U.S. Cyber Command increases budget for international operations
Biden signed a bill on defense policy worth $858 billion, expanding the possibilities of conducting cyber operations of the US government, The Record reports.
Experts from CrowdStrike have discovered a new strain of the advanced GuLoader loader.
As it turned out, the authors of malware carried out a decent upgrade and added a wide range of features to bypass security software.
By the end of the year, everyone is trying to knock out all the cases, as well as extortionists
By the end of the year, everyone is trying to knock out all the cases, as well as extortionists. Ransom House has added the Republic of Vanuatu (an island nation located in the South Pacific Ocean) to its list of victims by stealing more than 3 TB of data from the government network.
On Breached, hackers put up for sale a database with information on 400 million unique Twitter users.
A seller named Ryushi claims that the data was collected as a result of parsing using an already fixed API vulnerability, offering an exclusive sale for $200,000.
Apparently, New Year's Eve is not up to updates
Apparently, New Year's Eve is not up to updates, especially when online stores on WordPress are actively selling gift cards through the popular plugin YITH WooCommerce Gift Cards Premium.
Let's go back to Zerobot
Let's go back to Zerobot, which was originally reported by Fortinet two weeks ago. The Internet of Things (IoT) botnet is a self-replicating and self-propagating malware written in the Golang (Go) language and aimed at more than twelve architectures, with a wide range of distributed DDoS capabilities.
ReSolver researcher discovered a backdoor in ZyXEL LTE3301-M209 LTE routers.
CVE-2022-40602 is associated with hard-coded credentials by analogy with similar problems in Telnet in D-Link DWR-921. He analyzed ELF, focusing on amit features that contained a loophole in D-Link routers.
Experts warn of a critical vulnerability of the Linux kernel of 10 points on the CVSS scale,
Experts warn of a critical vulnerability of the Linux kernel of 10 points on the CVSS scale, which affects SMB servers and can lead to RCE. The critical vulnerability of the Linux kernel makes SMB servers with ksmbd enabled (a Linux kernel server that implements the SMB3 protocol in the kernel space for file exchange over the network) vulnerable to hacking.
Microsoft, as usual, quietly fixed an important security vulnerability in the
Microsoft, as usual, quietly fixed an important security vulnerability in the Azure service (ACS) after researchers from Mnemonic discovered that the problematic function allows attacks to bypass the network between tenants.
How to conduct an online investigation: 5 useful tools
If you are interested in someone's data, but you can't find it, then you have outdated tools. Today we have prepared the best extensions and services that work in 2022:
Anonymize your traffic using 4nonimizer
Friends, today I would like to tell you about a great tool called 4nonimizer. This utility allows you to mask all your traffic from the provider by changing the IP address using one of the 19 VPN services that support OpenVPN technology.
Search for a person by nickname
In this post we will talk about services that can find a person by his nickname on the Internet. They all conduct a fully automatic search on various services, social networks, websites, forums, and so on.
We follow the victim with the help of a link
Trape is an OSINT tool that allows you to track and execute social engineering attacks in real time. The utility creates a phishing link that allows you to follow the user who clicks on it. Thanks to this tool, you can get information such as: IP, geolocation, OS. You can also run js scripts remotely, upload files to your PC. It will be possible to find out which services the user is registered
Finding site vulnerabilities
XAttacker — created for the lazy and inquisitive, with it you can not only find out what engine the site is on, but also find out its vulnerabilities, as well as get links to these vulnerabilities.
We check the VPN for reliability
When using a VPN, your IP address is "Masked", as it were, this does not allow third-party services to see your personal IP address. A little bit about the principle of tracking: when you connect to a site, it sends a request to your provider to get an IP address, and no matter how much you would like it, he gets it.
