OpenSea has just patched a critical vulnerability that could have been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token in the form of a malicious NFT. When this malicious NFT is clicked, it results in a scenario whereby rogue transactions can be facilitated through a third-party wallet […]
Microsofts Azure cloud platform suffered a 2.4 Tbps distributed denial-of-service (DD0S) attack in the last week of August however this was mitigated. The attack targeted an unnamed customer in Europe surpassing a 2.3 Tbps attack stopped by Amazon Web Services in February 2020. Amir Dahan, senior program manager of Azure Network has said in a
Attempted 2.4 Tbps DDoS Attack on Microsoft Azure Fended Off Read More »
Ukrainian law enforcement authorities have arrested a hacker who created and managed a “powerful botnet” consisting of nothing less than 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The suspect’s residence was raided and computer equipment as evidence of illegal activity was seized.
Ukrainian Hacker With Over 100,000 Botnets Arrested Read More »
The RYUK ransomware which has been in prevalence since October 2018 has been linked to an aggressive and financially motivated threat actor who has been known to have a close partnership with TrickBot-affiliated threat actors and making use of publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks.
Healthcare Fast Becoming The New Target Of Ransomware Group FIN12 Read More »
Yamale the Python package that allows developers to validate YAML – a data serialization language often used for writing configuration files has been discovered to be having a high severity code injection vulnerability that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw tracked as CVE-2021-38305 (CVSS score: 7.8) involves manipulating
Code Injection Flaw Discovered In Yamale Python Package Read More »
This is a video tutorial which would be teaching you how to use tools available to us as Pentesters to track down the Geo Location of a Device as well as know the devices specifications and ISP. You do not have to be a Pentester to be able to put this to use. As an
How To Find A Device Location Fast Read More »
The Europol once again have dismantled an international organized group (OGC) making millions off real estate fraud. Operations against the gang began back in 2017 however during a 10 so-called “action days” between September 2020 and September 2021 the OGC was taken down. A total of 130 suspects were identified and 116 searches conducted with
Police Takes Down Multimillion-Dollar Real Estate Fraud Group Read More »
Recent financial crime reports have stated that phishing scams conducted via texts otherwise know as smishing is now on the rise. This is ranked amongst purchase scams, where payments are made for products that never arrive, social engineering, impersonation and account take over (ATO). Smishing found its way into the Feedzai’s financial crime report top
Smishing Takes Central Stage In the Top 5 List of Common Fraud Scams Read More »
Twitch has acknowledged a “breach” after an anonymous poster on the 4chan messaging board leaked its source code, an unreleased Steam competitor from Amazon Game Studios, details of creator payouts, proprietary software development kits, and other internal tools. The leak is said to have happened as a result of an error in a Twitch server
Hackers Attack The Live Streaming Platform Twitch Read More »
Say for example you are contracted to conduct a Pentest on an organization and most parts of your contract may involve cracking password for access to one area or the other of the organization’s network, this may be one of the reasons why you may need to come up with a wordlist to work with.
How to Create Your Own Wordlist & Use it For Password Cracking Read More »
