China-linked APT BlackTech was spotted hiding in Cisco router firmware

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. US and Japanese intelligence, law enforcement and cybersecurity agencies warn of a China-linked APT, tracked as BlackTech (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda), that planted backdoor in Cisco router firmware […]

The post China-linked APT BlackTech was spotted hiding in Cisco router firmware appeared first on Security Affairs.

Found Port 81 open on web server. What to do?

Hello there, I was doing some enumeration on a website I’m trying to (legally) hack into. While running an nmap scan I found port 90 port 443 and port 81 open. Now, I’m not much familiar with port 81. I know it’s used for onion trafficking (which this website probably doesn’t do) and as a web proxy port. My question is can I do anything here? I can’t access the website through port 81 I already tried, that they’re apparently not hosting it on this port. Can I do anything to find out more about what they are doing with this port, or somehow access it another way? (only tried https://website.com:81)

submitted by /u/cuzimrave
[link] [comments]

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format. The flaw was initially tracked […]

The post Watch out! CVE-2023-5129 in libwebp library affects millions applications appeared first on Security Affairs.

Brute force on .zip file

Hello guys,

I dont know if this is the right place to ask but i have no ideea where to ask this.

I need help to unlock a .zip document. It’s about a former employee who tried to steal private documents from the company for personal interest and of course she forgot this zip on desktop.

Please advise me what I could do about this .zip

thanks

submitted by /u/tznk
[link] [comments]

DarkBeam leaks billions of email and password combinations

DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. The leaked logins present cybercriminals with almost limitless attack capabilities. DarkBeam, a digital risk protection firm, left an Elasticsearch and Kibana interface unprotected, exposing records with user emails and passwords from previously reported and non-reported data breaches. According […]

The post DarkBeam leaks billions of email and password combinations appeared first on Security Affairs.

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Following the recently announced data leak from Sony, Ransomed.vc group claimed the hack of the Japanese giant NTT Docomo. Following the recently announced data leak from Sony, the notorious ransomware syndicate Ransomed.vc announced a new victim today in face of the largest Japanese telecommunication giant NTT Docomo. Notably, the announcement came almost synchronously with the […]

The post ‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo appeared first on Security Affairs.

fetch wifi password from laptop with usb

title pretty much. say I have a laptop connected to a wpa2 protected wifi, would I be able to fabricate a script or something to put onto a usb drive that, once inserted, automatically fetches the password and stores it? submitted by /u/k…