Threat ITCyber Security Articles and Tutorials

News
- Articles
  
  50% reduction in Google account hacks after enabling 2SV
  
  Threat IT Staff - February 9, 2022 0
  
  One of the main problems is the lack of understanding by users of the benefits of additional authorization procedures. It turns out that with just...
  
  News
  
  Chinese hack group GhostEmperor uses new rootkit against Windows 10
  
  Threat IT Staff - October 3, 2021 0
  
  At the SAS 2021 conference, Kaspersky Lab analysts spoke about the tools of the new Chinese cyber-espionage group GhostEmperor, which has been attacking large organizations in Southeast Asia...
  
  Articles
  
  Google developers told how they will implement Manifest V3
  
  Staff ThreatIT - September 27, 2021 0
  
  This week, Google revealed exactly how it plans to phase out Manifest V2, which defines the capabilities and limitations for extensions in Chrome. The developers also shared...
  
  Articles
  
  DDoS service operator DownThem faces up to 35 years in prison
  
  Threat IT Staff - September 21, 2021 0
  
  A California jury found a former DDoS service administrator (DownThem and Ampnode) guilty. Paid users of these services have carried out over 200,000 DDoS attacks both on...
Application Security
- Application Security
  
  About 30% of critical vulnerabilities in WordPress plugins remain unpatched
  
  Staff ThreatIT - March 15, 2022 0
  
  Patchstack analysts have released a report on WordPress security in 2021. Unfortunately, the picture turned out to be depressing, for example, it turned out that 29% of...
  
  Application Security
  
  WordPress plugins and themes used to inject backdoors
  
  Threat IT Staff - January 25, 2022 0
  
  A massive attack on the supply chain affected 93 WordPress themes and plugins that were embedded with backdoors that gave attackers full access to...
  
  Application Security
  
  Chrome 0-day vulnerability – 8th Vulnerability this year
  
  Jim Koohyar Biniyaz - July 19, 2021 0
  
  Google developers have released an updated version of the Chrome browser for Windows, Mac and Linux ( 91.0.4472.164 ), which eliminated a zero-day vulnerability in the...
  
  Application Security
  
  CVE-2021-3452 – Lenovo patches a vulnerability affecting dozens of ThinkPad models
  
  Threat IT Staff - July 16, 2021 0
  
  Lenovo has released information on three BIOS vulnerabilities in two desktop models and approximately 60 different notebook computers. The first issue, identified as CVE-2021-3452, threatens dozens of...
Vulnerabilities & Threats
- Articles
  
  Synology and QNAP warn about bugs in their products
  
  Threat IT Staff - May 2, 2022 0
  
  Companies have reported numerous critical Netatalk server vulnerabilities. Based on a published report , multiple flaws allow remote attackers to obtain sensitive information and possibly execute arbitrary...
  
  Articles
  
  Fresh bug in VMware vCenter is already under attack
  
  Staff ThreatIT - September 28, 2021 0
  
  An exploit for the recently fixed RCE vulnerability in VMware vCenter (CVE-2021-22005) has been published online. Experts warned that hackers had already adopted the exploit. The...
  
  Articles
  
  Attackers scan the network looking for Microsoft Exchange servers vulnerable to ProxyShell
  
  Staff ThreatIT - August 10, 2021 0
  
  Recently at the Black Hat conference, they talked about the remote code execution vulnerabilities in Microsoft Exchange, collectively known as ProxyShell. Now experts are warning...
  
  Application Security
  
  Chrome 0-day vulnerability – 8th Vulnerability this year
  
  Jim Koohyar Biniyaz - July 19, 2021 0
  
  Google developers have released an updated version of the Chrome browser for Windows, Mac and Linux ( 91.0.4472.164 ), which eliminated a zero-day vulnerability in the...
Tutorials & Tools
- Articles
  
  Metasploit with Docker and Kubernetes
  
  Threat IT Staff - November 29, 2020 0
  
  The purpose of this article is to make it easy to build a penetration test environment without any other complicated settings as long as...
  
  Articles
  
  Credentials for 50 thousand Fortinet VPN devices published online
  
  Threat IT Staff - November 27, 2020 0
  
  Last weekend, one of the hacker forums posted exploits for a vulnerability in Fortinet VPN devices ( CVE-2018-13379 ) and the IP addresses of...
  
  Articles
  
  How To Use Powershell Empire
  
  Threat IT Staff - November 27, 2020 0
  
  Initial setup Build a C2 server called listener ================================================================ Post-Exploitation Framework ================================================================ 2.5 | https://github.com/empireProject/Empire ================================================================ _______ .___ ___. .______ ...
  
  Articles
  
  Scan Open Ports With Nmap – Full Tutorial
  
  Threat IT Staff - November 26, 2020 0
  
  1 What is nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to...
Risk & Compliance
- Articles
  
  Choosing an IAM Solution: Are You Paying Attention to the Right Things?
  
  Staff ThreatIT - February 22, 2022 0
  
  Ever considered how many passwords are used by employees in your organization? And how many workers cannot remember their secret character set and write it...
  
  Articles
  
  Privacy-focused ClearURLs extension removed from Chrome Web Store
  
  Threat IT Staff - March 25, 2021 0
  
  Edition Bleeping Computer Note that the browser-based extension ClearURLs, clearing URL-addresses from any tracker, designed for surveillance and intelligence, has been removed from Chrome Web Store. ClearURLs...
  
  Articles
  
  Ledger Crypto Data Breach – 270,000 Wallet Owners Data has been leaked
  
  Threat IT Staff - December 21, 2020 0
  
  A hacker forum found a database containing email addresses and physical addresses of the owners of Ledger hardware wallets, according to Bleeping Computer . Journalists remind that...
  
  Articles
  
  Cellebrite learned how to hack Signal correspondence
  
  Threat IT Staff - December 16, 2020 0
  
  Israeli company Cellebrite , which specializes in hacking smartphones, said that it can now extract user messages in the Signal messenger, which is considered...
Attacks & Breaches
- Articles
  
  Fodcha botnet attacks over 100 victims daily
  
  Threat IT Staff - April 15, 2022 0
  
  Qihoo 360 (360 Netlab) experts report the discovery of a new Fodcha botnet that launches DDoS attacks on hundreds of victims every day. According to the company,...
  
  Articles
  
  Microsoft has recorded a record DDoS attack, with a capacity of 3.47 Tb / s
  
  Threat IT Staff - January 27, 2022 0
  
  Microsoft said last November its DDoS protection platform repelled a massive DDoS attack targeting an Azure customer in Asia. The attack power was 3.47 Tb/s. Let...
  
  Articles
  
  The number of attacks on Microsoft Exchange Server grew by 170% in a month
  
  Staff ThreatIT - September 7, 2021 0
  
  Kaspersky Lab researchers report that in August 2021, the company's products blocked 19,839 attacks on users of Microsoft Exchange servers. The surge in malicious activity...
  
  Articles
  
  Attackers scan the network looking for Microsoft Exchange servers vulnerable to ProxyShell
  
  Staff ThreatIT - August 10, 2021 0
  
  Recently at the Black Hat conference, they talked about the remote code execution vulnerabilities in Microsoft Exchange, collectively known as ProxyShell. Now experts are warning...
Critical Infrastructure
- Articles
  
  Critical Infrastructure Warning! Millions of PLCs, switches, IoT devices are under threat
  
  Jim Koohyar Biniyaz - December 18, 2020 0
  
  Eleven vulnerabilities, combined under the name Urgent / 11, were made public in August 2019. Five bugs with the general name CDPwn showed up...
  
  Articles
  
  33 vulnerabilities threaten millions of Critical Infrastructure
  
  Jim Koohyar Biniyaz - December 10, 2020 0
  
  Cybersecurity researchers have found 33 vulnerabilities in four open source TCP / IP libraries. Currently, problematic libraries are used in the firmware of products...
  
  Cyber Security
  
  The risk is real: attacks on OT infrastructure
  
  Jim Koohyar Biniyaz - November 11, 2020 0
  
  Previously, many believed that attacks on an isolated OT infrastructure (Operational Technology) were practically impossible, since everything works in a special network, separate from...
Endpoint Security
- Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Cyber Security
  
  Comodo has published the EDR source code on GitHub
  
  Threat IT Staff - November 15, 2020 0
  
  Comodo this week opened the source for its Endpoint Detection and Response (EDR) system. Thus, the company became the first major vendor to take...
IoT Security
- Articles
  
  Serious bugs fixed in D-Link routers
  
  Threat IT Staff - December 10, 2020 0
  
  This summer, Digital Defense specialists discovered that a number of D-Link router models were vulnerable to command injection, including remote ones. Initially, problems were found in DSR-250...
  
  Articles
  
  Scientists turn a robot vacuum cleaner into a spy device
  
  Threat IT Staff - November 25, 2020 0
  
  Household robotic vacuum cleaners can be hacked remotely and eavesdropped on conversations, even if they don't have a microphone. The researchers collected information from a...
  
  Articles
  
  New Bluetooth attack can hijack Tesla Model X in minutes
  
  Threat IT Staff - November 24, 2020 0
  
  Tesla is using over the air updates to patch vulnerabilities and add new features to its keyless entry system in Tesla Model X vehicles....
  
  Articles
  
  IoT Security – Why is it Important?
  
  Jim Koohyar Biniyaz - August 10, 2020 0
  
  IoT or Internet of Things are connected devices, including hardware, software and data. IoT Security It is a technology area that deals with the...
Network Security
- Articles
  
  More than 45 million medical scans are in the public domain
  
  Staff ThreatIT - December 16, 2020 0
  
  A study by CybelAngel, a risk management services company, helped identify a massive leak of confidential information . The aim of the study was...
  
  Articles
  
  New Kerberos Exploit for Bronze Bit attack Has Been Published
  
  Jim Koohyar Biniyaz - December 11, 2020 0
  
  NetSPI security specialist Jake Karnes has published detailed information ( 1 , 2 ) about the CVE-2020-17049 vulnerability, as well as an exploit for it, calling his attack Kerberos Bronze...
  
  Articles
  
  Why Is It Important To Have Intrusion Detection And Prevention ?
  
  Threat IT Staff - November 24, 2020 0
  
  This article describes why detection and prevention of burglaries must be one of the most important aspects of any burglary protection and detection system....
  
  Articles
  
  MASSCAN: Mass IP port scanner
  
  Threat IT Staff - November 12, 2020 0
  
  This is an Internet-scale port scanner. It can scan the entire Internet in under 6 minutes, transmitting 10 million packets per second, from a...
Innovations
- All Artificial Intelligence Big Data
  
  Articles
  
  What is Advanced Threat Protection, and can you fully rely on it?
  
  Threat IT Staff - May 3, 2022 0
  
  ATP or advanced threat protection is a premiere suite of analytical tools and malware protection systems that protect against phishing attacks, security threats, and...
  
  Articles
  
  Choosing an IAM Solution: Are You Paying Attention to the Right Things?
  
  Staff ThreatIT - February 22, 2022 0
  
  Ever considered how many passwords are used by employees in your organization? And how many workers cannot remember their secret character set and write it...
  
  Articles
  
  Google has developed a rating system for open source projects
  
  Threat IT Staff - December 14, 2020 0
  
  As part of its participation in the Open-Source Security Foundation (OpenSSF), Google has developed a system for ranking open source projects based on their importance to...
Tutorial and Tools
- Articles
  
  Metasploit with Docker and Kubernetes
  
  Threat IT Staff - November 29, 2020 0
  
  The purpose of this article is to make it easy to build a penetration test environment without any other complicated settings as long as...
  
  Articles
  
  Credentials for 50 thousand Fortinet VPN devices published online
  
  Threat IT Staff - November 27, 2020 0
  
  Last weekend, one of the hacker forums posted exploits for a vulnerability in Fortinet VPN devices ( CVE-2018-13379 ) and the IP addresses of...
  
  Articles
  
  How To Use Powershell Empire
  
  Threat IT Staff - November 27, 2020 0
  
  Initial setup Build a C2 server called listener ================================================================ Post-Exploitation Framework ================================================================ 2.5 | https://github.com/empireProject/Empire ================================================================ _______ .___ ___. .______ ...
  
  Articles
  
  Scan Open Ports With Nmap – Full Tutorial
  
  Threat IT Staff - November 26, 2020 0
  
  1 What is nmap? Nmap, short for Network Mapper, is a free, open-source tool for vulnerability scanning and network discovery. Network administrators use Nmap to...

Most recent articles by:

Jim Koohyar Biniyaz

Vulnerability in macOS Leads to Data Leakage

Microsoft experts said that attackers could use a macOS vulnerability to bypass Transparency, Consent, and Control (TCC) technology and gain access to protected user...

Jim Koohyar Biniyaz - January 11, 2022 0

Articles

Abcbot botnet attacks Chinese cloud providers

The Arcbot botnet attacks the infrastructure of Chinese cloud hosting providers, researchers at Cado Security warned . Presumably, the main purpose of malware is cryptocurrency mining. Abcbot attacks the...

Jim Koohyar Biniyaz - December 23, 2021 0

Articles

Log4j 0 Day: Experts are already fixing attacks on the Log4Shell vulnerability

Cybercriminals and cybersecurity researchers are already scanning the network for products vulnerable to a dangerous bug in the Log4j library, which has been named Log4Shell . The...

Jim Koohyar Biniyaz - December 14, 2021 0

Articles

Dark Mirai botnet exploits RCE vulnerability in TP-Link routers

According to Fortinet experts, the Dark Mirai (aka Manga or Dark.IoT) botnet operators are actively abusing a recently discovered vulnerability in TP-Link routers. The attacks...

Jim Koohyar Biniyaz - December 12, 2021 0

Articles

0-day in Log4j library poses a threat to many applications and servers

The Apache Software Foundation has released an emergency security update that fixes a 0-day vulnerability ( CVE-2021-44228 ) in the popular Log4j logging library, which is...

Jim Koohyar Biniyaz - December 12, 2021 0

Articles

226 vulnerabilities found in popular router models

Researchers at IoT Inspector, in collaboration with Chip, have verified the security of many popular routers from Asus, AVM, D-Link, Netgear, Edimax, TP-Link, Synology and Linksys...

Jim Koohyar Biniyaz - December 4, 2021 0

Articles

Emergency patches for Chrome address multiple 0-day vulnerabilities

Google has released Chrome 95.0.4638.69 for Windows, Mac and Linux. Two zero-day vulnerabilities that were actively exploited by cybercriminals have been fixed in the browser. The developers warn...

Jim Koohyar Biniyaz - October 29, 2021 0

Articles

Fresh Apache Vulnerability May Lead to Remote Code Execution

Earlier this week, the Apache Software Foundation released a patch to address the 0-day vulnerability CVE-2021-41773 in its HTTP web server. Already at the time of the...

Jim Koohyar Biniyaz - October 8, 2021 0

12 3...9 Page 1 of 9

Jim Koohyar Biniyaz

Most Popular Articles

Latest News

Hot Tutorials & Tools

Follow Us