Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface. Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits. With this release, the Kali Linux …
Kali Linux 2021.3 released with new pentest tools Read More »
The T-Mobile data breach keeps getting worse as an update to their investigation now reveals that cyberattack exposed over 54 million individuals’ data. Last weekend, a threat actor began selling the personal information of 100 million T-Mobile customers on a hacking forum for six bitcoin (~$280K), and they starting Investigating Claims of Massive Data Breach. …
T-Mobile data breach just got worse – now at 54 million customers Read More »
Communications giant T-Mobile said today it is investigating the extent of a breach that hackers claim has exposed sensitive personal data on 100 million T-Mobile USA customers, in many cases including the name, Social Security number, address, date of birth, phone number, security PINs and details that uniquely identify each customer’s mobile device. On Sunday, Vice.com broke the …
T-Mobile Investigating Claims of Massive Data Breach Read More »
Threat actors have leaked 1 million stolen credit cards for free online as a way to promote a fairly new and increasingly popular cybercriminal site dedicated to…selling payment-card credentials. Researchers from threat intelligence firm Cyble noticed the leak of the payment-card data during a “routine monitoring of cybercrime and Dark Web marketplaces,” researchers said in …
What is a port? A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer’s operating system. Each port is associated with a specific process or service. Ports allow computers to easily differentiate between different kinds of traffic: emails go to a different port than webpages, …
Hack Tutorial #4: List of Common Ports in networking Read More »
Threat actors actively exploit a critical authentication bypass vulnerability impacting home routers with Arcadyan firmware to take them over and deploy Mirai botnet malicious payloads. The vulnerability tracked as CVE-2021-20090 is a critical path traversal vulnerability (rated 9.9/10) in the web interfaces of routers with Arcadyan firmware that could allow unauthenticated remote attackers to bypass authentication. The ongoing attacks were …
Actively exploited bug bypasses authentication on millions of routers Read More »
Cisco Issues Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition. The issues tracked as CVE-2021-1609 (CVSS score: 9.8) and CVE-2021-1610 (CVSS score: 7.2), reside in the …
Cisco Issues Critical Security Patches to Fix Small Business VPN Router Bugs Read More »
Three distinct clusters of malicious activities operating on behalf of Chinese state interests have staged a series of attacks to target networks belonging to at least five major telecommunications companies located in Southeast Asian countries since 2017. “The goal of the attackers behind these intrusions was to gain and maintain continuous access to telecommunication providers …
Chinese Hackers Target Major Southeast Asian Telecom Companies Read More »
Google is emailing Android users to let them know that, starting late September, they will no longer be able to log in to their Google accounts on devices running Android 2.3.7 (Gingerbread) and lower. “As part of our ongoing efforts to keep our users safe, Google will no longer allow sign-in on Android devices that run …
Google is going to block logins on old Android devices starting September Read More »
An unidentified threat actor has been exploiting a now-patched zero-day flaw VBA Malware in Internet Explorer browser to deliver a fully-featured VBA-based remote access trojan (RAT) capable of accessing files stored in compromised Windows systems, and downloading and executing malicious payloads as part of an “unusual” campaign. The backdoor is distributed via a decoy document …
Hackers Exploit Microsoft Browser Bug to Deploy VBA Malware on Targeted PCs Read More »
