SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.
Cybersecurity experts found a solution for the unremovable xHelper malware that manages to re-install itself even after users delete it or factory-reset the infected devices, making it almost impossible to destroy. The malware was first spotted back in March 2019, and by August, it managed to infect more than 32,000 devices. It was reported in…
Apple has rewarded a security researcher $75,000 bug bounty after he discovered a massive iOS and macOS camera vulnerability; the flaw would allow attackers to hijack the camera and microphone on any iPhone or Mac computer. Ryan Pickren, an ethical hacker, disclosed seven vulnerabilities in Apple’s Safari browser; three of which could have been exploited…
Erebus ransomware is a Linux ransomware and like any other ransomware, it aims to encrypt as many files as possible and demand ransom in exchange for a decryption key. Initially, Erebus ransomware used hacked websites in South Korea as its Command and Control (C2) servers. The updated versions of the Erebus Linux ransomware were able…
Mozilla patched two critical zero-days in Firefox 74.0.1. The vulnerabilities were exploited in the wild through targeted attacks. Mozilla is now urging users to update their Firefox browsers to fix the two bugs. The two vulnerabilities, tracked as CVE-2020-6819 and CVE-2020-6820, are both use-after-free. Use-after-free flaws are a type of memory corruption that could lead…
“wininit.exe” stands for Windows Initialization. This process is an essential part of the Windows OS and it runs in the background. “wininit.exe” is responsible for launching the Windows Initialization process. In this new series, we analyze Windows processes and provide threat hunting tips. This process’s primary function is launching the majority of the background applications that are…
For the past few months, an organized attack campaign is targeting misconfigured open Docker Daemon API ports to spread the Kinsing malware which is designed for cryptomining. The Kinsing malware is a Linux-based malware that contains a cryptominer that spreads through containers with the purpose of mining the Bitcoin cryptocurrency. According to Gal Singer, cybersecurity…
Watch out for screensavers; they could contain malicious files. Attackers can use malicious screensaver files to save their access on the systems; screensavers are programs that execute after a configurable time of user inactivity and consist of Portable Executable (PE) files with a .scr file extension. With this free sigma rule you can detect executed…
A new Windows malware dubbed “Coronavirus” is exploiting the Covid-19 pandemic to make disks unusable by overwriting the master boot record (MBR). The MBR is a boot sector that holds information on how the hard drive is partitioned and how to load the operating system. According to the malware analysis the SonicWall Capture Labs Threat…
WordPress security plugin, Wordfence, discovered two high severity vulnerabilities in the WordPress SEO Plugin – Rank Math. The vulnerabilities, if exploited, allow unauthorized attackers to grant or revoke administrative privileges or lock admins out. The privilege escalation vulnerability in the WordPress SEO plugin, Rank Math, allows attackers to grant administrative access to any registered user…
Researchers at Guardicore Labs discovered a crypto-mining botnet, dubbed Vollgar, that is targeting MSSQL databases since May 2018. The malware botnet is used to launch brute-force attacks against Microsoft SQL (MSSQL) databases to take over servers and install mining scripts on the underlying operating system. “Dating back to May 2018, the campaign uses password brute…