Ukrainian law enforcement authorities have arrested a hacker who created and managed a “powerful botnet” consisting of nothing less than 100,000 enslaved devices that was used to carry out distributed denial-of-service (DDoS) and spam attacks on behalf of paid customers. The suspect’s residence was raided and computer equipment as evidence of illegal activity was seized. […]
Ukrainian Hacker With Over 100,000 Botnets Arrested Read More »
The RYUK ransomware which has been in prevalence since October 2018 has been linked to an aggressive and financially motivated threat actor who has been known to have a close partnership with TrickBot-affiliated threat actors and making use of publicly available arsenal of tools such as Cobalt Strike Beacon payloads to interact with victim networks.
Healthcare Fast Becoming The New Target Of Ransomware Group FIN12 Read More »
Yamale the Python package that allows developers to validate YAML – a data serialization language often used for writing configuration files has been discovered to be having a high severity code injection vulnerability that could be trivially exploited by adversaries to execute arbitrary Python code. The flaw tracked as CVE-2021-38305 (CVSS score: 7.8) involves manipulating
Code Injection Flaw Discovered In Yamale Python Package Read More »
This is a video tutorial which would be teaching you how to use tools available to us as Pentesters to track down the Geo Location of a Device as well as know the devices specifications and ISP. You do not have to be a Pentester to be able to put this to use. As an
How To Find A Device Location Fast Read More »
The Europol once again have dismantled an international organized group (OGC) making millions off real estate fraud. Operations against the gang began back in 2017 however during a 10 so-called “action days” between September 2020 and September 2021 the OGC was taken down. A total of 130 suspects were identified and 116 searches conducted with
Police Takes Down Multimillion-Dollar Real Estate Fraud Group Read More »
Recent financial crime reports have stated that phishing scams conducted via texts otherwise know as smishing is now on the rise. This is ranked amongst purchase scams, where payments are made for products that never arrive, social engineering, impersonation and account take over (ATO). Smishing found its way into the Feedzai’s financial crime report top
Smishing Takes Central Stage In the Top 5 List of Common Fraud Scams Read More »
Twitch has acknowledged a “breach” after an anonymous poster on the 4chan messaging board leaked its source code, an unreleased Steam competitor from Amazon Game Studios, details of creator payouts, proprietary software development kits, and other internal tools. The leak is said to have happened as a result of an error in a Twitch server
Hackers Attack The Live Streaming Platform Twitch Read More »
Say for example you are contracted to conduct a Pentest on an organization and most parts of your contract may involve cracking password for access to one area or the other of the organization’s network, this may be one of the reasons why you may need to come up with a wordlist to work with.
How to Create Your Own Wordlist & Use it For Password Cracking Read More »
Welcome to this hacking series called White Hack with Sly. This series would be dedicated to teaching all aspiring Ethical Hackers various forms of hacking tutorials so we know how the black hats operate and we make sure to use our knowledge for good and protection of our networks and systems. Remember there is good
Hacking Series – White Hack With Sly Read More »
Apache has issued patches to two security vulnerabilities which is tracked as CVE-2021-41773. This vulnerability affects only Apache HTTP server version 2.4.49. Ash Daulton and cPanel Security Team have been credited with discovering and reporting the issue on September 29, 2021. With this flaw, an attacker could use a path traversal attack to map URLs
Apache Releases Patches to a Zero-Day Exploit in the Wild Read More »
