“I have full control of your device”: Sextortion scam rears its ugly head in time for 2021
Malwarebytes recently received a report about a fresh spate of Bitcoin sextortion scam campaigns doing the rounds. Bitcoin sextortion scams...
Month: January 2021
Funke Media Group suffers nationwide ransomware attack in Germany
On December 22, Germany’s third largest publisher fell victim to a cyberattack that affected systems in offices all around the...
Security Expert listed the largest data leaks of Russian residents in 2020
Founder of DLBI data leak intelligence service Ashot Hovhannisyan spoke about the most large-scale database leaks in the Russian Federation...
Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers
Recently, Marijuana Business Daily has disclosed a data breach at Aurora Cannabis. The security incident compromised the credential information...
Researcher Exposes Telegram’s Location Bug, Company Say It’s a Feature
An expert who observed that messaging platform Telegram's "People Nearby" feature revealed risk of accurate user location, is now informed...
Cisco Talos Researchers Discovered Multiple Susceptibilities in SoftMaker Office TextMaker
Cisco Talos researchers exposed multiple vulnerabilities in SoftMaker Office TextMaker that can be exploited by cyber attackers. These vulnerabilities in...
NSA Issues Guidelines for Eliminating Obsolete TLS Protocols
The National Security Agency is a US-based agency on which America highly relies on to collect and process foreign signals,...
UhOh365 – A Script That Can See If An Email Address Is Valid In Office365 (User/Email Enumeration)
A script that can see if an email address is valid in Office365. This does not perform any login attempts,...
Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is...
How COVID-19 Reinforced the Need for Mobile Device Management
How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable...
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack
An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack....
US Govt kicked off ‘Hack the Army 3.0’ bug bounty program
The U.S. government is going to launch the ‘Hack the Army 3.0’ bug bounty program in collaboration with the HackerOne...
SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes
The US DoJ revealed that threat actors behind the SolarWinds attack have gained access to roughly 3% of the department’s...
WhatsApp will share your data with Facebook and its companies
WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving...
Google fixed a critical Remote Code Execution flaw in Android
Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google...
CVE-2016-20003
Summary: The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's...
CVE-2019-25012
Summary: The Webform Report project 7.x-1.x-dev for Drupal allows remote attackers to view submissions by visiting the /rss.xml page. NOTE:...
CVE-2020-35894
Summary: An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur. Reference Links(if available):...
CVE-2020-35889
Summary: An issue was discovered in the crayon crate through 2020-08-31 for Rust. A TOCTOU issue has a resultant memory...
CVE-2020-35882
Summary: An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references...
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
This post was authored by Hossein Jazi On December 7 2020 we identified a malicious document uploaded to Virus Total...
Adobe Flash Player reaches end-of-life
“What now? My farm is no longer working. Can you have a look, honey?” Like millions of other people my...
US Intelligence Task Force Accuses Russia Of Cyber Attack
Previously, US President Donald Trump had accused China of malicious security incidents; security experts and officials have suspected China...
Juspay, the Payment Platform of Leading Online Merchants Amazon and Swiggy Suffers Data Breach
Juspay, the payment processor of prime online merchants like Amazon and Swiggy was hit by a massive data breach and...
