WormGPT Makes a Comeback Using Jailbroken Grok and Mixtral Models

Cato CTRL uncovers new WormGPT variants on Telegram powered by jailbroken Grok and Mixtral. Learn how cybercriminals jailbreak top LLMs for uncensored, illegal activities in this latest threat research...

Cybercrime gets a few punches on the nose

It’s not often that we get to share good news, so we wanted to grab this opportunity and showcase some progress made by law enforcement actions against cybercrime with you. Europol notified us about the take-down of two of the largest cybercrime forums in the world. With over 10 million users,...

Exploit for Uncontrolled Resource Consumption in Siemens 6Bk1602-0Aa12-0Tp0_Firmware

Exploiting-CVE-2021-44228-Log4Shell-in-a-Banking-Environment O...

Exploit for Deserialization of Untrusted Data in Apache Kafka_Connect

This tool is intended for security testing purposes only. Do not...

UK Sets Up Fake Booter Sites To Muddy DDoS Market

The United Kingdoms National Crime Agency NCA has been busy setting up phony DDoS-for-hire websites that seek to collect information on users, remind them that launching DDoS attacks is illegal, and generally increase the level of paranoia for people looking to hire such services. The warning...

The pitfalls of blocking IP addresses

In August 2022, the Austrian court ordered the block of 11 IP addresses for copyright violations on 14 websites. Sadly, there was an undesirable side-effect--thousands of websites were rendered inaccessible to internet users in Austria for two days. There are many possible reasons why governments...

Ukraine Arrests Cybercrime Group for Selling Data of 30 Million Accounts

Ukrainian law enforcement authorities on Friday disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests. The group specialized in the sales of 30 million accounts belonging to citizens from Ukraine and the European Unio...

China's New Law Requires Vendors to Report Zero-Day Bugs to Government

The Cyberspace Administration of China CAC has issued new stricter vulnerability disclosure regulations that mandate software and networking vendors affected with critical flaws to mandatorily disclose them first-hand to the government authorities within two days of filing a report. The...

Feds Seize $1B in Bitcoin from Silk Road

The feds have seized its largest stash ever of Bitcoin, originating from the notorious Silk Road underground marketplace. The federal coffers are now $1 billion richer. Silk Road was known for the place to go to broker illegal drugs, murder-for-hire, child pornography and malware – such as passwo...

UK Ad Campaign Seeks to Deter Cybercrime

The United Kingdom's anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. The ad campaign follows a similar initiative launched in late 2017 that academics say...

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on...

250 Webstresser Users to Face Legal Action

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol, the European Union's law enforcement agency. In April 2018, investigators in the U.S., U....

Friday Squid Blogging: Illegal North Korean Squid Fishing

North Korea is engaged in even more illegal squid fishing than previously. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

World’s largest child porn site was run by police for undercover op

By Carolina Dark web is home to explicit and illegal content including child This is a post from HackRead.com Read the original post: Worlds largest child porn site was run by police for undercover op...

AlphaBay Dark Web Marketplace Hacked; Exposes Over 200,000 Private Messages

AlphaBay, possibly the largest active dark web marketplace at the moment, has paid a hacker after he successfully exploited vulnerabilities in the internal mailing system of the website and hijacked over 200,000 private unencrypted messages from several users. The hacker, using the pseudonym...

Hola — A widely popular Free VPN service used as a Giant Botnet

The bandwidth of millions of users of a popular free VPN service is being sold without their knowledge in an attempt to cover the cost of its free service, which could result in a vast botnet-for-sale network. "Hola," a free virtual private network, is designed to help people abroad watch...

Windows Domain Credentials Phishing Tool

While performing a Pen test for a client i needed to catch a domain user name and password, there are several ways to gain users passwords and it really depends on a lot of factors on how to get it in my case i didn’t had time to wait for the user to enter his credentials and get it using a key...

MetInfo_v5. 1. 3 arbitrary file upload vulnerability-vulnerability warning-the black bar safety net

MetInfo 2 No. 3 released a new version 5. 1. 5, the prosthesis of this article mentioned the vulnerability, of course, strictly speaking, should be the arbitrary variable overwrite vulnerability.... ps: welcome various forms to reprint 首发 t00ls.net Note: Please do not use the contents of this...

Hacker group RedHack faces up to 24 years in prison for terrorist crimes

As part of an investigation launched by Başsavcıvekilliği in Ankara on March 20 arrested seven people, including college students. 13 of the indictment prepared by the prosecutor's office in Ankara Was adopted by the High Criminal Court. Court has accepted an indictment against RedHack, a Turkish...

British VPN Service Defends Role in Lulzsec Bust

British virtual private network VPN company Hide My Ass has taken a stand about their involvement in the arrest of an alleged Lulzsec member last week. In a blog post published on Friday, the company reiterated that they keep logs of their users’ history for 30 days and they will cooperate with l...