.webp)
Cyber Security News
Metasploit Framework 6.4 Released: What’s New
Metasploit Framework 6.4 is a testament to this ongoing battle, bringing a host of new features and improvements of cybersecurity.
Cyber Security News
What is Metasploit: Tools, Uses, History, Benefits & Limitations
Metasploit is an Open Source Penetration Testing Framework created that enables security professionals to simulate attacks.
Cyber Security News
8 New Metasploit Exploit Modules Released Targeting Critical Vulnerabilities
Metasploit is an open-source penetration testing framework created by Rapid7 that enables security professionals to simulate attacks against computer systems, networks, and applications.
Cyber Security News
Metasploit 6.2 Released - 138 New modules, Enhancements & Features
With 864 payloads and 2,227 exploits, Metasploit 6.2 is one of the most-used penetration testing frameworks. In order to assess the vulnerability of a network and to test its defenses, these elements can all be used.
The Hacker News
Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military
Estonian National Busted for Smuggling U.S. Electronics to Russia Including Rapid7 Metasploit Pro Hacking Tools.
DarkReading
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously
Attackers have compromised an 8-year-old version of the cloud platform to distribute various malware that can take over infected systems.
The Hacker News
Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign
If you use Fortinet FortiClient EMS, patch NOW. Hackers are actively using a new exploit
Infosecurity News
Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit
Sliver is gaining popularity due to its modular capabilities and cross-platform support
SecurityWeek
Hacker Conversations: HD Moore and the Line Between Black and White
SecurityWeek Hacker Conversations interview with HD Moore, best known as the founder and original developer of Metasploit.
Cyber Security News
Top 15 Best Ethical Hacking Tools - 2023
Best Ethical Hacking Tools: 1. Wireshark 2.NMAP 3. Burp Suite 4. Metasploit 5.Nikto 6. Intruder 7. Aircrack-Ng 8. Nessus 9. Acunetix and more
The DFIR Report
From OneNote to RansomNote: An Ice Cold Intrusion - The DFIR Report
Key Takeaways We provide a range of services, one of which is our Threat Feed, specializing in monitoring Command and Control frameworks like Cobalt Strike, Metasploit, Sliver, Viper, Mythic, Havoc, … Read More
Security Affairs
Estonian National charged with helping Russia acquire U.S. hacking tools and electronics
Andrey Shevlyakov, an Estonian national, was charged in the US with conspiracy and other charges related to acquiring U.S.-made electronics on behalf of the Russian government and military. The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. The defendant was arrested in Estonia on […]
The Cyber Express
Cisco ASA Vulnerability: Threat Actor Demands US$1M for Remote Command Injection
A threat actor named "xc7d2f4" is allegedly selling remote command injection vulnerability for Cisco ASA. The threat actor has claimed
Cyber Security News
Estonian National Charged for Helping Russia to Purchase U.S. Hacking Tools
As per reports, an Estonian National named “Andrey Shevlyakov” was arrested on March 28, 2023, in Estonia, for buying U.S electronics on behalf of the Russian Military
Trend Micro
TargetCompany Ransomware Abuses FUD Obfuscator Packers
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems.
Security Affairs
ALPHV/BlackCat ransomware affiliate targets Veritas Backup solution bugs
An ALPHV/BlackCat ransomware affiliate was spotted exploiting vulnerabilities in the Veritas Backup solution. An affiliate of the ALPHV/BlackCat ransomware gang, tracked as UNC4466, was observed exploiting three vulnerabilities in the Veritas Backup solution to gain initial access to the target network. Unlike other ALPHV affiliates, UNC4466 doesn’t rely on stolen credentials for initial access to victim environments. Mandiant […]
Infosecurity News
Experts Warn ChatGPT Could Democratize Cybercrime
Researchers claim AI bot can write malware and craft phishing emails
Bleeping Computer
ALPHV ransomware exploits Veritas Backup Exec bugs for initial access
An ALPHV/BlackCat ransomware affiliate was observed exploiting three vulnerabilities impacting the Veritas Backup product for initial access to the target network.
Trend Micro
Patch Your WSO2: CVE-2022-29464 Exploited to Install Linux-Compatible Cobalt Strike Beacons, Other Malware
Users of WSO2 products are advised to update their respective products and platforms or to apply the temporary mitigation steps immediately.
Cyber Security News
Top 10 Vulnerability Assessment and Penetration Testing (VAPT) Tools
VAPT Tools are playing the most important part in pentesting, Here we have listed to top 10 most used VAPT tools for both free and commercial purposes.
Ars Technica
New Linux malware combines unusual stealth with a full suite of capabilities
With polymorphic encoding and a multistage infection chain, Shikitega is hard to detect.
Bleeping Computer
Zyxel fixes firewall flaws that could lead to hacked networks
Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago.
Bleeping Computer
Zyxel silently fixes critical RCE vulnerability in firewall products
Threat analysts who discovered a vulnerability affecting multiple Zyxel products report that the network equipment company fixed it via a silent update pushed out two weeks ago.
SecurityWeek
HD Moore's Rumble Raises $15M Series A Investment
Texas startup Rumble has banked $15 million in Series A financing from Decibel Partners and a laundry-list of boldface cybersecurity practitioners.
Bleeping Computer
Translated Conti ransomware playbook gives insight into attacks
Almost a month after a disgruntled Conti affiliate leaked the gang's attack playbook, security researchers shared a translated variant that clarifies on any misinterpretation caused by automated translation.
Security Affairs
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug
Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
The DFIR Report
Lets Open(Dir) Some Presents: An Analysis of a Persistent Actor’s Activity - The DFIR Report
This report is a little different than our typical content. We were able to analyze data from a perspective we typically don’t get to see… a threat actor’s host! In … Read More
Cyber Security News
10 Best Free Penetration Testing Tools 2022 - Cyber Security News
When we talk about the penetration Testing tools, that the first thing that comes up to our mind is the threat. Here the Top 10 best Pentestinng tools.
The Cyber Express
15 Cybersecurity Books You Must Read in 2024
In today's digital age, where data breaches and cyber threats are a constant concern, staying informed and educated about cybersecurity
CSO
Here is why you should have Cobalt Strike detection in place
Abusing variants of legitimate penetration testing tools has become a standard tactic for many attackers seeking to fool security teams. Cobalt Strike is among the attack frameworks used by red teams and cyber specialists should be on the lookout for cybercriminals seeking to exploit it.
The Hacker News
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
Vulnerabilities in OpenMetadata are being exploited. These critical security flaws enable hackers to get into Kubernetes environments.
SecurityWeek
Critical Vulnerability Allows Remote Hacking of Zyxel Firewalls
Thousands of Zyxel firewalls could be vulnerable to remote attacks due to a critical vulnerability discovered by Rapid7.
The Hacker News
Break into Ethical Hacking with 18 Advanced Online Courses for Just $42.99
Break Into Ethical Hacking With 18 Training Courses For Just $42.99
The Record
FIN7 hacker trialed in Russia gets no prison time
A Russian court handed down a mild one-year suspended prison sentence to a member of the FIN7 hacking group, a notorious cybercrime cartel that has hacked more than 100 US companies between 2015 and 2018.
The Hacker News
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
New post-exploitation framework called EXFILTRATOR-22 (also known as EX-22) has been discovered in the wild.
Bleeping Computer
Learn ethical hacking for just $40 in this course bundle deal
Get The 2023 Complete Cyber Security Ethical Hacking Certification Bundle, which is on sale for just $39.99 (reg. $130).
Infosecurity News
Cuba Ransomware Group Steals Credentials Via Veeam Exploit
Russian gang operates comprehensive set of attack tools
SecurityWeek
Many Internet-Exposed Servers Affected by Exploited Redis Vulnerability
Rapid7 security researchers have identified 2,000 internet-exposed Linux servers that appear to be impacted by a Redis vulnerability that has been exploited in attacks.
Bleeping Computer
Learn cybersecurity from top instructors with this 18-course bundle
Featuring 18 courses, The All-In-One 2021 Super-Sized Ethical Hacking Bundle provides an amazing introduction to the subject. You can get it today for only $20 in a limited-time offer.
CyberSecurity Dive
Software makers urged to flush SQL injection vulnerabilities
CISA and FBI officials linked attacks against MOVEit file transfer software to preventable defects.
Bleeping Computer
Learn to legally hack computers and networks with this $30 bundle
The 2021 All-in-One Ethical Hacking & Penetration Testing Bundle helps you master the necessary skills for this task, with nine full-length video courses. It's now only $29.99.
Security Affairs
Zyxel fixed firewall unauthenticated remote command injection issue
Zyxel addressed a critical flaw affecting Zyxel firewall devices that allows unauthenticated, remote attackers to gain arbitrary code execution. Zyxel has moved to address a critical security vulnerability (CVE-2022-30525, CVSS score: 9.8) affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution as the “nobody” user. The issue was discovered […]
Bleeping Computer
Launch your new career in ethical hacking with this $30 course bundle
The 2021 All-in-One Ethical Hacking & Penetration Testing Bundle teaches you this skill set, with nine full-length courses. It's worth $1,800 in total, but you can get the bundle today for just $29.99 over at Bleeping Computer Deals.
The Hacker News
Hackers Sign Android Malware Apps with Compromised Platform Certificates
Cybercriminals abuse compromised platform certificates used by Android smartphone vendors like Samsung, LG, and MediaTek to sign malicious apps.
Bleeping Computer
Get into cybersecurity with 8 ethical hacking courses for under $60
The 2021 Premium Ethical Hacking Certification Bundle helps you become an expert in this field, with over 60 hours of hands-on training. You can get it today for just $59.99.
Bleeping Computer
Get 161 hours of beginner-friendly ethical hacker training for $39
How to Hack from Beginner to Ethical Hacking Certification Bundle helps you break into this exciting field, with 161 hours of video training. You can get it today for just $39.
Infosecurity News
April Records First Patch Tuesday of 2022 to Top 100 CVEs
Microsoft fixes two zero-days in latest update round
Bleeping Computer
Hackers breach healthcare orgs via ScreenConnect remote access
Security researchers are warning that hackers are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool.
Infosecurity News
Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms
The attack targeted Israeli websites and has been linked to a nation-state actor from Iran
The Hacker News
INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime
Suspected leader of OPERA1ER hacking crew, responsible for $11 Million+ in theft, has been arrested in an international operation.
SecurityWeek
Zyxel Firewall Vulnerability Exploitation Attempts Seen One Day After Disclosure
Exploitation attempts targeting the Zyxel firewall vulnerability tracked as CVE-2022-30525 started one day after disclosure.
Bleeping Computer
These Ethical Hacking courses help you get a job in cybersecurity
The All-In-One 2021 Super-Sized Ethical Hacking Bundle helps you explore this topic and get certified, with 18 courses covering a wide variety of skills. You can get the bundle today for only $42.99.
The Hacker News
Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
Cyber criminals are taking advantage of Sunlogin software vulnerabilities to carry out post-exploitation activities with the Sliver C2 framework.
The Hacker News
CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware
Beware of the new campaign targeting poorly managed MS SQL servers! A powerful malware called CLR SqlShell is exploiting vulnerable database servers.
SecurityWeek
Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability
Multiple DDoS botnets have been observed targeting CVE-2023-28771, a Zyxel firewall vulnerability patched in April.
ZDNet
Train at your own pace to become an expert ethical hacker for only $43 | ZDNet
You don't need any kind of tech background to start training for coveted cybersecurity positions.
Bleeping Computer
Save an extra 20% off this super-sized ethical hacking training bundle
Ethical hacking is an increasingly important job skill as threats to networks multiply. These 18 white-hat training courses teach you how to use it for $36.79, $1061 off the $1098 MSRP with code ENJOY20 at checkout, but only through 11:59pm PST on March 10th.
Bleeping Computer
Get started in ethical hacking training with hundreds off this training bundle
White-hat hacking is one of the best ways to block malicious actors from accessing the systems you're responsible for. This 18-course cybersecurity training bundle shows you how to get it done for $45.99, $1052 off the $1098 MSRP.
Latest Hacking News
Researcher Discloses Unpatched Vulnerabilities In NUUO NVRmini2
The vulnerabilities even exist in the latest NUUO NVRmini2 firmware. Hence, users should keep their systems away from untrusted networks.
The Hacker News
Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks
New findings indicate that the Sliver C2 framework is gaining popularity among threat actors as a versatile alternative to traditional C2 tools.
Bleeping Computer
Gain security skills with an extra 20% off this ethical hacking bundle
White-hat hacking keeps criminals from breaching systems and knowing it can advance your career. These 18 ethical hacking courses get you started for $36.79, $1061 off the $1098 MSRP with code SECURE20 at checkout, now through 11:59pm PST on April 7th.
Bleeping Computer
Start a new career with $100 off an ethical hacking bootcamp course
Malicious actors need to be beaten to the punch. Start the new year by learning how you can use hacking for ethical purposes across these 11 courses for $39.97, $103 off the $143 MSRP.
Bleeping Computer
Study ethical hacking for life with this $46 course bundle
The All-in-One Super-Sized Ethical Hacking Bundle is on sale for just $45.99 (reg. $1,098) for a limited time only.
Bleeping Computer
Build cybersecurity skills with an extra 20% off StackSkills Unlimited
Learning is a constant of an IT career. This StackSkills lifetime subscription keeps you on the cutting edge for $39.99, $560 off the $600 MSRP with code ENJOY20 at checkout, now through 11:59 pm PST on April 16th.
Bleeping Computer
Save $150 on nine ethical hacking courses with this bundle
The threats to networks and systems online are only growing in frequency and scale. This nine-course cybersecurity bundle shows you how to keep them in check for $29.99, $150 off the $180 MSRP.
Bleeping Computer
Overhaul your ethical hacking skills with this training bundle deal
The topography of cybersecurity changes constantly, and staying current is vital to your career. These ten courses help you stay on the cutting edge for $39.99, 98% off the $2000 MSRP.
Security Affairs
China-linked Flax Typhoon APT targets Taiwan
China-linked APT group Flax Typhoon targeted dozens of organizations in Taiwan as part of a suspected espionage campaign. Microsoft linked the Chinese APT Flax Typhoon (aka Ethereal Panda) to a cyber espionage campaign that targeted dozens of organizations in Taiwan. The researchers observed Flax Typhoon gaining and maintaining long-term access to Taiwanese organizations’ networks with […]
Bleeping Computer
Advance your career with over $70 off this cybersecurity analyst training bundle
Cybersecurity becomes a more pressing problem every day. These eight cybersecurity analyst training classes helps you meet those challenges for $23.99, 75% off the $96 MSRP when you use our sitewide sale code ENJOY20 at checkout, only active now through the end of March 10th.
Bleeping Computer
Save $100 on ethical hacking training just in time for 2024
Cybersecurity should be part of every IT worker's portfolio. This 10-course bundle gets you current for $29.97, $100 off the $130 MSRP, but only through the end of New Year's Day!
Bleeping Computer
Start a white-hat hacker career with $1,000 off this super bundle
Ethical hacking is the best defense against online criminals and spies. These 18 cybersecurity training courses show you how to stop them for $39.97, $1058 off the $1098 MSRP only through the end of February 19th.
Bleeping Computer
Start mastering ethical hacking with $1,000 off this training bundle
Malicious actors are proliferating even as the risks are growing across the board. This 18-course ethical hacking training bundle helps you fight back for $45.99, $1052 off the $1098 MSRP.
Infosecurity News
Clop Ransomware Group Exploits GoAnywhere MFT Flaw
The vulnerability has a CVSS score of 7.2 and was exploited against several companies in the US
Bleeping Computer
Get started in ethical hacking with $155 off this course bundle deal
White-hat hacking is both a discipline all IT workers should learn and a ticket to a better IT career. Start learning with these nine ethical hacking courses for $24.97, $155 off the $180 MSRP, a deal you can only get now through the end of January 8th, 2024.
Bleeping Computer
Learn pentesting and white-hat skills with $150 off this bundle
Ethical hacking is the best way to put your systems to the test. These nine cybersecurity courses help you get started for $29.99, $150 off the $180 MSRP.
Bleeping Computer
Boost your IT career with $66 off this cybersecurity analyst training
If you're looking for the next step in your IT career, a cybersecurity analyst role is a perfect place to begin. Get eight full courses of cybersecurity analyst training for $29.99, $66 off the $96 MSRP.
Bleeping Computer
CISA warns of critical ManageEngine RCE bug exploited in attacks
The Cybersecurity and Infrastructure Security Agency (CISA) has added a remote code execution (RCE) affecting most Zoho ManageEngine products to its catalog of bugs known to be exploited in the wild.
Bleeping Computer
Boost your cybersecurity skills with $89 off this training bundle
Learning cybersecurity is ideal for moving up the IT career ladder. Get moving with these nine cybersecurity courses for $45.99, $89 off the $135 MSRP.
Cyber Security News
Top Suspect of OPERA1ER Hacker Group Arrested by Authorities
Recent reports from the INTERPOL and Group-IB stated that a top suspect relating to the OPERA1ER hacking group has been arrested in Abidjan, Côte d’Ivoire.
Bleeping Computer
Cuba ransomware uses Veeam exploit against critical U.S. organizations
The Cuba ransomware gang was observed in attacks targeting critical infrastructure organizations in the United States and IT firms in Latin America, using a combination of old and new tools.
Bleeping Computer
Learn ethical hacking techniques with $1,000 off this super bundle
Ethical hacking takes the battle to the black hats and keeps them from taking over the internet. These 18 cybersecurity training courses show you how to fight back for $39.97, $1059 off the $1098 MSRP now through 5/12.
Security Affairs
Experts spotted a new stealthy Linux malware dubbed Shikitega
A new Linux malware dubbed Shikitega leverages a multi-stage infection chain to target endpoints and IoT devices. Researchers from AT&T Alien Labs discovered a new piece of stealthy Linux malware, dubbed Shikitega, that targets endpoints and IoT devices. The malware outstands for its multistage infection chain, threat actors use it to can gain full control of the system […]
SecurityWeek
Evasive 'DarkTortilla' Crypter Delivers RATs, Targeted Malware
DarkTortilla has been used to deliver payloads such as information stealers, remote access trojans, and targeted malware.
Infosecurity News
Cuba Ransomware Group Unleashes Undetectable Malware
Kaspersky found suspicious files in December 2022 which activated the komar65 library known as BUGHATCH
The Hacker News
Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware
Researchers detail DarkTortilla, an evasive crypter used by hackers to spread a broad array of commodity malware and targeted payloads.
Bleeping Computer
Get started in cybersecurity with $95 off this course bundle
Protecting the networks and systems they serve is everyone's job in IT. This nine-course cybersecurity training and certification bundle gives you the skills you need for $39.97, $95 off the $135 MSRP through 11:59 PM PST on May 31st.
Infosecurity News
Flaw in Apache ActiveMQ Exposes Linux Systems to Kinsing Malware
Identified as CVE-2023-46604, the vulnerability has a CVSS score of 9.8
Bleeping Computer
FBI: Hackers target US defense firms with malicious USB packages
The Federal Bureau of Investigation (FBI) warned US companies in a recently updated flash alert that the financially motivated FIN7 cybercriminals group is targeting the US defense industry with packages containing malicious USB devices.
Infosecurity News
US Government in Snatch Ransomware Warning
Experts believe attacks have ramped up recently
Bleeping Computer
Get started in ethical hacking with $98 off this training bootcamp
Ethical hacking helps you go on the offensive against digital crooks. Learn how it works with these 11 white-hat hacking courses for $44.99, $98 off the $143 MSRP.
Bleeping Computer
Beat bad guys to the punch with $1,000 off this ethical hacking bundle
Ethical hacking protects everyone and it's a key component of cybersecurity. Learn how it works with these 18 cybersecurity courses for $39.97, $1058 off the $1098 MSRP.
Bleeping Computer
Test your network like a hacker with $1,000 off this course bundle
Ethical hacking gets deep into your networks to find problems before criminals can exploit them. For a limited time start learning how with these 18 cybersecurity courses for $39.97, $1058 off the $1098 MSRP.
The Hacker News
Hackers Repeatedly Targeting Financial Services in French-Speaking African Countries
Multiple major financial services companies in French-speaking Africa have been repeatedly attacked by hackers as part of the DangerousSavanna.
The Hacker News
Suspected Iranian Hackers Targeted Several Israeli Organizations for Espionage
Iranian hackers have been linked to a series of attacks aimed at Israeli shipping, government, energy, and healthcare organizations as part of an espi
Bleeping Computer
Upgrade your ethical hacking skills with $150 off this training bundle
White-hat hacking is a crucial discipline for the safety of your organization. This nine course ethical-hacking training bundle teaches you the skills you need for $29.99, $150 off the $180 MSRP.
The DFIR Report
From ScreenConnect to Hive Ransomware in 61 hours - The DFIR Report
In 2022, The DFIR Report observed an increase in the adversarial usage of Remote Management and Monitoring (RMM) tools. When compared to post-exploitation channels that heavily rely on terminals, such … Read More
SecurityWeek
Inside the Mind of the Hacker: Report Shows Speed and Efficiency of Hackers in Adopting New Technologies
Bugcrowd’s Inside the Mind of the Hacker report shows the speed and efficiency of hackers adopting new technologies to assist their hunting
Bleeping Computer
CISA warns of Windows and UnRAR flaws exploited in the wild
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two more flaws to its catalog of Known Exploited Vulnerabilities, based on evidence of active exploitation.
Cyber Security News
Multiple APT Hackers Exploiting Fortinet & ManageEngine Vulnerability
FortiOS SSL-VPN safeguards against data breaches, while ManageEngine ServiceDesk Plus offers an integrated help desk and asset management for IT resources.
Bleeping Computer
Android spyware apps target Israel in three-year-long campaign
A set of seemingly innocuous Android apps have been infecting Israeli users with spyware since 2018, and the campaign continues to this day.
The Record
FBI: FIN7 hackers target US companies with BadUSB devices to install ransomware
The US Federal Bureau of Investigation says that FIN7, an infamous cybercrime group that is behind the Darkside and BlackMatter ransomware operations, has sent malicious USB devices to US companies over the past few months in the hopes of infecting their systems with malware and carrying out future attacks.
Loading more articles....