JetBrains – A possible Doorway to Massive Hacking Plot?
JetBrains a software company based in the Czech Republic could possibly be used as a doorway by Russian hackers to...
Month: January 2021
Singapore Witnessed a Sudden Surge in the Bank-Related Phishing Scam
Phishing emails are scams where the actors try to befool the user by sending emails that may concern the user....
Parler on the Verge of Permanent Expulsion
Launched in 2018, Parler has become a place of refuge for individuals that have been prohibited or suspended by popular...
Sunburst backdoor – code overlaps with Kazuar
Introduction On December 13, 2020, FireEye published a blog post detailing a supply chain attack leveraging Orion IT, an infrastructure...
pongoOS – A Pre-Boot Execution Environment For Apple Boards
A pre-boot execution environment for Apple boards built on top of checkra1n.Building on macOSInstall Xcode + command-line utilities make clean...
Wprecon – A Vulnerability Recognition Tool In CMS WordPress, 100% Developed In Go
Hello! Welcome. Wprecon (Wordpress Recon), is a vulnerability recognition tool in CMS Wordpress, 100% developed in Go.Notice:Why is the project...
Russian hacker Andrei Tyurin sentenced to 12 years in prison
A U.S. court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in...
Experts found gained access to the Git Repositories of the United Nations
Researchers obtained gained access to the Git Repositories belonging to the United Nations, exposing staff records and credentials. The research...
Source code for malware that targets Qiui Cellmate device was leaked online
The source code for the ChastityLock ransomware that was used in attacks aimed at the users of the Qiui Cellmate...
It is time to re-evaluate Cyber-defence solutions
Security expert Stefan Umit Uygur, CEO and Co-Founder at 4Securitas Ltd, provided his vision about the Cyber-defence solutions on the...
CVE-2020-16023
Summary: Use after free in WebCodecs in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap...
CVE-2020-17519
Summary: A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read...
CVE-2018-25002
Summary: uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not...
CVE-2020-16026
Summary: Use after free in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap...
CVE-2020-16028
Summary: Heap buffer overflow in WebRTC in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap...
Meet Oski Stealer: In-depth Analysis Of the Popular Credential Stealer
In the current scenario credential theft malware is one of the most frequently employed malware in cyber hacking. Many government...
Password Guessing Used as a Weapon by SolarWinds Hackers to Breach Targets
Cybersecurity and Infrastructure Security Agency (CISA) informed that perpetrators of SolarWinds attack obtained confidential information via common hacker techniques like...
The RBI Warns Patrons of Unauthorized Money Lending Apps
Reserve Bank of India has forewarned Indians against unauthorized money lending apps that are increasingly rising day by day, consequently...
Critical Bugs in Firefox and Chrome Allow Exploitation
On Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) asked clients of Mozilla Foundation's Firefox browser and Windows, macOS, and...
MUD-Visualizer – A Tool To Visualize MUD Files
This tool can be used to visualize the MUD files in JSON format. MotivationMUD files are plain text files in...
Pidrila – Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer
PIDRILA: Python Interactive Deepweb-oriented Rapid Intelligent Link Analyzer is really fast async web path scanner prototype developed by BrightSearch team...
New Zealand central bank hit by a cyber attack
A cyber attack hit the New Zealand central bank, sensitive information has been potentially accessed by the intruders The New...
Security Affairs newsletter Round 296
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
TeamTNT botnet now steals Docker API and AWS credentials
Researchers from Trend Micro discovered that the TeamTNT botnet is now able to steal Docker API logins along with AWS...
