hacking tutorials

Senior managers in UK and US companies are routinely exposing their organization to cyber-threats with more risky device and password management practices than their junior colleagues, according to OneLogin. The identity and access management (IAM) provider polled 2000 remote workers in both...

The OWASP Amass tool suite obtains subdomain names by scraping data sources, recursive brute forcing, crawling web archives, permuting/altering names and reverse DNS sweeping. Additionally, Amass uses the IP addresses obtained during resolution to discover associated netblocks and ASNs. All the...

The past 12 months have seen a record number of CVEs published by the US authorities, the fourth year in a row volumes have risen. As of December 15, the number of vulnerabilities in production code discovered and assigned a CVE number by the US-CERT Vulnerability Database, topped the 2019...

An American healthcare provider is proposing to resolve a lawsuit filed on behalf of victims of a 2019 data breach with a $4.2m settlement. Kalispell Regional Healthcare, based in Montana, announced in October last year that a data breach had occurred. Approximately 130,000 patients had their...

The United States Department of Justice has brought charges against the alleged operator of a puppy scam website that defrauded American consumers. A criminal complaint was unsealed on December 4 in federal court in Pittsburgh charging Desmond Fodje Bobga with conspiracy to commit wire fraud...

A new report on the cybersecurity of the education sector has found that nearly half of the schools in the United States did not implement new training or tools to protect staff and students during the pandemic. The CTNT report “Lessons learned: How education coped in the shift to distance...

One of the world’s largest recruitment agencies has become the latest victim of a serious ransomware attack, after being hit by the Egregor variant. Randstad claims to have 280,000 clients and operations in 38 countries. Its 38,000 employees helped to generate nearly €24bn ($29bn) in revenue...

The UK government has unveiled plans to develop a new statutory code for tech companies that is designed to give customers more choice and control over their data. The Department for Digital, Culture, Media and Sport (DCMS) said that a dedicated Digital Markets Unit will work alongside...

More than one in seven emails sent on Black Friday today could be a scam, security experts have warned. Vade Secure claims to protect one billion inboxes around the world with AI-powered security for Microsoft 365. Its Current Events tracker has detected a predictable spike in malicious...

The number of DDoS attacks targeting e-commerce in Europe has increased four-fold over the last eight months. According to research by Stormwall, between February and October 2020, the number of DDoS attacks targeted at online retail services quadrupled compared to the same period last year...

A consumer rights group has found security vulnerabilities in 11 popular smart doorbell products available on two of the world’s biggest online marketplaces. Which? enlisted the help of researchers at NCC Group to run tests on the smart devices they found on eBay and Amazon, many of which had...

TikTok has patched two common types of vulnerability which a researcher combined to create a “one-click” account takeover attack. Submitted by Muhammed Taskiran via HackerOne back on August 26, the bugs were originally labelled medium severity before being upgraded to high (CVSS 8.2) a few days...

The Cisco Talos research team noted the increased interest of cybercriminals in legitimate “proxyware” software that allows users to share part of their Internet connection with other devices. In fact, cybercriminals use proxyware on the same principle as legitimate cryptocurrency mining...

If you use the services of one of the banks that pay attention to the IT component, you probably talked with a bot that helps to solve this or that issue. So, these chat bots, according to experts, contain vulnerabilities that allow them to steal money from a client of a credit institution...

Kaspersky Lab expert Viktor Chebyshev, who researches mobile threats, spoke in an interview about Android malware that steals money. The specialist emphasized that in the future, users will face even more such malware. As Chebyshev told the Izvestia newspaper, malicious software for Android...

On 2021, a new version of the Ideco UTM universal security gateway was released by the Russian company Aydeko under the motto “Conquering Space”. This is already the 10th release of Ideco UTM, refined and supplemented with new security features. For the first time, the company announced its own...