Shellcode play an essential role in cyber attacks, the popular expert Unixfreaxjp explained how to utilize radare2 for variation of shellcode analysis Shellcode is having an important part in cyber intrusion activities and mostly spotted to be executed during the process/thread injection or during the exploitation of memory space that mostly related to a vulnerability. […]
In May 2019, Microsoft disclosed the BlueKeep vulnerability, more than a year later over 245,000 Windows systems still remain unpatched. Over a year ago Microsoft Patch Tuesday updates for May 2019 addressed nearly 80 vulnerabilities, including the BlueKeep flaw. The issue is a remote code execution flaw in Remote Desktop Services (RDS) that can be exploited by […]
Boffins devised a new attack, dubbed VoltPillager, that can break the confidentiality and integrity of Intel SGX enclaves by controlling the CPU core voltage. A group of six researchers from the University of Birmingham has devised a new attack technique, dubbed VoltPillager, that can break the confidentiality and integrity of Intel Software Guard Extensions (SGX) […]
The popular video conferencing application Zoom implemented the new “At-Risk Meeting Notifier” feature to warn of Zoombombing threat. Zoom announced the launch a new feature dubbed “At-Risk Meeting Notifier” to warn conference organizers of potential Zoombombing attacks. The feature scans the web for links to Zoom meetings that have been posted online and warn organizers […]
North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates. Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA) is behind cyber campaigns targeting South Korean supply chains. According to the experts the nation-state actors leverage stolen security certificates from two separate, legitimate South […]
Experts spotted a new skimmer attack that used an alternative technique to exfiltrate payment information from payment cards. Researchers from Akamai discovered a new skimmer attack that is targeting several e-stores with a new technique to exfiltrate data. Threat actors are using fake credit card forum and WebSockets to steal the financial and personal information of the […]
Russian-speaking threat actors have been using a piece of malware, dubbed Jupyter malware, to steal information from their victims. Researchers at Morphisec have spotted Russian-speaking threat actors that have been using a piece of .NET infostealer, tracked as Jupyter, to steal information from their victims. The Jupyter malware is able to collect data from multiple […]
Retail giant The North Face has reset the passwords for some of its customers in response to a successful credential stuffing attack. Outdoor retail giant The North Face has forced a password reset for a number of its customers following a successful credential stuffing attack that took place on October 8th and 9th. Credential stuffing attacks involve botnets […]
Chilean-based retail giant Cencosud has suffered a ransomware attack that impacted operations at its stores, Egregor ransomware appears to be involved. A ransomware attack, allegedly launched by the Egregor ransomware gang, hit the Chilean-based retail giant Cencosud, the incident impacted operations at its stores. Cencosud the largest retail company in Chile and the third largest listed […]
FBI and Spokane police are investigating an incident in which the Gonzaga University Black Student Union was hacked during a Zoom meeting. The FBI and Spokane police are investigating the hack of Gonzaga University Black Student Union. The hackers broke into a Zoom meeting and bombarded participants with racial and homophobic slurs. The attackers have […]