Beware of Fake Windows 11 Downloads Distributing Vidar Malware
Phishing domains are spreading Windows 11 installers loaded with Vidar infostealer. According to the cybersecurity firm Zscaler ThreatLabz, threat actors are trying to install info stealing malware on users’ devices through newly registered domains. Zscaler explained that these spoofed domains...
HackerOne Announces a New Customer Pentest Setup that’s More Efficient and Speeds Time to Launch
This improved experience reduces time to launch, which is vital when your organization is up against an urgent timeline to complete a pentest due to a recent acquisition, a security breach, compliance deadlines, or other drivers. Our expert Technical Engagement...
Pwn2Own – Windows 11, Microsoft Teams Hacked & Exploiting 16 Zero-day Bugs
The contestants who successfully exploited 16 zero-day bugs within 16 different products in the Pwn2Own Vancouver 2022 first day won more than $800,000 in prize money. The product line includes:- Microsoft Windows 11 (OS) Microsoft Teams (communication platform) First Day:...
Microsoft Warns Rise in XorDdos Malware Targeting Linux Devices
A Linux botnet malware known as XorDdos has witnessed a 254% surge in activity over the last six months, according to latest research from Microsoft. The trojan, so named for carrying out denial-of-service attacks on Linux systems and its use...
Pwn2Own 2022 – Windows 11, MS Teams and Firefox Pwned on Day 1
Other than Windows 11, Microsoft Teams and Mozilla Firefox, Oracle Virtualbox, Ubuntu Desktop, and Safari browser were also hacked on day one of PWN2OWN 2022 in Vancouver. Pwn2Own is a hacking contest where white hate hackers come forward and compete...
Microsoft Warns of Malware Campaign Targeting SQL Servers Using Brute Force
The United States Department of Homeland Security has issued a threat advisory regarding brute-forcing attacks aimed at exploiting weak passwords used on Microsoft SQL Server (MSSQL) database servers exposed to the internet. It is clear that the intrusions analyzed by...
New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars
A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low...
Hackers Use Built-In Utility To Target Vulnerable Microsoft SQL Servers
Posted on May 19, 2022 at 4:49 PM Tech giant Microsoft has warned about a brute-force attack that targets poorly secured and Internet-exposed Microsoft SQL Server (MSSQL) database servers with frail passwords. This is not the first time Microsoft SQL...
Kali Linux 2022.2 Release With New Hacking Tools & Updates
A new version of Kali Linux 2022.2 with new hacking tools was released, and there are a number of upgrades included in this release, all of which are available for download or updating instantly. For over a decade, offensive security...
US Warns Firms About North Korean Hackers Posing as IT Workers
US government has warned organizations to beware of hackers in the guise of IT freelancers claiming to be non-DPRK (Democratic People’s Republic of Korea) nationals. According to an advisory issued by the United States State and Treasury Departments and the Federal Bureau...
Hackers Are Inserting Malicious PHP Code to Steal credit card data
Posted on May 18, 2022 at 7:19 PM The Federal Bureau of Investigations (FBI) has issued a warning that some hackers are creating a backdoor into victims’ systems and accessing their credit card data. The agency stated that the attackers...
Understanding Public and Private Bug Bounties and Vulnerability Disclosure Programs
How Are Bug Bounty Programs and Vulnerability Disclosure Programs Different? Let’s start with the similarities. Both bug bounties and VDPs aim to collect vulnerability reports from third parties. These third parties can be security researchers, ethical hackers, partners, customers, or...
