The hacktivist collective group Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. Anonymous demands justice for George Floyd and threatens to ‘expose the many crimes’ of Minneapolis Police. George Floyd was killed by a white police officer by kneeling on his neck for more than eight minutes. We

EU Agency for Cybersecurity ENISA has published a new report of the proactive detection of incidents, including measures and information sources. The EU Agency for Cybersecurity ENISA has published a new report and accompanying repository on measures and information sources that could help security experts and operators of IT and critical infrastructure t

This post includes the details of the Coronavirus-themed attacks launched from May 24 to May 30, 2020. Threat actors exploit the interest in the Coronavirus outbreak while infections increase worldwide, experts are observing new campaigns on a daily bases. Below a list of attacks detected this week. May 26 – Hangzhou could permanently adopt CO

Two security flaws in the PageLayer WordPress plugin can be exploited to potentially wipe the contents or take over WordPress sites. Security experts from WordFence discovered two high severity security vulnerabilities in the PageLayer WordPress plugin that could potentially allow attackers to wipe the contents or take over WordPress sites using vulnerabl

The US DoJ announced that a New York City man was charged with hacking, credit card trafficking, and money laundering conspiracies. New York City man Vitalii Antonenko (28) was charged with hacking, credit card trafficking, and money laundering conspiracies, states the US DoJ. The man was arrested in March 2019 and detained after his arrival from Ukrai

API Security – There is a considerable demand for data-centric projects, that is why companies have quickly opened their data to their ecosystem through REST or SOAP APIs. APIs work as doors for a company – closely guarding data of an organization. However, there are some challenges created: how do we hold the doors open to the world while simultane

Michigan State University is the last victim of the NetWalker ransomware, attackers threaten to leak stolen files if it will not pay the ransom in seven days. Michigan State University hit by ransomware gang, NetWalker ransomware operators are threatening to leak stolen files if the university will not pay the ransom in seven days. At the time of writi

Security researchers uncovered a new COVID-19-themed campaign targeting users of the National Institute for Social Security (INPS). Security experts from D3Lab have uncovered a new COVID-19-themed phishing campaign that is targeting the users of the Italian National Institute for Social Security (INPS). Like a previous campaign observed in early Apri

NTT Communications (NTT Com), a subsidiary of tech giant NTT Corp, disclosed a data breach that impacted hundreds of customers. NTT Communications (NTT Com), a subsidiary of the tech giant NTT Corp, disclosed a data breach that impacted hundreds of customers. NTT Com provides network management, security and solution services[3] to consumers,

Threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks, Kaspersky reported. Researchers from Kaspersky’s ICS CERT unit reported that threat actors targeted industrial suppliers in Japan and several European countries in sophisticated attacks. The experts first observed the attacks in early 2020, whi

Security experts from Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. A few weeks ago, threat intelligence firm Cyble discovered in the dark web a database containing details of over 20 Million Taiwanese citizens. According to the experts, the leak includes government data of an entire country, it w

The U.S. NSA warns that Russia-linked APT group known as Sandworm Team have been exploiting a critical flaw in the Exim mail transfer agent (MTA). The U.S. National Security Agency (NSA) is warning that Russia-linked APT group tracked Sandworm Team has been exploiting a critical vulnerability (CVE-2019-10149) in the Exim mail transfer agent (MTA) software

Cisco discloses security breach that impacted VIRL-PE infrastructure, threat actors exploited SaltStack vulnerabilities to hack six company servers. Cisco has disclosed a security incident that impacted part of its VIRL-PE infrastructure, threat actors exploited vulnerabilities in the SaltStack software package to breach six company servers. These issu

In this article, we will solve a Capture the Flag (CTF) challenge that was posted on VulnHub by Vishal Biswas. Per the description given by the author, this is an easy-level CTF to learn some privilege escalation techniques.The target of this CTF is to get the root access of the target machine and read the two flag files. Prerequisites would be having

Google Threat Analysis Group (TAG) has published today its first TAG quarterly report that analyzes rising trends in nation-state and financially motivated attacks. Google also discloses seven coordinated political influence campaigns that took place on its platforms during Q1 2020. The Google Threat Analysis Group (TAG) is a group inside the Google