Projects
- Metasploit: Introduction – Complete
Tools
- Cover Your Tacks – See how trackers view your browser
White Papers
Videos
Articles
- Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails – An unknown threat actor has been linked to a massive scam campaign that exploited an email routing misconfiguration in email security vendor Proofpoint’s defenses to send millions of messages spoofing various popular companies like Best Buy, IBM, Nike, and Walt Disney, among others.
- Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw – Salt Labs, the research arm of API security firm Salt Security, has discovered and published details of a cross-site scripting (XSS) attack that could potentially impact millions of websites around the world.
- CrowdStrike Outage Losses Estimated at a Staggering $5.4B – Researchers track the healthcare sector as experiencing the biggest financial losses, with banking and transportation following close behind.
- HealthEquity says data breach impacts 4.3 million people – HSA provider HealthEquity has determined that a cybersecurity incident disclosed earlier this month has compromised the information of 4,300,000 people.
- Former Avaya employee gets 4 years for $88M license piracy scheme – Three individuals who orchestrated a massive software pirating operation involving the sale of Avaya business telephone system software licenses worth over $88,000,000 have been sentenced to prison.
- Microsoft says massive Azure outage was caused by DDoS attack – Microsoft confirmed today that a nine-hour outage on Tuesday, which took down and disrupted multiple Microsoft 365 and Azure services worldwide, was triggered by a distributed denial-of-service (DDoS) attack.
- New Android malware wipes your device after draining bank accounts – A new Android malware that researchers call ‘BingoMod’ can wipe devices after successfully stealing money from the victims’ bank accounts using the on-device fraud technique.
- Company Paid Record-Breaking $75 Million to Ransomware Group: Report – Zscaler is aware of a company that paid a record-breaking $75 million ransom to the Dark Angels ransomware group.
- Google Chrome warns uBlock Origin may soon be disabled – Google Chrome is now encouraging uBlock Origin users who have updated to the latest version to switch to other ad blockers before Manifest v2 extensions are disabled.
- US sues TikTok for violating children privacy protection laws – The U.S. Department of Justice has filed a lawsuit against popular social media platform TikTok and its parent company, ByteDance, alleging widespread violations of children’s privacy laws.
- CrowdStrike sued by investors over massive global IT outage – Cybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%.
- U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange – In a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country.
- Over 1 Million Domains at Risk of ‘Sitting Ducks’ Domain Hijacking Technique – Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack.