Aggregator
RingReaper: New Linux Tool Leverages io_uring Kernel Feature to Bypass EDR & Stealthily Control Systems
The emergence of a new tool known as RingReaper has sparked concern among cybersecurity experts and penetration testing teams alike. This program leverages a legitimate yet highly potent Linux kernel feature called io_uring to...
The post RingReaper: New Linux Tool Leverages io_uring Kernel Feature to Bypass EDR & Stealthily Control Systems appeared first on Penetration Testing Tools.
TikTok 挖角英国隐私监管高官,应对巨额罚款与审查危机
TikTok 挖角英国隐私监管高官,应对巨额罚款与审查危机
NightEagle APT Unleashed: Zero-Day Exchange Exploit Targets China’s Strategic Industries with Fileless Malware
Since 2023, the RedDrip Team has been meticulously monitoring the activities of one of the most elusive cyber espionage groups. This threat actor, armed with an unknown Exchange exploitation chain, distinguishes itself through substantial...
The post NightEagle APT Unleashed: Zero-Day Exchange Exploit Targets China’s Strategic Industries with Fileless Malware appeared first on Penetration Testing Tools.
Pakistan-Aligned APT36 Unleashes DRAT V2: New Delphi RAT Targets Indian Government
A hacker group with affiliations beyond Pakistan has once again drawn attention following its attacks on Indian government entities. According to researchers at Recorded Future, the activity is attributed to the cyber threat group...
The post Pakistan-Aligned APT36 Unleashes DRAT V2: New Delphi RAT Targets Indian Government appeared first on Penetration Testing Tools.
微软又忘记更新授权文件过期时间导致Win7检查更新时出现80248015错误代码
Миллионы чипов, два рынка, ноль прибыли: Samsung переживает самый болезненный квартал
新型 Batavia 间谍软件借钓鱼邮件入侵俄罗斯工业企业
新型 Batavia 间谍软件借钓鱼邮件入侵俄罗斯工业企业
Critical macOS SMBClient Flaws Allow Remote Code Execution & Kernel Crashes
Security researchers have uncovered critical vulnerabilities in SMBClient for macOS that affect both user space and the operating system kernel. These flaws potentially allow for remote execution of arbitrary code and the termination of...
The post Critical macOS SMBClient Flaws Allow Remote Code Execution & Kernel Crashes appeared first on Penetration Testing Tools.
Spain’s .es Domain Surges 19x in Cybercrime Use: Now Third Most Popular for Phishing & RATs
In recent months, cybersecurity experts have observed a dramatic surge in the malicious exploitation of domains within the .es top-level domain (TLD). Over the past six months alone, the number of such incidents has...
The post Spain’s .es Domain Surges 19x in Cybercrime Use: Now Third Most Popular for Phishing & RATs appeared first on Penetration Testing Tools.
收漏洞!收X情报社区的漏洞!
黑客宣称窃取 Telefónica 106GB 数据并公开部分佐证
黑客宣称窃取 Telefónica 106GB 数据并公开部分佐证
Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours
Experts at Wiz have identified a new wave of attacks targeting TeamCity servers—a widely used platform for orchestrating CI/CD workflows. Threat actors exploited a misconfigured Java Debug Wire Protocol (JDWP) interface, enabling remote command...
The post Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours appeared first on Penetration Testing Tools.