From cybersecuritynews.com
TCP SYN Flood attacks are the most popular ones amongst the DDOS attacks. Here we are going to discuss in detail, the basis of the TCP SYN attack and to stop before it reaches those servers.
It’s been more than two decades when the first DDOS attack was attempted at the University of Minnesota which knocked it down for two days. A lot followed that, including one of the biggest in history of DDOS which was against Github and involved 1.35 TBps attack against the site.
From cyberdefensemagazine.com
Investment banking firm Morgan Stanley has disclosed a data breach after threat actors have compromised the Accellion FTA server of the third-party vendor Guidehouse.
The company has offices in more than 42 countries and more than 60,000 employees, it has clients in multiple industries.
Guidehouse provides account maintenance services to Morgan Stanley’s StockPlan Connect business, hackers breached its Accellion FTA server and stole information belonging to Morgan Stanley stock plan participants.
From bleepingcomputer.com
Mint Mobile has disclosed a data breach after an unauthorized person gained access to subscribers’ account information and ported phone numbers to another carrier.
According to the data breach notification email sent to affected subscribers this weekend, between June 8th and June 10th, a threat actor ported the phone numbers for a “small” number of Mint Mobile subscribers to another carrier without uthorization.
In addition to the ported number, Mint Mobile disclosed that an unauthorized person also potentially accessed subscribers’ personal information, including call history, names, addresses, emails, and passwords.
From kitploit.com
NExfil is an OSINT tool written in python for finding profiles by username. The provided usernames are checked on over 350 websites within few seconds. The goal behind this tool was to get results quickly while maintaining low amounts of false positives.
If you like my work please star this project 😀
If you find any errors or false positives or if you want to suggest more websites feel free to open an issue.
From securityaffairs.co
Mint Mobile is an American telecommunications company which sells mobile phone services and operates as an MVNO on T-Mobile’s cellular network in the United States.
BleepingComputer reported that Mint Mobile has disclosed a data breach that exposed subscribers’ account information and ported phone numbers to another carrier.
From kalilinuxtutorials.com
MacHound is an extension to the Bloodhound audting tool allowing collecting and ingesting of Active Directory relationships on MacOS hosts. MacHound collects information about logged-in users, and administrative group members on Mac machines and ingest the information into the Bloodhound database. In addition to using the HasSession and AdminTo edges, MacHound adds three new edges to the Bloodhound database:
From securityonline.info
Karton is a robust framework for creating flexible and lightweight malware analysis backends. It can be used to connect malware* analysis systems into a robust pipeline with very little effort.
We’ve been in the automation business for a long time. We’re dealing with more and more threats, and we have to automate everything to keep up with incidents. Because of this, we often end up with many scripts stuck together with duck duct tape and WD-40. These scripts are written by analysts in the heat of the moment, fragile and ugly – but they work, and produce intel that must be stored, processed further, sent to other systems, or shared with other organisations.