runs Apple's Macintosh operating system macOS on computer hardware that is not authorized for the purpose by Apple.[1] This can also include running Macintosh software
ExfilLook (Exfiltrate Through Outlook) is a tool that helps security researchers exfiltrate data from a compromised Windows machine through Outlook Mail.
Demo SpringBoot 3 JWT Security tutorial
My personal hacking notes learned from penetration testing. Must be viewed using Obsidian for correct formatting.
Proof of Concept (PoC) code/notes exploring reverse engineering techniques for macOS fat binaries, focusing on binary searching and automatic offset identification
Frieren is a micro-framework designed for use in routers and Single Board Computers (SBCs). This framework is built to be lightweight, efficient, and easy to integrate into various hardware projects.
RedTiger is a free multi-tool with many features in the field of cybersecurity and hacking. | RedTiger
Parrot OS (Core/Security) or just Parrot Tools in Docker with the usage of Makefile, Dockerfiles and docker-compose.yaml for Bug Bounty, Penetration Testing, Security Research, Computer Forensics and Reverse Engineering, repository also contains Proof of
web-security
A CLI tool to scan and fix your project's open-source vulnerabilities using Seal packages.
Security-Operations-Centre
Go module that encompasses the security commands of JFrog CLI
Adjust classifier free guidance scale adaptively. Just a proof-of-concept.
SecuraWatch: Vigilance Redefined, Security Reinvented
本地隧道、数据压缩、加密、公网连接数压缩的强大本地客户端,极限降低延迟,防止中间人攻击, 最大限度提升安全性及矿场利润。A powerful local client with local tunneling, data compression, encryption, and public network connection compression can minimize delays, prevent man-in-the-middle attacks, and maximize security
Hack-Vsit website 2023
🧪 Proof of Concept for a Web API (Async) made with .NET 8 (LTS) and ASP.NET Core 8.0
Hacker Rank problems solved in python
Jailbreaking Large Vision-language Models via Typographic Visual Prompts
Poketab Messenger is a temporary chat application that allows users to create and join group chats with up to 10 people. The app utilizes a unique key system to ensure privacy and security, as users can only join a chat by using a key generated and sent b
JDBC Authentication
Next-Gen Stealer. Stealing from Discord, Chromium-Based & Firefox-Based Browsers, Crypto Wallets and more, from every user on every disk. Written in Go. (PoC. For educational purposes only)
IP list full of bad IPs
A proof-of-concept sign language translator made in Python using PyTorch and OpenCV
¡El mejor cliente de ciberseguridad para Minecraft!, cuenta con un montón de exploits esenciales para verificar la seguridad del servidor, además de que es constantemente actualizado!!
G3-HACKING-ETICO
Automated threat intel feed parsing and consolidation💻👾🤖
This module is used to deploy subnet with network security group and route table associated as workaround to the azurerm_subnet resource so it doesn't conflict with the Azure Landing Zone policies Subnets should have a Network Security Group and Subnets s
WebSecurity
movie_be_security
Anleitungen zum Hack-rf
Official DeepSound repository migrated from jpinsoft.net. DeepSound is a freeware steganography tool and audio converter that hides secret data into audio files. The application also enables you to extract secret files directly from audio files or audio C
This repo will record oauth note and sample.
🥑 Inspect and understand an organization's software supply chain that enables stakeholders to make actionable decisions about software supply chain security
Microsoft Entra External ID Backend for frontend security using Angular Standalone (nx) and ASP.NET Core backend
Azure AD B2C Backend for frontend security using Angular Standalone (nx) and ASP.NET Core backend
OpenIdict Backend for frontend security using Angular Standalone (nx) and ASP.NET Core backend
Auth0 Backend for frontend security using Angular Standalone (nx) and ASP.NET Core backend
primär Kali Linux & Ubuntu - mit GNOME & XFCE & white hat hacking
elba - your smart cybersecurity assistant
This project demonstrates how to create an authenticated backend using Spring Security, Spring Data JPA for database access, JWT generation for enhanced security, and harnessing capabilities through HTTP POST requests.
security-sb3-ss6-jwt-RSA256
A proof of concept of a tree shakable Zod alternative. This library aims to have a 1:1 Zod compatible API, but with fine grain control over the final bundle size. This was done by a combination of Proxies and type-level programming.
Custom security-focused lint checks for Android development
Notes, scripts and commands for OSCP and other Offensive Security courses
Spring-Security
Helps Moderation and Security
Red Hat security advisories
Security Scripts and Sources for daily usage.
tech news backend; Hacker News, All ML News, GeekNews
P2P encrypted messenger and call dialer proof-of-concept
Cybersecurity Projects
Secure Data Storage: Build a blockchain-based data storage system that provides secure and decentralized storage for sensitive information. This system could be used by individuals or organizations that require high levels of data security
Programming Fonts (Hack + IBM Plex Sans JP + Nerd Fonts)
Extensible web pages. Hackable. Reactive.
A list of commonly used passwords that should not be used for security purposes
An educational proof of concept 3D renderer
Master's thesis on "Mobile Application for Automated Security Testing of Wireless Access Points".
A collection of hacks and etc. for running a homelab on Nomad.
Dive deep into the web's intricate layers with Linkscraper! Whether you're a researcher, developer, or a curious explorer, our tool efficiently scans web pages to fetch links, images, emails, and much more.
Hacker-Rank C solutions for Intermediate
Hacking-Notes
A proof-of-concept, Rust-inspired, declarative hardware description language optimized for RTL coding
A dashboard to explore Falco Rules
Jie stands out as a comprehensive security assessment and exploitation tool meticulously crafted for web applications. Its robust suite of features encompasses vulnerability scanning, information gathering, and exploitation, elevating it to an indispensab
Yeah, My Credit Script Hack Slap Battles Roblox, Thank You!
1. Alfred CRM App Automation 2. Web App Automation Testing 3.UiPath Invoice Processing 4.WI5-Calculate Client Security Hash 5.HR Onboard New Hire
OWASP Foundation Web Respository
We provide powerful yet easy-to-use tools on the clash platform to protect your privacy and security online.
This blockchain data trading system ensures anonymity, trust, and security, preventing hacking and dishonest behavior in data exchange.
📱 Wire for iOS (iPhone and iPad)
HTTP stress testing tool that can overload web servers.
eslint-plugin-security Online Playground
Python scripts that build optimal routes for node collection
Programs For TryHackMe Problems (https://tryhackme.com/)
Getting Hacker News top stories IDs via the API
bot to push ngork links on telegram/discord
Automating situational awareness for cloud penetration tests.
Generates Github tokens using a Github App install
DelugeRPG bot scripts (cheats/hacks)
Audit Rust Dependencies using the RustSec Advisory DB
A collection of hacks and one-off scripts
Voici mon site web. Il est dédié à regagner sa vie privée sur Internet, compréhensible pour les personnes qui n'ont pas de connaissances en informatique.
TCM Security Academy Notes
A load balancer for ProdigyPNP hack servers.
A Community-led Hyper-Hackable Text Editor
Raytracer proof of concept
This program serves as a swift proof-of-concept for developing a Telegram bot designed to enhance your Bahasa proficiency. It compiles a list of frequently used Bahasa words and presents you with four alternatives to choose from.
If anyone uses these codes to a cheat interviews or any exams, you are cheating your future self and I feel sad for you . I created these repos for myself ( practice ) and for those budding hackers/coders who wants to learn to coding. At last don't judge
Orca Security - IaC Security GitHub Action
Repositorio de practica para Javascript, React y problemas de paginas como Hacker Rank y otros Challenges
A react app which displays articles from hacker news, allows the user to search for topics/articles.
The Black Hat Bash book repository
Open source toolkit for scraping, OSINT and more.
CRUSTDE - Containerized Rust development environment - Hack Without Fear and Trust! (2024-03)
CPAN Security Advisory Database
C implementations for constrained (and non-constrained) devices of the IETF protocols OSCORE and EDHOC
RISC-V Security Model
The idea of this project is to be a proof of concept for starting a web app with all the developer tools you would require
《深入理解SAST静态应用安全测试》Static Application Security Testing.
The base repository for making Donkey Kong 64 hacks
A LAN-based global clipboard with security
Cybersecurity framework developed in C, Ansi-style
Extensions to store DataStore in EncryptedFile
Repository for all try-and-see/hack-and-plan projects. Simple code fragments and project that helps me understand how things works
A collection of nix modules for running a secure NixOS server
Java challenges from various websites e.g. coderbyte, hacker rank
The regolibrary package contains the controls Kubescape uses for detecting misconfigurations in Kubernetes manifests.
International Securities Identification Numbers for various Indian Securities
🏡 Homepage of Hack Club's legal entity, The Hack Foundation!
This repo addresses further work involving Kubernetes network security beyond the initial NetworkPolicy resource
enumeration with python (ethical hacking)
Demoing Kubernetes/AKS features
hacking some slay the spire logs
G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modular!
Experimental project demonstrating how to hack the Selector within Eclipse Jetty
A collection of scripts designed to secure/harden Linux based distributions
A proof-of-concept jupyter extension which converts english queries into relevant python code
Hacker News weekly top 10 posts
Public documentation for boltopspro/cis-linux
Website for Artists and Hackers
My personalized Hosts file collection of various sources, cleaned and optimized specially for pDNSf
A library & tool for probing, parsing, and validating security.txt files as specified in RFC 9116 :rocket::books:
A lightweight security/cryptography library
Simple utilities to manipulate Windows account security settings
Digital Kore - Programmer, Hacker, Developer, working Remotely in Cebu City, Philippines..
:microscope: Proof of Concept of Dijkstra's algorithm in .NET
:book: :headphones: :tv: :calendar: Список полезных русскоязычных ресурсов, связанных с ИТ - https://awesomeit.ru
The best way to build Electron apps with security in mind.
Cloud services registry for R&D, DevOps, Support, Maintenance, Security, Performance, Documentation and Operations teams
:microscope: Proof of Concept of an upload stream from React (JS & Native) app to.NET
渗透测试工具包
Dark-IG is a python-based tool for hacking instagram with mass-bruteforce attack and auto-generate password using login method from ssl pinning bypass.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of
A collaborative platform for creating, editing and sharing JSON objects.
Public collection of random hacks and interesting code
Test of https://github.com/mitchellkrogza/The-Big-List-of-Hacked-Malware-Web-Sites
Text, samples and website for my 'Effective Shell' series.
A Python package designed to help users of Cisco's FMC interface with its API.
consistent security logging services
Ad-blocking hosts files, IP block lists, PAC filters, ABP / uBO subscriptions and a whole lot more, all merged from multiple reputable sources, combined with my own research. Also, script-based utilities to help you create such things yourself. Updated at
WordPress Basic Security
Simple one-stop tool to manage X.509/TLS certs and all the ACME CA authorization stuff
Main Sigma Rule Repository
Simple security USB camera.
A collection of various awesome lists for hackers, pentesters and security researchers
A proof of concept to georeference maps with Openlayers (ol).
Use this to hack Fallout terminals
C# Hacking library for making PC game trainers.
🌏 A tiny 0-dependency thread-safe Java™ lib for setting/viewing dns programmatically without touching host file, make unit/integration testing portable; and a tiny tool for setting/viewing dns of running JVM process.
ChipWhisperer - the complete open-source toolchain for side-channel power analysis and glitching attacks
various courses, presentation etc.
Since 2011, IPBan is the worlds most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Learn more at ↓
Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.org https://twitter.com/owtfp
Safely pass trusted data to untrusted environments and back.
CVE-2023-52144 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15.
CVE-2023-6067 -- The WP User Profile Avatar WordPress plugin through 1.0.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to
CVE-2023-7201 -- The Everest Backup WordPress plugin before 2.2.5 does not properly validate backup files to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite
CVE-2024-0399 -- The WooCommerce Customers Manager WordPress plugin before 29.7 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to an SQL injection exploitable by Subscriber+ role.
CVE-2024-0902 -- The Fancy Product Designer WordPress plugin before 6.1.81 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is di
CVE-2024-1204 -- The Meta Box WordPress plugin before 5.9.4 does not prevent users with at least the contributor role from access arbitrary custom fields assigned to other user's posts.
CVE-2024-1306 -- The Smart Forms WordPress plugin before 2.6.94 does not have CSRF checks in some places, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as editing entries, and we consider it a medium risk.
CVE-2024-1307 -- The Smart Forms WordPress plugin before 2.6.94 does not have proper authorization in some actions, which could allow users with a role as low as a subscriber to call them and perform unauthorized actions
CVE-2024-1310 -- The WooCommerce WordPress plugin before 8.6 does not prevent users with at least the contributor role from leaking products they shouldn't have access to. (e.g. private, draft and trashed products)
CVE-2024-1655 -- Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an authenticated remote attacker to execute arbitrary system commands by sending a specially crafted request.
CVE-2024-1660 -- The Top Bar WordPress plugin before 3.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for ex
CVE-2024-1712 -- The Carousel Slider WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed
CVE-2024-1746 -- The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallo
CVE-2024-1754 -- The NPS computy WordPress plugin through 2.7.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (f
CVE-2024-1755 -- The NPS computy WordPress plugin through 2.7.5 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-1846 -- The Responsive Tabs WordPress plugin before 4.0.7 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform
CVE-2024-1849 -- The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page to a malicious URL
CVE-2024-23486 -- Plaintext storage of a password issue exists in BUFFALO wireless LAN routers, which may allow a network-adjacent unauthenticated attacker with access to the product's login page may obtain configured credentials.
CVE-2024-23911 -- Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 NDP packets exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially
CVE-2024-24898 -- Exposure of Sensitive Information to an Unauthorized Actor vulnerability in openEuler kernel on Linux allows Resource Leak Exposure. This vulnerability is associated with program files https://gitee.Com/openeuler/kernel/blob/openEuler-1.0-LTS/drivers/stag
CVE-2024-26023 -- OS command injection vulnerability in BUFFALO wireless LAN routers allows a logged-in user to execute arbitrary OS commands.
CVE-2024-2739 -- The Advanced Search WordPress plugin through 1.1.6 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-28099 -- VT STUDIO Ver.8.32 and earlier contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privileges of the running application.
CVE-2024-2836 -- The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilter
CVE-2024-2857 -- The Simple Buttons Creator WordPress plugin through 1.04 does not have any authorisation as well as CSRF in its add button function, allowing unauthenticated users to call them either directly or via CSRF attacks. Furthermore, due to the lack of sanitisat
CVE-2024-2858 -- The Simple Buttons Creator WordPress plugin through 1.04 does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks
CVE-2024-28894 -- Out-of-bounds read vulnerability caused by improper checking of the option length values in IPv6 headers exists in Cente middleware TCP/IP Network Series, which may allow an unauthenticated attacker to stop the device operations by sending a specially cra
CVE-2024-28957 -- Generation of predictable identifiers issue exists in Cente middleware TCP/IP Network Series. If this vulnerability is exploited, a remote unauthenticated attacker may interfere communications by predicting some packet header IDs of the device.
CVE-2024-29218 -- Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted
CVE-2024-29219 -- Out-of-bounds read vulnerability exists in KV STUDIO Ver.11.64 and earlier and KV REPLAY VIEWER Ver.2.64 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted fi
CVE-2024-29836 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control, allowing for an unauthenticated attacker to update and add user profiles within the application, and gain full access of the site.
CVE-2024-29837 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below uses poor session management, allowing for an unauthenticated attacker to access administrator functionality if any other user is already signed in.
CVE-2024-29838 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below does not proper sanitize user input, allowing for an unauthenticated attacker to crash the controller software
CVE-2024-29839 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_CARD, allowing for an unauthenticated attacker to return the card value data of any user
CVE-2024-29840 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_PIN_FIELDS, allowing for an unauthenticated attacker to return the pin value of any user
CVE-2024-29841 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_KEYS_FIELDS, allowing for an unauthenticated attacker to return the keys value of any user
CVE-2024-29842 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on DESKTOP_EDIT_USER_GET_ABACARD_FIELDS, allowing for an unauthenticated attacker to return the abacard field of any user
CVE-2024-29843 -- The Web interface of Evolution Controller Versions 2.04.560.31.03.2024 and below contains poorly configured access control on MOBILE_GET_USERS_LIST, allowing for an unauthenticated attacker to enumerate all users and their access levels
CVE-2024-29844 -- Default credentials on the Web Interface of Evolution Controller 2.x (123 and 123) allows anyone to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change t
CVE-2024-30219 -- Active debug code vulnerability exists in MZK-MF300N all firmware versions. If a logged-in user who knows how to use the debug function accesses the device's management page, an unintended operation may be performed.
CVE-2024-30220 -- Command injection vulnerability in MZK-MF300N all firmware versions allows a network-adjacent unauthenticated attacker to execute an arbitrary command by sending a specially crafted request to a certain port.
CVE-2024-30545 -- Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4.
CVE-2024-30546 -- Cross-Site Request Forgery (CSRF) vulnerability in Pixelite Login With Ajax.This issue affects Login With Ajax: from n/a through 4.1.
CVE-2024-31086 -- Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting (XSS).This issue affects Change default login logo,url and title: from n/a through 2.0.
CVE-2024-31093 -- Cross-Site Request Forgery (CSRF) vulnerability in Kaloyan K. Tsvetkov Broken Images allows Cross-Site Scripting (XSS).This issue affects Broken Images: from n/a through 0.2.
CVE-2024-31373 -- Cross-Site Request Forgery (CSRF) vulnerability in E2Pdf.This issue affects e2pdf: from n/a through 1.20.27.
CVE-2024-31376 -- Cross-Site Request Forgery (CSRF) vulnerability in Andrew Rapps Dashboard To-Do List.This issue affects Dashboard To-Do List: from n/a through 1.3.1.
CVE-2024-31378 -- Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailChimp Forms by MailMunch.This issue affects MailChimp Forms by MailMunch: from n/a through 3.2.1.
CVE-2024-31379 -- Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Smash Balloon Social Post Feed.This issue affects Smash Balloon Social Post Feed: from n/a through 4.2.1.
CVE-2024-31381 -- Cross-Site Request Forgery (CSRF) vulnerability in RebelCode Spotlight Social Media Feeds.This issue affects Spotlight Social Media Feeds: from n/a through 1.6.10.
CVE-2024-31382 -- Cross-Site Request Forgery (CSRF) vulnerability in Creative Themes HQ Blocksy.This issue affects Blocksy: from n/a through 2.0.22.
CVE-2024-31383 -- Cross-Site Request Forgery (CSRF) vulnerability in Pagelayer PopularFX.This issue affects PopularFX: from n/a through 1.2.4.
CVE-2024-31384 -- Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Spa and Salon.This issue affects Spa and Salon: from n/a through 1.2.7.
CVE-2024-31385 -- Cross-Site Request Forgery (CSRF) vulnerability in Reservation Diary ReDi Restaurant Reservation.This issue affects ReDi Restaurant Reservation: from n/a through 24.0128.
CVE-2024-31388 -- Cross-Site Request Forgery (CSRF) vulnerability in Pauple Table & Contact Form 7 Database – Tablesome.This issue affects Table & Contact Form 7 Database – Tablesome: from n/a through 1.0.25.
CVE-2024-31389 -- Cross-Site Request Forgery (CSRF) vulnerability in Ertano MihanPanel.This issue affects MihanPanel: from n/a before 12.7.
CVE-2024-31421 -- Missing Authorization vulnerability in Supsystic Popup by Supsystic.This issue affects Popup by Supsystic: from n/a through 1.10.27.
CVE-2024-31422 -- Cross-Site Request Forgery (CSRF) vulnerability in Philippe Bernard Favicon.This issue affects Favicon: from n/a through 1.3.29.
CVE-2024-31424 -- Cross-Site Request Forgery (CSRF) vulnerability in Hamid Alinia - idehweb Login with phone number.This issue affects Login with phone number: from n/a through 1.6.93.
CVE-2024-31425 -- Cross-Site Request Forgery (CSRF) vulnerability in TMS Amelia.This issue affects Amelia: from n/a through 1.0.95.
CVE-2024-31426 -- Cross-Site Request Forgery (CSRF) vulnerability in Data443 Inline Related Posts.This issue affects Inline Related Posts: from n/a through 3.3.1.
CVE-2024-31427 -- Cross-Site Request Forgery (CSRF) vulnerability in Marker.Io Marker.Io.This issue affects Marker.Io : from n/a through 1.1.8.
CVE-2024-31428 -- Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme The Conference.This issue affects The Conference: from n/a through 1.2.0.
CVE-2024-31429 -- Cross-Site Request Forgery (CSRF) vulnerability in Blossom Themes Sarada Lite.This issue affects Sarada Lite: from n/a through 1.1.2.
CVE-2024-31431 -- Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Product Input Fields for WooCommerce.This issue affects Product Input Fields for WooCommerce: from n/a through 1.7.0.
CVE-2024-31432 -- Missing Authorization vulnerability in StellarWP Restrict Content.This issue affects Restrict Content: from n/a through 3.2.8.
CVE-2024-31433 -- Cross-Site Request Forgery (CSRF) vulnerability in The Events Calendar.This issue affects The Events Calendar: from n/a through 6.3.0.
CVE-2024-31434 -- Cross-Site Request Forgery (CSRF) vulnerability in Stefano Lissa & The Newsletter Team Newsletter.This issue affects Newsletter: from n/a through 8.0.6.
CVE-2024-31920 -- Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Currency per Product for WooCommerce.This issue affects Currency per Product for WooCommerce: from n/a through 1.6.0.
CVE-2024-31921 -- Cross-Site Request Forgery (CSRF) vulnerability in Etoile Web Design Ultimate Product Catalogue.This issue affects Ultimate Product Catalogue: from n/a through 5.2.15.
CVE-2024-31922 -- Cross-Site Request Forgery (CSRF) vulnerability in Anton Aleksandrov WordPress Hosting Benchmark tool.This issue affects WordPress Hosting Benchmark tool: from n/a through 1.3.6.
CVE-2024-31923 -- Cross-Site Request Forgery (CSRF) vulnerability in PluginOps Feather Login Page.This issue affects Feather Login Page: from n/a through 1.1.5.
CVE-2024-31933 -- Cross-Site Request Forgery (CSRF) vulnerability in Live Composer Team Page Builder: Live Composer.This issue affects Page Builder: Live Composer: from n/a through 1.5.35.
CVE-2024-31938 -- Cross-Site Request Forgery (CSRF) vulnerability in Themeinwp NewsXpress.This issue affects NewsXpress: from n/a through 1.0.7.
CVE-2024-31940 -- Cross-Site Request Forgery (CSRF) vulnerability in RedNao Extra Product Options Builder for WooCommerce.This issue affects Extra Product Options Builder for WooCommerce: from n/a through 1.2.104.
CVE-2024-31941 -- Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Media Player.This issue affects CP Media Player: from n/a through 1.1.3.
CVE-2024-31942 -- Cross-Site Request Forgery (CSRF) vulnerability in Typps Calendarista Basic Edition.This issue affects Calendarista Basic Edition: from n/a through 3.0.2.
CVE-2024-32079 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Dempfle Advanced iFrame allows Stored XSS.This issue affects Advanced iFrame: from n/a through 2024.2.
CVE-2024-32082 -- Cross-Site Request Forgery (CSRF) vulnerability in kp4coder Sync Post With Other Site allows Cross-Site Scripting (XSS).This issue affects Sync Post With Other Site: from n/a through 1.5.1.
CVE-2024-32084 -- Cross-Site Request Forgery (CSRF) vulnerability in Gold Plugins Before And After.This issue affects Before And After: from n/a through 3.9.
CVE-2024-32085 -- Cross-Site Request Forgery (CSRF) vulnerability in AitThemes Citadela Listing.This issue affects Citadela Listing: from n/a through 5.18.1.
CVE-2024-32087 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExportFeed.Com Product Feed on WooCommerce for Google.This issue affects Product Feed on WooCommerce for Google: from n/a through 3.5.7.
CVE-2024-32088 -- Cross-Site Request Forgery (CSRF) vulnerability in SeedProd Coming Soon Page, Under Construction & Maintenance Mode by SeedProd.This issue affects Coming Soon Page, Under Construction & Maintenance Mode by SeedProd: from n/a through 6.15.20.
CVE-2024-32089 -- Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Digital Publications by Supsystic.This issue affects Digital Publications by Supsystic: from n/a through 1.7.7.
CVE-2024-32090 -- Cross-Site Request Forgery (CSRF) vulnerability in Andy Moyle Church Admin.This issue affects Church Admin: from n/a through 4.0.27.
CVE-2024-32091 -- Cross-Site Request Forgery (CSRF) vulnerability in Tonjoo Sangar Slider.This issue affects Sangar Slider: from n/a through 1.3.2.
CVE-2024-32092 -- Cross-Site Request Forgery (CSRF) vulnerability in Michael Bester Kimili Flash Embed.This issue affects Kimili Flash Embed: from n/a through 2.5.3.
CVE-2024-32093 -- Cross-Site Request Forgery (CSRF) vulnerability in Nose Graze Novelist.This issue affects Novelist: from n/a through 1.2.2.
CVE-2024-32094 -- Cross-Site Request Forgery (CSRF) vulnerability in ChurchThemes Church Content – Sermons, Events and More.This issue affects Church Content – Sermons, Events and More: from n/a through 2.6.
CVE-2024-32095 -- Cross-Site Request Forgery (CSRF) vulnerability in MultiParcels MultiParcels Shipping For WooCommerce.This issue affects MultiParcels Shipping For WooCommerce: from n/a before 1.16.9.
CVE-2024-32096 -- Cross-Site Request Forgery (CSRF) vulnerability in DAEV.Tech WP Migration Plugin DB & Files – WP Synchro.This issue affects WP Migration Plugin DB & Files – WP Synchro: from n/a through 1.11.2.
CVE-2024-32097 -- Cross-Site Request Forgery (CSRF) vulnerability in Eyal Fitoussi GEO my WordPress.This issue affects GEO my WordPress: from n/a through 4.1.
CVE-2024-32098 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Page Visit Counter Advanced Page Visit Counter.This issue affects Advanced Page Visit Counter: from n/a through 8.0.6.
CVE-2024-32099 -- Cross-Site Request Forgery (CSRF) vulnerability in James Ward WP Mail Catcher.This issue affects WP Mail Catcher: from n/a through 2.1.6.
CVE-2024-32101 -- Cross-Site Request Forgery (CSRF) vulnerability in Omnisend Email Marketing for WooCommerce by Omnisend.This issue affects Email Marketing for WooCommerce by Omnisend: from n/a through 1.14.3.
CVE-2024-32102 -- Cross-Site Request Forgery (CSRF) vulnerability in Scott Kingsley Clark Crony Cronjob Manager.This issue affects Crony Cronjob Manager: from n/a through 0.5.0.
CVE-2024-32103 -- Cross-Site Request Forgery (CSRF) vulnerability in Siteimprove.This issue affects Siteimprove: from n/a through 2.0.6.
CVE-2024-32104 -- Cross-Site Request Forgery (CSRF) vulnerability in XLPlugins NextMove Lite.This issue affects NextMove Lite: from n/a through 2.18.1.
CVE-2024-32125 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6.4.
CVE-2024-32127 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Markus Seyer Find Duplicates.This issue affects Find Duplicates: from n/a through 1.4.6.
CVE-2024-32128 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Realtyna Realtyna Organic IDX plugin.This issue affects Realtyna Organic IDX plugin: from n/a through 4.14.4.
CVE-2024-32129 -- URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Freshworks Freshdesk (official).This issue affects Freshdesk (official): from n/a through 2.3.4.
CVE-2024-32132 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20.
CVE-2024-32133 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Schuppenies EZ Form Calculator allows Reflected XSS.This issue affects EZ Form Calculator: from n/a through 2.14.0.3.
CVE-2024-32134 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT, Webhook.This issue affects Forms to Zapier, Integromat
CVE-2024-32135 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1.51.
CVE-2024-32136 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3.
CVE-2024-32137 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin User Activity Log Pro.This issue affects User Activity Log Pro: from n/a through 2.3.4.
CVE-2024-32138 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Short URL allows Reflected XSS.This issue affects Short URL: from n/a through 1.6.8.
CVE-2024-32139 -- Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.12.
CVE-2024-32140 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Libsyn Libsyn Publisher Hub allows Stored XSS.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4.
CVE-2024-32141 -- Cross-Site Request Forgery (CSRF) vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.4.4.
CVE-2024-32145 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PineWise WP Google Analytics Events allows Reflected XSS.This issue affects WP Google Analytics Events: from n/a through 2.8.0.
CVE-2024-32147 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Form Plugin Team - GhozyLab Easy Contact Form Lite allows Stored XSS.This issue affects Easy Contact Form Lite : from n/a through 1.1.23.
CVE-2024-32149 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BlueGlass Jobs for WordPress allows Reflected XSS.This issue affects Jobs for WordPress: from n/a through 2.7.5.
CVE-2024-32428 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2.
CVE-2024-32429 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13.
CVE-2024-32430 -- Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a through 8.1.14.
CVE-2024-32431 -- Deserialization of Untrusted Data vulnerability in WP All Import Import Users from CSV.This issue affects Import Users from CSV: from n/a through 1.2.
CVE-2024-32433 -- Cross-Site Request Forgery (CSRF) vulnerability in Themefic BEAF.This issue affects BEAF: from n/a through 4.5.4.
CVE-2024-32434 -- Cross-Site Request Forgery (CSRF) vulnerability in Tyche Softwares Order Delivery Date for WooCommerce.This issue affects Order Delivery Date for WooCommerce: from n/a through 3.20.2.
CVE-2024-32435 -- Cross-Site Request Forgery (CSRF) vulnerability in Affieasy Team AffiEasy.This issue affects AffiEasy: from n/a through 1.1.4.
CVE-2024-32436 -- Cross-Site Request Forgery (CSRF) vulnerability in Codemenschen Gift Vouchers.This issue affects Gift Vouchers: from n/a through 4.4.0.
CVE-2024-32437 -- Cross-Site Request Forgery (CSRF) vulnerability in impleCode eCommerce Product Catalog.This issue affects eCommerce Product Catalog: from n/a through 3.3.28.
CVE-2024-32438 -- Cross-Site Request Forgery (CSRF) vulnerability in cleverplugins.Com SEO Booster.This issue affects SEO Booster: from n/a through 3.8.9.
CVE-2024-32439 -- Cross-Site Request Forgery (CSRF) vulnerability in SwitchWP WP Client Reports.This issue affects WP Client Reports: from n/a through 1.0.22.
CVE-2024-32440 -- Cross-Site Request Forgery (CSRF) vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.8.0.
CVE-2024-32442 -- Cross-Site Request Forgery (CSRF) vulnerability in Zoho Campaigns.This issue affects Zoho Campaigns: from n/a through 2.0.7.
CVE-2024-32443 -- Cross-Site Request Forgery (CSRF) vulnerability in IP2Location Download IP2Location Country Blocker.This issue affects Download IP2Location Country Blocker: from n/a through 2.34.2.
CVE-2024-32445 -- Cross-Site Request Forgery (CSRF) vulnerability in Saleswonder Team WebinarIgnition.This issue affects WebinarIgnition: from n/a through 3.05.8.
CVE-2024-32446 -- Cross-Site Request Forgery (CSRF) vulnerability in WP Swings Wallet System for WooCommerce.This issue affects Wallet System for WooCommerce: from n/a through 2.5.9.
CVE-2024-32447 -- Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team AWP Classifieds.This issue affects AWP Classifieds: from n/a through 4.3.1.
CVE-2024-32448 -- Cross-Site Request Forgery (CSRF) vulnerability in VideoYield.Com Ads.Txt Admin.This issue affects Ads.Txt Admin: from n/a through 1.3.
CVE-2024-32449 -- Cross-Site Request Forgery (CSRF) vulnerability in MagniGenie RestroPress.This issue affects RestroPress: from n/a through 3.1.2.
CVE-2024-32450 -- Cross-Site Request Forgery (CSRF) vulnerability in MagePeople Team WpTravelly.This issue affects WpTravelly: from n/a through 1.6.0.
CVE-2024-32451 -- Cross-Site Request Forgery (CSRF) vulnerability in wpWax Legal Pages.This issue affects Legal Pages: from n/a through 1.4.2.
CVE-2024-32452 -- Cross-Site Request Forgery (CSRF) vulnerability in WP EasyCart.This issue affects WP EasyCart: from n/a through 5.5.19.
CVE-2024-32453 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POEditor allows Stored XSS.This issue affects POEditor: from n/a through 0.9.8.
CVE-2024-32454 -- Server-Side Request Forgery (SSRF) vulnerability in Wappointment Appointment Bookings for Zoom GoogleMeet and more – Wappointment.This issue affects Appointment Bookings for Zoom GoogleMeet and more – Wappointment: from n/a through 2.6.0.
CVE-2024-32488 -- In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
CVE-2024-32489 -- TCPDF before 6.7.4 mishandles calls that use HTML syntax.
CVE-2024-3505 -- JFrog Artifactory Self-Hosted versions below 7.77.3, are vulnerable to sensitive information disclosure whereby a low-privileged authenticated user can read the proxy configuration.
CVE-2024-3766 -- A vulnerability, which was classified as problematic, has been found in slowlyo OwlAdmin up to 3.5.7. Affected by this issue is some unknown functionality of the file /admin-api/upload_image of the component Image File Upload. The manipulation of the argu
CVE-2024-3767 -- A vulnerability classified as critical was found in PHPGurukul News Portal 4.1. This vulnerability affects unknown code of the file /admin/edit-post.php. The manipulation of the argument posttitle leads to sql injection. The attack can be initiated remote
CVE-2024-3768 -- A vulnerability, which was classified as critical, has been found in PHPGurukul News Portal 4.1. This issue affects some unknown processing of the file search.php. The manipulation of the argument searchtitle leads to sql injection. The attack may be init
CVE-2024-3769 -- A vulnerability, which was classified as critical, was found in PHPGurukul Student Record System 3.20. Affected is an unknown function of the file /login.php. The manipulation of the argument id/password leads to sql injection. It is possible to launch th
CVE-2024-3770 -- A vulnerability has been found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /manage-courses.php?del=1. The manipulation of the argument del leads to sql injecti
CVE-2024-3771 -- A vulnerability was found in PHPGurukul Student Record System 3.20 and classified as critical. Affected by this issue is some unknown functionality of the file /edit-subject.php. The manipulation of the argument sub1/sub2/sub3/sub4/udate leads to sql inje
CVE-2024-3772 -- Regular expression denial of service in Pydanic < 2.4.0, < 1.10.13 allows remote attackers to cause denial of service via a crafted email string.
CVE-2024-3774 -- aEnrich Technology a+HRD's functionality for front-end retrieval of system configuration values lacks proper restrictions on a specific parameter, allowing attackers to modify this parameter to access certain sensitive system configuration values.
CVE-2024-3775 -- aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not properly restrict user input. This allows attackers to pass arbitrary arguments to youtube-dl.exe, leading to the download of partial unauthorized files.
CVE-2024-3776 -- The parameter used in the login page of Netvision airPASS is not properly filtered for user input. An unauthenticated remote attacker can insert JavaScript code to the parameter for Reflected Cross-site scripting attacks.
CVE-2024-3778 -- The file upload functionality of Ai3 QbiBot does not properly restrict types of uploaded files, allowing remote attackers with administrator privilege to upload files with dangerous type containing malicious code.
CVE-2024-3780 -- A vulnerability of Information Exposure has been found on Technicolor CGA2121 affecting the version 1.01, this vulnerability allows a local attacker to obtain sensitive information stored on the device such as wifi network's SSID and their respective pass
CVE-2024-3781 -- Command injection vulnerability in the operating system. Improper neutralisation of special elements in Active Directory integration allows the intended command to be modified when sent to a downstream component in WBSAirback 21.02.04.
CVE-2024-3782 -- Cross-Site Request Forgery vulnerability in WBSAirback 21.02.04, which could allow an attacker to create a manipulated HTML form to perform privileged actions once it is executed by a privileged user.
CVE-2024-3783 -- The Backup Agents section in WBSAirback 21.02.04 is affected by a Path Traversal vulnerability, allowing a user with low privileges to download files from the system.
CVE-2024-3784 -- Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through S3 Accounts (/admin/CloudAccounts). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVE-2024-3785 -- Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device NAS shared section (/admin/DeviceNAS). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVE-2024-3786 -- Vulnerability in WBSAirback 21.02.04, which involves improper neutralisation of Server-Side Includes (SSI), through Device Synchronizations (/admin/DeviceReplication). Exploitation of this vulnerability could allow a remote user to execute arbitrary code.
CVE-2024-3802 -- Vulnerabilities in Celeste 22.x was vulnerable to takeover from unauthenticated local attacker.
CVE-2024-24862 -- In function pci1xxxx_spi_probe, there is a potential null pointer that
CVE-2024-24863 -- In malidp_mw_connector_reset, new memory is allocated with kzalloc, but
CVE-2024-3762 -- A vulnerability was found in Emlog Pro 2.2.10. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/twitter.php of the component Whisper Page. The manipulation leads to cross site scripting. The attack can be ini
CVE-2024-3763 -- A vulnerability was found in Emlog Pro 2.2.10. It has been rated as problematic. This issue affects some unknown processing of the file /admin/tag.php of the component Post Tag Handler. The manipulation leads to cross site scripting. The attack may be ini
CVE-2024-3764 -- ** DISPUTED ** A vulnerability classified as problematic has been found in Tuya Camera 3.2.9. Affected is an unknown function of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely.
CVE-2024-3764 -- A vulnerability classified as problematic has been found in Tuya Camera 3.2.9. Affected is an unknown function of the component MQTT Packet Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has
CVE-2024-3765 -- A vulnerability classified as critical was found in Xiongmai AHB7804R-MH-V2, AHB8004T-GL, AHB8008T-GL, AHB7004T-GS-V3, AHB7004T-MHV2, AHB8032F-LME and XM530_R80X30-PQ_8M. Affected by this vulnerability is an unknown functionality of the component Sofia Se
This is a nice series by @IntezerLabs for anyone interested in starting with malware analysis and reverse engineeringPart 1: intezer.com/blog/malware-ana…Part 2: intezer.com/blog/incident-re…#malware #infosec -- 0xor0ne
Beginners introduction to memory corruption concepts in Javascripts (JS) engines.Credits Pedro Guerra Lourençosidechannel.blog/en/attackin…#memorycorruption -- 0xor0ne
Writeup (2022) on pwning a TP-Link AC1750 (Pwn2Own 2021)An interesting read for anyone interested in consumer routers securityCredits @0vercl0kdoar-e.github.io/blog/2022/0…#iot #cybersecurity -- 0xor0ne
📌 Simplify WireShark Analysis with Threat Details Connection Filters🤝 We have great news for everyone who uses #WireShark to analyze network traffic.🆕 Now you can continue investigating the threats detected by #ANYRUN’s #Suricata engine in Wireshark using -- anyrun_app
Top 10 last week's threats by uploads 🌐⬆️ #Phishing 1259 (973)⬇️ #Agenttesla 110 (152)⬆️ #Guloader 110 (25)⬆️ #Remcos 105 (65)⬆️ #Njrat 76 (50)⬇️ #Asyncrat 55 (89)⬇️ #Xworm 43 (77)⬇️ #Redline 40 (45)⬆️ #Orcus 39 (8)⬇️ #Risepro 38 (61)Track them all at 🔽an -- anyrun_app
The Annual Threat Assessment 2024github.com/blackorbird/APT_R… -- blackorbird
Update:unit42.paloaltonetworks.com/… -- blackorbird
Ginormous newsletter for a silly Monday morningmastodon.social/@campuscodi/… -- campuscodi
American friends, this seems very important to protest, new laws to allow easier remote access to your home network by compelling ISP's to give the NSA shells on your router. They'll do it anyway regardless of this law but its nice to at least pretend you -- hackerfantastic
There's no proof of this exploit other than an advert on a dorknet site. In the hands of an unskilled amateur that $2million bug will be worth zero. Big tech steal your crash data and actively hunt for these bugs. Development and implementation takes a te -- hackerfantastic
2/2e1bad82795228edc4afad54926f7566662103316bddeac5f3497932de3d956810c5500b50fe34fe3554a39751bfb5ab91dcd13766124fdf58c1caca08e005e09b58ceee8cb944b522eb614af792d832ebb90a57057369e3072d59d4aa026e52a -- JAMESWT_MHT
#STRRAT rumpantus[.]ddns[.]netMD5e61ec62c05f24d878432305d47cf1a72804ec801d0a79815e32834b36edfc65b3d6c063d9183feff60847c81ca1f4e26d28e484be0922fce5018edc36e4e7c7bdf70f0abbbf32f86ff5e2426e5c894636c6b4b50258f73741044e91698ff225421b1318f129bbcd728e06092f103ae -- JAMESWT_MHT
"e-sign.apk": 913f63b805c087563e2c516d48f890d89570237fac9b63e55dcea1a50c312e30Only @ESET detected... -- malwrhunterteam
"A big black bug bit a big black bear""Afrobeat Garage Symphonic Fusion 140bpm"2:35The lyrics is 😂, but the result is great...suno.com/song/44c0ebdd-f259-… -- malwrhunterteam
"Deutschland Klezmer""Bessarabian Klezmer, Ancient Eastern Mediterranean vibe, Clarinet, Violin, Double bass"3:30suno.com/song/ae3a4106-f864-… -- malwrhunterteam
"Vishnu's Dance (विष्णु का नृत्य)""hindi, oriental, psy-trance trance, female voice, uplifting trance, high tones, fast"4:04suno.com/song/42755432-cae8-… -- malwrhunterteam
-- malwrhunterteam
It's not that frequent to see malware not wanting to infect Chinese people's devices. Especially not Mac malware...🤔 -- malwrhunterteam
aa19b0f389af88f8df748742e3eac19f5a0c70acc6ed7932ad2890915739ee03I'm not going to check the decoy of this for sure... -- malwrhunterteam
"csob_smart_klic.apk": ddd9e5cfa9e1ddd8d849baef2b487a1608d1695f44c70f246c101de1275887ddAnother one that only got detected by @ESET at first scan time... -- malwrhunterteam
Crypto hijacker that checks in to hXXps://enginedaemonwal[.]site/connect -- pmelson
I'll say it again: today's game modders/crackers/cheats are tomorrow's cybersecurity pros. This is really clever reversing and exploitation. (The obfuscation is meh, but they used a 15yo off-the-shelf JS packer that was written in PHP.) -- pmelson
Some of the craftiest JavaScript shenanigans I've ever seen. So of course it's a game crack. -- pmelson
Group: darkvaultApprox. Time: 16:36 15/04/24Title: bigtoe.yoga -- RansomwareNews
Group: blacksuitApprox. Time: 12:43 15/04/24Title: biggscardosa.com -- RansomwareNews
Group: blacksuitApprox. Time: 12:43 15/04/24Title: postandcourier.com/ -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: The Souza Agency Inc. -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: SOA Architecture -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: R.B. Woodcraft, Inc. -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: LYON TERMINAL -- RansomwareNews
Group: dunghill_leakApprox. Time: 22:40 15/04/24Title: Apollo Aerospace Components -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: LEMODOR -- RansomwareNews
Group: dunghill_leakApprox. Time: 22:40 15/04/24Title: Supply Technologies LLC -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: GPI Corporate -- RansomwareNews
Group: dunghill_leakApprox. Time: 22:40 15/04/24Title: Array Networks -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: Council for Relationships -- RansomwareNews
Group: dunghill_leakApprox. Time: 22:40 15/04/24Title: Nexperia -- RansomwareNews
Group: 8baseApprox. Time: 12:43 15/04/24Title: ASMFC: Atlantic States Marine Fisheries Commission -- RansomwareNews
Group: playApprox. Time: 22:40 15/04/24Title: Heritage Cooperative -- RansomwareNews
Group: huntersApprox. Time: 20:45 15/04/24Title: Chicony Electronics -- RansomwareNews
Group: incransomApprox. Time: 20:45 15/04/24Title: Pulaski academy -- RansomwareNews
Group: incransomApprox. Time: 20:45 15/04/24Title: Druckman Law Group -- RansomwareNews
Group: cactusApprox. Time: 18:41 15/04/24Title: regulatormarine.com\$28.1M\USA\630GB\&lt;1% DISCLOSED -- RansomwareNews
Pretty cool, huh? VNC can be very useful from time to time, so why not borrowing MSF’s RDLL implementation 🤓github.com/rapid7/metasploit… -- snovvcrash
Shoutout to @m4lwhere on this comprehensive guide to getting started in BloodHound Community Edition. Check out his blog post that covers setting up, collecting data, analyzing the data & providing value with that data. ghst.ly/3JlkvmO -- specterops
This is your reminder to register for our Solutions Demo happening TOMORROW! Join us to learn about the BHE approach to Attack Path Management & see a demo of the platform.🎟️: ghst.ly/3VNnJXF -- specterops
-- talossecurity
🎉Part 2 out now!Links to Podcast:Spotify: podcasters.spotify.com/pod/s…Apple: podcasts.apple.com/us/podcas…Youtube: invidious.no-logs.com/@TheDFIRReport/v…Feedback: forms.office.com/r/LR9NsEWYy… -- TheDFIRReport
🎉New DFIR Discussions Episode🎉🔊Available on Spotify, Apple, & YouTube!🎙️We discuss our latest report From OneNote to RansomNote: An Ice Cold IntrusionHost: ⁠⁠@Kostastsale⁠⁠Analysts: ⁠⁠@iiamaleks⁠, ⁠@IrishD34TH⁠, & ⁠@Miixxedup⁠Special Guest: ⁠@techspence -- TheDFIRReport
AhnLab researchers look into the Linux version of Pupy RAT, an open-source and cross-platform malware continuously used by various attackers, including APT groups. asec.ahnlab.com/ko/64073/ -- virusbtn
Volexity found a 0-day exploitation of a vulnerability in GlobalProtect (CVE-2024-3400). The threat actor, UTA0218, attempted to install UPSTYLE, a custom Python backdoor, on the firewall, allowing the attacker to execute additional commands on the device -- virusbtn
The show also features the head of the FBI Cyber Crime division, Bryan Vorndran, and ex NSA Cyber Security director Rob Joyce.You can watch the video here: cbsnews.com/news/cybersecuri… -- vxunderground
Today on CBS News 60 minutes – Cyber Threat Intelligence experts went on national television to discuss ransomware. Most interestingly, during the airing of the segment, researchers discuss "the Com".They highlight "JackIdiot", "Star Chat", "Flawless" and -- vxunderground
We have a lot of malware samples and malware papers to add. Unfortunately, due to IRL responsibilities this will not happen immediately.To compensate for this setback we have drawn a shitty picture in MS-PAINT which could illustrate what could have been a -- vxunderground
Stolen from Telegram, don't go crazy on us -- vxunderground
-- vxunderground
Look at the replies on this post.tl;dr new spam bot tsunami... of making sexual advances on us? 🤔 -- vxunderground
Believe it or not, this is what a real network administrator looks like -- vxunderground
Chinese owned chipmaker Nexperia left out a few details Nexperia was breached in March allegedly by the Dark Angels which now go by the name Dunghill Leak. -- alvieriD
An in-depth analysis of how the LockBit builder is used to generate targeted #ransomware 👉 kas.pr/i6vv -- e_kaspersky
What you don’t know about Iran-Israel war dlvr.it/T5YBqt #OSINT #Medium -- osintbear
$$Ez-Pz$$ [Easy] dlvr.it/T5Y6WB #OSINT #Medium -- osintbear
Geo-Bolt [Medium] (300 Points) #OSINT dlvr.it/T5Y46n #OSINT #Medium -- osintbear
The Intelligence Imperative: OSINT, Business, Risk, and Decision Intelligence dlvr.it/T5Xlwr #OSINT #Medium -- osintbear
Open Source Intelligence (OSINT) dlvr.it/T5X3HC #OSINT #Medium -- osintbear
Network Footprinting dlvr.it/T5WMK2 #OSINT #Medium -- osintbear
ICS/OT OSINT: Using Gemini AI for PLC and HMI Image Analysis dlvr.it/T5WJXx #OSINT #Medium -- osintbear
“Cracking the Code: My Journey in Detecting Client Network Vulnerabilities including using OSINT… dlvr.it/T5W3Vy #OSINT #Medium -- osintbear
ChiCyberConCHICAGO – Soldiers and an Army Civilian from the @780thC joined researchers, academics, computing professionals, and students at ChiCyberCon 2024, hosted by the Illinois Institute of Technology, April 12, by bringing a Metasploit challenge and -- 780thC
The Soldiers built three computer challenges for the students including steganography, port scanning, and password cracking (explaining why you should have complex passwords); and showing a global threat map using a mobile hotspot. #ArmyPossibilities #BeA -- 780thC
Soldiers discuss Army possibilities with Pennsylvania studentsMOON TOWNSHIP, Pa. – Soldiers from the @780thC supported an Army career fair hosted by the Harrisburg Recruiting Company, @usarec engaging more than 300 students from the Moon Area High School, -- 780thC
LightSpy Returns: Renewed Espionage Campaign Targets Southern Asia, Possibly India | blogs.blackberry.com/en/2024… @BlackBerry -- 780thC
Chinese-Linked LightSpy iOS Spyware Targets South Asian iPhone Users | thehackernews.com/2024/04/ch… @TheHackersNews -- 780thC
Cyberint has been able to identify a major large-scale campaign. It bears the hallmarks of a broader orchestrated attack, most likely by threat actors affiliated with the People’s Republic of China (PRC). cyberint.com/blog/financial-… @cyber_int -- 780thC
Breach Forums domain suspended. -- alvieriD
0rat 1,699€ -- alvieriD
CraxsRAT -- alvieriD
Current market prices for a few popular remote access trojans from a new sellerAgent Telsa -- alvieriD
associated with* -- alvieriD
Palo Alto Networks CVE-2024-3400 -> allegedly exploited by BianLian/Lazarus*-> a pre-workaround Shodan query exposed an interesting short list-> to be continued… -- alvieriD
I’m on my way to SLEUTHCON baby! 😎sleuthcon.com/willthomas Full speaker line up here: sleuthcon.com/speakers#Sleuthcon #Cybercrime #CTI -- bushidotoken
My gut feeling is this was likely Scattered Spider -- bushidotoken
So it’s Cisco Duo’s telephony provider that was breached that’s used to send SMS codes and phone call (VOIP) MFA for their SSO. > Similar to how Okta was breached due to how the Twilio panel accessed. The adversary was likely trying to see victim SMS code -- bushidotoken
First ever #FOR589 run this week! Let’s go 🔥 -- bushidotoken
Surprise surprise, Russia 🇷🇺 is Number 1, cybercrime capital of the world -- bushidotoken
Really interesting research from Oxford Uni that ranks countries by cybercrime threat level using a ‘World Cybercrime Index’ox.ac.uk/news/2024-04-10-wor… -- bushidotoken
Another hacktivist group Arabian cyber team is found targeting following Jordanian entities 1. Jordan’s Ministry of Interior 2. Jordan’s official Government website #Cyberattack #Jordan -- FalconFeedsio
BLACK SUIT #ransomware group has added 2 new victims to their #darkweb portal.- The Post and Courier- Biggs Cardosa Associates, Inc.#USA#blacksuit #cti #cyberattack #databreach -- FalconFeedsio
ThreeAM #ransomware group has added Compagnie de Phalsbourg (compagniedephalsbourg.com) to their victim list.#France#ThreeAM #cti #cyberattack #darkweb #databreach -- FalconFeedsio
LockBit #ransomware group has added Nine Dragons Paper Holdings Limited (ndpaper.com) to their victim list.#China#lockbit #darkweb #databreach #cyberattack -- FalconFeedsio
DARKVAULT #ransomware group has added Qint (qint.com.br) to their victim list.#Brazil#darkvault #darkweb #databreach #cyberattack #cti -- FalconFeedsio
NoName continues to target Slovenia. Today marks the fifth day of the attack. - Supreme State Prosecutor's Office- Public Agency for Railway Transport of the Republic of Slovenia- Slovenian Police#Slovenia#ddos #cyberattack #cti #threatintel -- FalconFeedsio
ANON SEC BD claims to have targeted the website of Alnassr F.C.NB: Site is up and active now. #SaudiArabia#ddos #cyberattack #cti #threatintel -- FalconFeedsio
A threat actor claims to have leaked the database of Space-Eyes (space-eyes.com) to the hackers' forum. The data includes highly confidential documents.#USA#darkweb #cyberattack #databreach #cti -- FalconFeedsio
HUNTERS INTERNATIONAL #ransomware has added Jack Doheny Company (dohenycompany.com) to their victim list.#USA#huntersinternational #cti #databreach #darkweb -- FalconFeedsio
Sylhet Gang claimed to have targeted Israel Prime Minister Benjamin Netanyahu’s Likud party. @netanyahu @Likud_Party @IsraeliPM @Israel_Cyber -- FalconFeedsio
LockBit #ransomware group has added Jeyes Fluid (jeyesfluid.co.uk) to their victim list.#UK#LockBit #cyberattack #darkweb #databreach #cti -- FalconFeedsio
DragonForce #ransomware group has added Deacon Jones Auto Group Smithfield NC (speakindeacon.com ) to their victim list.#USA#DragonForce #cti #cyberattack #darkweb #databreach -- FalconFeedsio
August Smart Lock + _ Inside Real Estate 1.lnk574f0ff25e565b57a998b623e78343b2b3f5c7b38914a38dfeec872602bbf884 -- suyog41
#Ducktail #APT #IOCC2mountainandsea[.]onlineYale-and-August-US-Project-Details-and-Salary-Inside-Real-Estate-04-2024[.]zip8c46ebdd7e5b9a9fbfcc868738c984c3724d6a2223235ce9e0caa33b4ee25d6b -- suyog41
Braodo Stealera2fddc95bca0607f6819d843d07c7ad2uploaded from 🇻🇳download payload & python library from GitHubhttps://github[.]com/sdvsdv23rbfdb3/kjkjsim[.]py #Braodo58cd5f65c84520b83a336bbedc6b0ae8#Stealer #IOC -- suyog41
Raspberry Robin1db3e79cbb6dc442083cd307241671dbc2 : q0[.]wf#RaspberryRobin #IOC -- suyog41
Umbral Stealer47c44d12d251014b6a8094b5537e9fe8#UmbralStealer #Stealer #IOC -- suyog41
PureLand Stealer96e7274dc301bd139bf96e283a8604d9#PureLandStealer #Stealer #MAC #IOC -- suyog41
2024-04-15 (Monday): #ContactForms campaign pushing #SSLoad malware as early as Thursday, 2024-04-11. List of indicators available at bit.ly/49Cz1kL#Wirshark #Unit42ThreatIntel #TimelyThreatIntel #InfectionTraffic -- unit42_intel
The issue is fixed in hotfix releases of PAN-OS 10.2.9-h1, PAN-OS 11.0.4-h1, PAN-OS 11.1.2-h3, and in all later PAN-OS versions. Hotfixes for other commonly deployed maintenance releases will also be made available to address this issue. Details: bit.ly/4 -- unit42_intel
Group: darkvaultApprox. Time: 00:08 15/04/24Title: qint.com.br -- RansomwareNews
Group: huntersApprox. Time: 15:04 14/04/24Title: Jack Doheny Company -- RansomwareNews
Group: daixinApprox. Time: 11:06 14/04/24Title: Omni Hotels & Resorts (US) -- RansomwareNews
Must read guide for anyone starting with Linux kernel internals and modules development (updated to 5.x kernels) "The Linux Kernel Module Programming Guide"sysprog21.github.io/lkmpg/#Linux #kernel -- 0xor0ne
Beginners introduction to bypass techniques for anti-cheat and EDR systemsCredits Mark Lester Dampioswhiteknightlabs.com/2024/02/…#edr #infosec -- 0xor0ne
The Royal Family of Great Britain posted on the Snatch leak site with a 32KB file which I have not nor will not review.file -> /filesnatch…@joetidy @SOSIntel @NCA_UK@UK_Daniel_Card @LisaForteUK -- alvieriD
@DarkWebInformer@FalconFeedsio @H4ckManac -- alvieriD
New LockBit Leaked site hashed/lockbit33chewwx25efq6dgkhkw4u7nefudq4ijkuamjfd7x73on6dyd[.]onion -- alvieriD
Daixin Team is behind Omni Hotels. -- alvieriD
“CrowdStrike are glorifying threat actors!?! >:(((“> Same MF’s fav films are Heat, American Sniper, and Full Metal Jacket -- bushidotoken
Hacktivist group mysterious team Bangladesh target’s Jordan ruler’s official website. NB: Site is up and active now. #Cyberattack #Threatintel #Cti #Jordan #Israel -- FalconFeedsio
Another Hacktivist group Black Maskers Army is targeting entities in Germany,Saudi Arabia and UAE. Their present targets are 1. Saudi Food and Drug Authority 🇸🇦 2. Charity Website Taatuf 🇸🇦 3. Digital Dubai 🇦🇪NB: Authenticity of these claims are yet to be -- FalconFeedsio
Saudi Arabia 🇸🇦 is facing a series of cyber attack fromSylhet Gang. Their initial set of targets are 1. Saudi Arabia’s Al Fransi Bank 2. Saudi Arabia’s state backed Saudi Media and Research Group (SMRG) 3. Promotional media outlet Eye of Riyadh #Cti #Saud -- FalconFeedsio
Sylhet Gang further targeted Jordan’s College of the Royal Jordanian. Jordan is facing cyber attacks from Hacktivist groups for its support to Israel. #Cti #Cyberattack #Threatintel #Jordan -- FalconFeedsio
Hacktivist group with name Team 1916 has offered their support to Iran by attacking Israel’s digital infrastructure. The targets are yet to be known.#Cti #Cyberattack #Iran #Israel -- FalconFeedsio
DAIXIN Team #ransomware group has added Omni Hotels & Resorts (omnihotels.com) to their victim list.#USA#daixinteam #cti #cyberattack #darkweb #databreach -- FalconFeedsio
MEDUSA #ransomware group has added Traverse City Area Public Schools (tcaps.net) to their victim list.#USA#medusa #cyberattack #darkweb #databreach -- FalconFeedsio
Attack Alert! 🚨🔹 Targeted Attacks on Jordanian Entities:•Bangladesh’s hacktivist group Darknet has targeted the Finance Ministry of Jordan.•The group also infiltrated Jordan’s railway system.•Additional breaches reported at Queen Alia International Airpor -- FalconFeedsio
Attack Alert 🚨 Sylhet Gang claims to have targeted Jordan’s 1. Bank of Jordan 🏦 2. News portal Jordan Times 📰 #Cyberattack #Jordan -- FalconFeedsio
Sylhet Gang claims to have targeted hundreds of devices belonging to the network provider Bezeq. #Cyberattack #Israel #cti -- FalconFeedsio
🚨 #OpIsrael Update by Handala Hack 🚨🎯 Rada Electronics Breach: Handala Hack, known for their pro-Palestinian stance, claims a significant breach at Rada Electronics, a pro-Israel defense tech firm. They’ve allegedly leaked dashboard images to prove it.📢 9 -- FalconFeedsio
Another hacktivist group, Team Insane Pakistan, extends its support to Iran. 🇮🇷💻#Cti #Cyberattack #IranIsrael #Threatintel -- FalconFeedsio
As another global conflict arises between Iran and Israel, hacktivists and threat actors are becoming more active. 🌍💻The latest group, Mysterious Team Bangladesh, is claiming to target Jordan 🎯🇯🇴 for its support of Israel. 🇮🇱#Cyberattack #Jordan #Israel # -- FalconFeedsio
Attack Alert 🚨 Jordan’s Queen Alia International Airport was targeted by Hacktivist group Mysterious team Bangladesh. #Cyberattack #DDoS #Cti -- FalconFeedsio
NoName claims to have targeted multiple websites in Slovenia.- eDavki- Slovenian Police#Slovenia#ddos #cyberattack #cti #threatintel -- FalconFeedsio
Russian Cyber Army claims to have targeted the website of SIJ - Slovenian Steel Group.#Slovenia#ddos #cyberattack #cti #threatintel -- FalconFeedsio
LockBit #ransomware group has added District of Columbia Department of Insurance, Securities and Banking (DISB) (disb.dc.gov) to their victim list.#USA#lockbit #darkweb #databreach #cyberattack #cti -- FalconFeedsio
Mysterious team Bangladesh sends further warning to Jordan. #Cti #Jordan -- FalconFeedsio
Yessir -- n4hualH
Find the coordinates of where the photo was taken! dlvr.it/T5Vpy0 #OSINT #Medium -- osintbear
25 OSINT Tools You Should Be Using dlvr.it/T5VMpG #OSINT #Medium -- osintbear
Ghazni Drone Strike Claim Debunked dlvr.it/T5V37P #OSINT #Medium -- osintbear
Shadows of Justice: Dark Web Hacktivism dlvr.it/T5TnWq #OSINT #Medium -- osintbear
SPY NEWS: 2024 — Week 15 dlvr.it/T5TRFV #OSINT #Medium -- osintbear
-- vxunderground
Today is a day for rest.Enjoy your Sunday. -- vxunderground
-- vxunderground
good luck everyone -- vxunderground
ok, 1 last schizo meme tech post (stolen from telegram) on the day of rest. sorry -- vxunderground
@780thC is there too! -- 780thC
LockBit is alleging to have data related to the SEC. @SEC_Enforcement @FBI STAR System and MSSQL databases -- alvieriD
LockBit posted DISB -- alvieriD
-- alvieriD
Toyota Brazil has been breached by Hunters International. -- alvieriD
-- DrunkBinary
50kW laser weapon announced from the UK. DRAGONFIRE. -- hackerfantastic
Old people starting wars.We still repeating the same mistakes over and over again. -- n4hualH
No entiendo.Si se supone que cierto personaje de la industria de ciberseguridad en México tiene muy buenas relaciones con el Gobierno de cierto Estado....supongo que él ya les informó que desde julio del 23 tienen a un actor de amenazas metido en sus sist -- n4hualH
Does anyone knows why Recorded Future deteled the references about using HUMINT as an Intelligence Source in this article? :)It calls my attentionrecordedfuture.com/blog/impr… -- n4hualH
Finding Mr. Van Ess dlvr.it/T5TBGK #OSINT #Medium -- osintbear
APT34: The Cyber Spies of Iran dlvr.it/T5T8mB #OSINT #Medium -- osintbear
Using FFMPEG to Geolocate a Russian Air Strike dlvr.it/T5Rzd8 #OSINT #Medium -- osintbear
Top 5 Deep Web Black Markets dlvr.it/T5RspF #OSINT #Medium -- osintbear
Made some improvements to the @ScumBots #xworm config extractor. Replay of previously unreported payloads is underway. -- pmelson
A couple of interesting blog posts (2018, 2020) on eMMC storage hacking (pin identification and dumping)riverloopsecurity.com/blog/2…dangerouspayload.com/2018/10…#embedded -- 0xor0ne
Interesting blog post with an overview of SIM card-related security aspectsCredits @sensepostsensepost.com/blog/2022/sim-…#sim #cybersecurity -- 0xor0ne
fuck it, we ball -- 0xToxin
There are lots of merits too boosting the cyber insurance industry as well. If you’re an InfoSec pro, be sure to actually research how cyber insurance policies, coverage, and their incident response services work before instantly dismissing them as an ena -- bushidotoken
Lots of good nuanced points to help explain the unintended consequences of banning ransom payment.My favourite quote: “Better than a ban on ransom payments would be policies that support businesses in enhancing their cybersecurity infrastructure…” -- bushidotoken
"Kubernetes""fast-paced eurobeat"2:59From the lyrics:"KubernetesOhYou're the king of the codeRunning in the cloudWhere dreams take holdKubernetesYou're the heartbeat of the techBringing speed and powerWith every breath"😂suno.com/song/b846d706-f762-… -- malwrhunterteam
"Invictus""Pop, orchesta, irish celtic folk, punk, epic metal"2:54suno.com/song/df488049-0b6f-… -- malwrhunterteam
https://github[.]com/Hsisgu->https://github[.]com/Hsisgu/Datting-girls-/raw/main/Datting%20girls.apkhttps://github[.]com/Hsisgu/Call-girls-/raw/main/Call%20Girl.apkhttps://github[.]com/Hsisgu/Datting-girls-bd/raw/main/Datting%20Girls.apk -- malwrhunterteam
"Google\.Play.apk": 4bc0a7efb630cd80c0bfe6a0f00aa7a23bd9b3237691a520d14f7622c81a0902From: https://classicbody[.]ir/ -> https://classicbody[.]ir/Google.Play.apk -- malwrhunterteam
-- malwrhunterteam
😂🤷‍♂️ -- malwrhunterteam
"libCloudchat.dylib": b3dcc551d655d59946b6be8562c5036530f29d8f2308ed19342898a752ea4aaaAlso started as FUD. -- malwrhunterteam
The "clip" sample started as FUD... -- malwrhunterteam
"CloudChat (1).dmg": 463af62034c5a05ab3cf2eba09e36955328028b62ba9ee894cdd8e50e2d1af81->"clip": ef1c7d6651996a3dccee755630add52c3f04a6e474ad15a999e132cafbf83f18From: http://45.77.179[.]89/static/clip🤔 -- malwrhunterteam
"Hacker Love""80s power ballad. Bombastic male vocals."3:48From the lyrics:"She was a coder, with a heart of goldHe was a hacker, fearless and boldTheir love was like a recursive loopAn infinite cycle, they couldn't regroup"😮suno.com/song/6eda3a1d-730d-… -- malwrhunterteam
"Phonk (Erhu)""fast aggressive phonk, chinese erhu"3:00suno.com/song/3790abb1-eca9-… -- malwrhunterteam
-- malwrhunterteam
"Pope & VATICAN CITY GANGSTAS""west coast gangsta rap, spiritual, gregorian, pope"2:52😂, but seriously with having in mind what Suno can do currently, and even comparing to some "not that good" rappers, this is great...suno.com/song/af70addb-d3a4-… -- malwrhunterteam
-- malwrhunterteam
Group: lockbit3Approx. Time: 18:51 13/04/24Title: countryvillahealth.com -- RansomwareNews
Group: lockbit3Approx. Time: 16:48 13/04/24Title: disb.dc.gov -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: Toyota Brazil -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: NanoLumens -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: Kablutronik SRL -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: Integrated Control -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: Frederick Wildman and Sons -- RansomwareNews
Group: huntersApprox. Time: 10:47 13/04/24Title: Caxton and CTP Publishers and Printers -- RansomwareNews
Also, to be fair, it could be completely unrelated. But it sure is weird timing ¯\_(ツ)_/¯ -- vxunderground
More information on the Cyb3rAv3ngers -- vxunderground
Yesterday the Cyb3rAv3ngers contacted us – a group tied to the Iranian Islamic Revolutionary Guard Corps Cyber-Electronic Command (IRGC-CEC).Based on the events unfolding right now this message is suddenly very ominous 👀 -- vxunderground
Here is your daily dose of LOLWTF- Toyota Brazil ransomed by Hunters International ransomware group- Department of Insurance, Securities and Banking ransomed by Lockbit ransomware group- Probably like a dozen or so small businesses ransomed which are unab -- vxunderground
List of Famous RansomwareCredit: @hackinarticles#cybersecurity #infosec #ransomware -- DailyDarkWeb
🚨Major Threat Alert: DAIXIN Ransomware Group Claims Data Breach at Omni Hotels, Threatens Leaks - #DAIXINChatter: 🔴 HighMaturity: 💥 Mainstreamfletch.ai/p/daixin#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
Who tryna cash out spammed debit or logsHMU t.me/sauce_flips#spam #elsed #bist100 #hisse #dizipal #astor #borsa #zagabet #rinabet #privacy #yrkkh #naagin #infosec #hackathon #kalilinux #malware #TargetedIndividuals #Tesla #PiNetwork #gamblingx #NHL #love -- god_hark
[FREE ACCESS ARTICLE] Rekono - Execute full pentesting processes combining multiple hacking tools automaticallyhakin9.org/rekono-execute-fu…#infosec #cybersecurity #redteam#pentest #pentesting #hacking #hackers #coding #opensource -- Hakin9
社会課題×コーアクティブコーチング社会課題解決の仕事にコーチングが役立つ理由とは? drive.media/posts/37968 @Drive_eticより#CTI -- hassykagura
Oferecendo os melhores serviços de recuperação. Todas as contas de mídia social hackeadas, infiltradas e recuperadas. #hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware#gmailhack #gmaildown #hacked #Hacking #hackaccount #Facebook #hacked -- howord_chatles
Digital driver's licences are becoming common but without security standards people are vulnerable to fraud, theft  ABC News dlvr.it/T5Ycw2 #CyberSecurity #InfoSec #SecurityInsights -- iSecurity
The rise of AI threats and cybersecurity: predictions for 2024  World Economic Forum dlvr.it/T5Yctv #CyberSecurity #InfoSec #SecurityInsights -- iSecurity
MoU signed at Singapore Maritime Week 2024 on maritime cybersecurity research, training, and talent development that iTrust will contribute.#smw, #mou, #maritime, #cybersecurity, #mpa, #smi, #sutd, #itrust -- jianying_zhou
Zero-Day Exploitation of Unauthenticated Remote Code Execution Vulnerability in GlobalProtect (CVE-2024-3400) volexity.com/blog/2024/04/12… #Pentesting #CyberSecurity #Infosec -- ptracesecurity
Attacking JS engines: Fundamentals for understanding memory corruption crashes sidechannel.blog/en/attackin… #Pentesting #CyberSecurity #Infosec -- ptracesecurity
Why black-box testing should be discouraged baldur.dk/blog/blackbox-vs-w… #Pentesting #CyberSecurity #Infosec -- ptracesecurity
Avocado Consulting has stepped up its partnership with CyberArk to beef up identity security for companies in Australia and New Zealand during rapid digital changes. #CyberSecurity #DigitalTransformation techday.com.au/story/avocado… -- techday_au
A sophisticated cyber-espionage campaign has re-emerged, targeting South Asia with an iOS #spyware implant called LightSpy, allowing attackers to capture data from a variety of sources.thehackernews.com/2024/04/ch…#hacking #privacy #cybersecurity -- TheHackersNews
🔒Delighted to be in the Security Researcher Hall of Fame! Dive into my latest insights on responsive disclosure at Daniel Fisher's site: danielfisher.com/responsive-…#SecurityResearch #CyberSecurity #HallOfFame #InfoSec #CyberAwareness #VAPT #BugHunting # -- Yogeshwaran2022
🧵Last week we (@Volexity) identified and reported in-the wild (ITW) exploitation of CVE-2024-3400 affecting Palo Alto GlobalProtect 👇volexity.com/blog/2024/04/12…#dfir #ThreatIntel #infosecurity -- 5ck
Lost Email, Instagram and Twitter?Dm for quick recovery.Available 24/7.#gmailhack#gmaildown #hacked #Hacking #hackaccount#hacked #facebookdown #WhatsApp #hackedinstagram #TwitterDown #lockedaccount #metamask #ransomware #hacktiktok -- Cyber_support67
Inbox Us, if you need our Hacking Services.We are Available 24/7Inbox and Smile Again#Hacked #facebookdown #whatspp #hackedinstagram #twitterdown #lockedaccount #MetaMask #ransomware #BNB hat #hack #suspended -- Cyber_support67
🚨URGENT🚨Notorious threat actor, @InteIBroker, has breached Space-Eyes[.]com which is part of National Security dated April 2024.#Clearnet #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTICompromised Data: US Department of Jus -- DarkWebInformer
🚨URGENT🚨Top 5 Darknet marketplace Cypher is unavailable and the admin of the market is MIA. The market could be seized or the admin could be exit scamming. BE CAREFUL!#CTI #Darknet #DarkWeb #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cyberattack -- DarkWebInformer
🚨Major Threat Alert: Dark Web Profile: RansomHub - #RansomHubChatter: 🟡 MediumMaturity: 💥 Mainstreamfletch.ai/p/ransomhub#CyberSecurity #ThreatIntel #InfoSec -- fletch_ai
Die #Cybercrime-Szene vernetzt sich - und Akteure aus #Russland nehmen zunehmend #KRITIS ins Visier. Vor einem Jahr hatte ich über diese besorgniserregende Entwicklung berichtet: tagesschau.de/investigativ/n… Jetzt hat 60 Minutes ebenfalls dazu recherchie -- FlorianFlade
Have exclusive Hacking jobs?and Ask for my service.#hacked #icloud #facebookdown #imessage #ransomware #snapchat #snapchatsupport #snapchatleak #hacking #discord #XboxSeries×#XboxShare #roblox #missingphone #gmailhack #gmaildown #hacked #Hacking #hackacco -- hackerPeterson1
Have exclusive Hacking jobs?and Ask for my service.#hacked #icloud #facebookdown #imessage #ransomware #snapchat #snapchatsupport #snapchatleak #hacking #discord #XboxSeries×#XboxShare #roblox #missingphone #gmailhack #gmaildown #hacked #Hacking #hackacco -- hackerPeterson1
Exfiltration: Ransomware Operators Nab Health Records of 533,000 Patients#Lawsuits spurred by #ransomware #attacks with data #exfiltration skyrocketed and liability is hitting the #CXO suite and #BoD...ransomwareattacks.halcyon.ai…#cybersecurity #infosec -- HalcyonAi
🌐 Live Last Week #Ransomware Statistics DARKFEED.IO/LastWeek/ 🎯➡️ TOP TARGETED COUNTRIES:🇺🇸 United States: 71🇨🇦 Canada: 8🇬🇧 United Kingdom: 7🇮🇹 Italy: 4🇮🇱 Israel: 4🇧🇷 Brazil: 3🇫🇷 France: 4➡️ TOP TARGETED SECTORS:Business Services: 29Manufacturing: 15H -- ido_cohen2
#Phishing #AEONCARD #AEONカード IP:47.245.38.19(AS 45102 / Alibaba US Technology Co., Ltd. )hxxps://aeon.co.jp.gfqlw.cn/aeon -- KesaGataMe0
#Phishing #TEPCO #東京電力 IP:43.128.252.186(AS 132203 / Tencent Building, Kejizhongyi Avenue )hxxps://ecteunf.comhxxps://ecteinf.comhxxps://ecteokw.comhxxps://ecteunw.comhxxps://ecteolw.com -- KesaGataMe0
#Phishing #東京都水道局 IP:43.128.252.186(AS 132203 / Tencent Building, Kejizhongyi Avenue )hxxps://watrinf.comhxxps://watrubf.comhxxps://watrmkw.comhxxps://watrpkw.comhxxps://watrnf.com -- KesaGataMe0
Types of #malware -- TheSecMaster1
#Webinar Gratuito: "Análisis de Metadatos para OSINT". Jueves 2 de Mayo del 2024. De 10:00am a 10:45am (UTC -05:00). #cybersecurity #hacking #readteam #bugbounty #forensics #osint Registro Libre en: reydes.com/d/?q=eventos -- Alonso_ReYDeS
8 strange ways emproyees can (accidently) expose data#DataSecurity #Privacy#100DaysOfCode#CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked#Infosec!! -- Cyber_support67
I got #ICANN #phishing #email asking to confirm my #email address for my #domain - #fake, #ignored it - when I clicked on verify URL it said session had expired and it wanted me to login to what: my site, ICANN or my domain registrar? -- dwightwalker
【サイバーセキュリティ総研】児童276名分を誤って他所にメールし情報流出 確認不十分【東京都青梅市】 #cybersecurity #security #news cybersecurity-info.com/news/… -- IT_security_bot
#Phishing #Amazon IP:47.245.38.253(AS 45102 / Alibaba US Technology Co., Ltd. )hxxps://amazon.co.clo04.viphxxps://amazon.co.mrywen.comhxxps://amazon.co.zoe29.viphxxps://amazon.co.zue04.vip -- KesaGataMe0
#Phishing #AEONCARD #AEONカード IP:103.153.254.137(AS 135905 / VIETNAM POSTS AND TELECOMMUNICATIONS GROUP )hxxps://secretgardenpath.bioanalytical-instrument.com/hxxps://magical-onyx-brook.qzdzkbzjxinxiang.com/ -- KesaGataMe0
#AIVoiceScamAlert : इस तकनीक का उपयोग कर स्कैमर्स आपके परिवार का सदस्य या परिचित बनकर कॉल पर बात करता है और किसी इंमरजेंसी के बहाने आपसे पैसे की डिमांड करता है। ऐसे कॉल से सावधान रहें। पहले नंबर की जांच करें। संदेह होने पर तुरंत पुलिस से संपर्क करें। #MP -- MPPoliceDeptt
☠️ iMessage #0day Exploit for sale on the Dark Web.Unknown hackers are selling a zero-day exploit on the Dark Web for two million dollars.ℹ️ iOS 0day Exploit InformationAttack type - 0click Payload - SMS Control over Device Supports iOS 17+#darkweb #Cyber -- MrRajputHacker
TLS 1.2 requires two round-trip handshake to establish a secure session. TLS 1.3 streamlines this to just one round-trip for a new handshake and supports 0-RTT handshake for resumed sessions! 😎👇 #Infosec #CyberSecurity -- TheSecMaster1
I’m on my way to SLEUTHCON baby! 😎sleuthcon.com/willthomas Full speaker line up here: sleuthcon.com/speakers#Sleuthcon #Cybercrime #CTI -- BushidoToken
HashiCorp is hiring Sr. Site Reliability Engineer - Incident Response.✍️ Apply now: cybersecjobs.io/jobs/sr-site…#cybersecurity #cybersecurityjobs #cybersec #fulltime #fulltimejobs -- CyberListCo
Want to locate AWS S3 buckets and objects?Try inSp3ctor, a tool designed to simplify the process.github.com/brianwarehime/inS…@brian_warehime#OSINT #CTI #investigation #intelligence #infosec #reconnaissance -- DailyOsint
⚠️WARNING⚠️In the last several months top Darknet markets have fallen drastically, something I haven't seen in a long time.#CTI #Darknet #DarkWeb #DarkWebInformer #Cybercrime #Cybersecurity #Cyberattack #Cypher #Infosec- Bohemia exit scammed- Kingdom Mark -- DarkWebInformer
🚨URGENT🚨BreachForums one of the most heavily used for Database leaks and other breaches is currently down. Also, enjoy the link.#Ransomware #Clearnet #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Malware #Infosec #CTI #BreachForums -- DarkWebInformer
[POLL] Do you use the 'For you' tab or do you only use the 'Following' tab on X? #DarkWebInformer #DarkWeb #Cybersecurity #Infosec #CTI #Poll -- DarkWebInformer
⚡ Self XSS in Tag name pattern field /<username>/<reponame>/settings/tag_protection/new 👨🏻‍💻 @sudhanshur705 ➟ GitHub 🟧 Medium💰 $7,500🔗 hackerone.com/reports/224657…#bugbounty #bugbountytips #cybersecurity #infosec -- h1Disclosed
it’s here!!! 🥳🥳🥳 the new Copilot for Security Ninja Training!!! Enjoy!! ☺️ techcommunity.microsoft.com/… #cybersecurity #infosec -- HeikeRitter
#Phishing #MUFG #三菱UFJ銀行 IP:43.157.53.13(AS 132203 / Tencent Building, Kejizhongyi Avenue )hxxps://www.flqjwqeg.com -- KesaGataMe0
#Phishing #SMBC #SMCC #三井住友カード IP:103.179.148.24(AS 140224 / STARCLOUD GLOBAL PTE., LTD. )hxxps://lihi.cc/aDIlihxxps://lihi.cc/P0Wyt-> redirecthxxps://www-v.pass-ne.com -- KesaGataMe0
#Phishing #MUFG #三菱UFJ銀行 IP:117.52.18.147(AS 3786 / LG DACOM Corporation )hxxps://0fr4aufle.duckdns.orghxxps://0lcl9jq0.duckdns.orghxxps://0nh1gejza.duckdns.orghxxps://0oc9fj.duckdns.orghxxps://0y87h4ni9.duckdns.orghxxps://108qjodb.duckdns.orghxxps://151a -- KesaGataMe0
Keep vouching I got y’all #spam #elsed #bist100 #hisse #dizipal#astor #borsa #zagabet #rinabet #privacy#yrkkh #naagin #infosec #hackathon#kalilinux #malware #TargetedIndividuals -- realdawg01
CISA: Compromise of Sisense Customer Data - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: CISA Adds One Known Exploited Vulnerability to Catalog - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Citrix Releases Security Updates for XenServer and Citrix Hypervisor - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400 - redpacketsecurity.com/cisa-p…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Juniper Releases Security Bulletin for Multiple Juniper Products - redpacketsecurity.com/cisa-j…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Joint Guidance on Deploying AI Systems Securely - redpacketsecurity.com/cisa-j…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: Fortinet Releases Security Updates for Multiple Products - redpacketsecurity.com/cisa-f…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: CISA Releases Nine Industrial Control Systems Advisories - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
CISA: CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System - redpacketsecurity.com/cisa-c…#CISA #OSINT #ThreatIntel #Cyber -- RedPacketSec
Passed!techcommunity.microsoft.com/…#CopilotforSecurity #SecurityCopilot #Cybersecurity #MicrosoftSecurity #Security #GenerativeAI -- rodtrent
--> OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=&reff=OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=#phishing#フィッシング詐欺 -- romonlyht
--> 4960786149OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY=&email=aaaa@example.jp&loginpage=1OGY4MzM3NGI0NzhjZDUyMTg2OWNmMDI2MGMxODAwMWY= -->#phishing#フィッシング詐欺 -- romonlyht
cc.uec.ac.jp/blogs/news/2024…No.1Received: from 157.7.104.15; Apr 15 18:49:55 +0900hxxps://kegk30r7wo[.]ru/access/?email=aaaa@example.jp104.21.18.249redirecthxxps://kegk30r7wo[.]ru/access/en-us=2157c817f94aa73d78bbbd97f3a09ff7/?newsid= -->#phishing#フィッシング -- romonlyht
WATCH 🎬: In our recent Ransomware Spotlight report, we go in-depth about #Rhysida and how it's been eking out a reputation as a new #ransomware gang to watch out for since it was discovered in May 2023.Watch this video and find out more in our report: res -- TrendMicroRSRCH
Interesting blog post with an overview of SIM card-related security aspectsCredits @sensepostsensepost.com/blog/2022/sim-…#sim #cybersecurity -- 0xor0ne
टीम सीटीआई के साथ दिल्ली के लोकप्रिय मुख्यमंत्री श्री @arvindkejriwal जी की धर्मपत्नी श्रीमती सुनीता केजरीवाल जी से मुलाकात कर मुख्यमंत्री जी के स्वास्थ्य के बारे में जाना। इस कठिन समय में दिल्ली का समूचा व्यापारी वर्ग समस्त जनता अपने लोकप्रिय मुख्यमंत् -- AapKaDeepakGarg
🚨🇺🇸🇵🇷: El grupo de ransomware Akira publica como víctima al estudio de abogados, Sánchez-Betances, Sifre & Muñoz-Noya.#ransomware #akira #DarkWeb #PuertoRico #PR #SanJuan -- chum1ng0
Instacart is hiring Senior Product Security Engineer.✍️ Apply now: cybersecjobs.io/jobs/senior-…#cybersecurity #cybersecurityjobs #cybersec #remote #remotejobs #fulltime #fulltimejobs -- CyberListCo
🚨URGENT🚨A Zero-day exploit for Android and iOS is up for sale.#DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #0Day #ZeroDay #Android #iOS #Exploit Details:RCEAttack type - 0click/1ClickPayload - Image/SMSControl Over Devic -- DarkWebInformer
Android/iOS owners should be aware. 👇#Clearnet #DarkWebInformer #DarkWeb #Cybersecurity #Cyberattack #Cybercrime #Infosec #CTI #0Day #ZeroDay #Android #iOS #Exploit -- DarkWebInformer
The freedom of setting my own schedule and choosing my own projects is what drew me to freelance in the cybersecurity industry. Loving every minute of it! Interested in freelancing in cybersecurity? Head to learn.saferinternetproject.c… and start learning -- dccybersec
If your Roblox is hacked, all hacking services are available to me Inbox me 24/7 at your service #hacking #recovery #robloxdown #hack #cybersecurity -- ETHICALCYBERHk
strange ways emproyees can (accidently) expose data#DataSecurity #Privacy#100DaysOfCode#CloudSecurity#MachineLearning #Phishing #Ransomware #Cybersecurity #CyberAttack #DataProtection#DataBreach #Hacked#Infosec!!!! -- hackerPeterson1
TOP 10 Incident Response for Common Cyber Attacks#infosec #cybersecurity #pentesting #redteam #informationsecurity #CyberSec #networking #networksecurity #infosecurity #cyberattacks #security #linux #cybersecurityawareness #bugbounty #bugbountytips -- hackinarticles
Need help with online exams, assignments, research projects, or dissertations? Look no further! I can assist with proofreading, personal statements, and more. Let's tackle #MachineLearning, #DataScience, #Python, #Cybersecurity, #BigData, #AI, #IoT, #Deep -- homeworkplug247
India's Cyber Security Demand Skyrockets Amidst AI Integration  elblog.pl dlvr.it/T5TF1R #SecurityInsights #CyberSecurity #InfoSec -- iSecurity
NO AL SECUESTRO!Felicitaciones al personal del @GaulaMilitares del Oriente #CuartaBrigada @Ejercito_Div7 con el #CTI @FiscaliaCol quienes logran rescatar a un secuestrado y la captura de tres secuestradores e incautación de armas vehículos y celulares en -- JulianAndresGV
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://uhg[.]quc[.]mybluehost[.]me/open/89/page_settings/login[.]php?home-US-IP: 162.241.244.139Brand: #NetflixVT: virustotal.com/gui/url/5a1f5…urlscan: urlscan.io/result/394e08f1-9… -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://beomoweryrichuyg[.]saphhieire[.]workers[.]dev/IP: 188.114.96.3Brand: #MicrosoftVT: virustotal.com/gui/url/fed5b…urlscan: urlscan.io/result/4f9f7aa0-0… -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://recore-3b5e[.]ilimamecasm[.]workers[.]dev/dd08c005-4af3-4b1b-a398-f7f7243be4bfIP: 172.67.202.26Brand: #AdobeVT: virustotal.com/gui/url/ff872…urlscan: urlscan.io/result/08f154fb -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://xk56119119[.]com/IP: 210.56.49.155Brand: #MercariVT: virustotal.com/gui/url/1c6f4…urlscan: urlscan.io/result/ef239825-8… -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://aeon[.]co[.]jp[.]7thoshawa[.]com/aeonIP: 47.245.41.206Brand: #AEON CardVT: virustotal.com/gui/url/9c3ac… -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://windefalertspc-error0x22908-alert-virus-detected[.]pages[.]dev/AnDrCdEr00d0ECH808Err0r8An00Dr01/IP: 2a06:98c1:3120::3Brand: #Tech Support ScamVT: … urlscan.io/result/0efd1da3-e -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://mnmk0rhjukuru83zj[.]pages[.]dev/smart89/IP: 188.114.97.3Brand: #Tech Support ScamVT: virustotal.com/gui/url/a262e…urlscan: urlscan.io/result/ccfc2a79-b… -- noladefense
Possible #phishing Website Found#infosec #cybersecurity #フィッシング詐欺 URL: hxxps://resplendent-pothos-37a796[.]netlify[.]app/IP: 2a05:d014:58f:6202::64Brand: #Tech Support ScamVT: virustotal.com/gui/url/40c80…urlscan: urlscan.io/result/4b1d4ee8-5… -- noladefense
SIM Hijacking sensepost.com/blog/2022/sim-… #Pentesting #CyberSecurity #Infosec -- ptracesecurity
Cybersecurity Awareness: beware of government spyware 🕵️😯More about security-> redfox.ntrigo.com.#Scam #cyber #privacy #security #technology #fintech #Pune #MuFC #Web3 #IoT #jeru #Trending #AI #Crypto #phishing #malware #Android #spytechcrunch.com/2024/04 -- RedFox_App
GoPhish Login Page Detected - 59[.]13[.]157[.]16:4433 - redpacketsecurity.com/gophis…#GoPhish #OSINT #ThreatIntel -- RedPacketSec
GoPhish Login Page Detected - 18[.]159[.]172[.]65:443 - redpacketsecurity.com/gophis…#GoPhish #OSINT #ThreatIntel -- RedPacketSec
GoPhish Login Page Detected - 37[.]187[.]55[.]194:443 - redpacketsecurity.com/gophis…#GoPhish #OSINT #ThreatIntel -- RedPacketSec
If you need Help recovering any Account, Mails, Tiktok, Snapchat, Instagram etc.I'm available for assistance#hacked #facebookdown #whatsapp #hackedinstagram #twitterdown #lockedaccount #metamask #ransomware #alterworld#hacked -- WebWizard_inc
A new bill introduced by U.S. House lawmakers would create a new governing body comprised of #cybersecurity and water system experts. #hacking #water #wastewater statescoop.com/new-cybersecu… -- WWBugs