FBI published a flash alert on Mamba Ransomware attacks
The Federal Bureau of Investigation (FBI) issued an alert to warn that the Mamba ransomware is abusing the DiskCryptor open...
Month: March 2021
OpenSSL Project released 1.1.1k version to fix two High-severity flaws
The OpenSSL Project addresses two high-severity vulnerabilities, including one related to verifying a certificate chain and one that can trigger...
62,000 Microsoft Exchange Servers potentially left unpatched, weeks after software bugs were first uncovered
The CyberNews investigation team found 62,174 potentially vulnerable unpatched Microsoft Exchange Servers. A number of entities in the US and...
Facebook took action against China-linked APT targeting Uyghur activists
Facebook has closed accounts used by a China-linked APT to distribute malware to spy on Uyghurs activists, journalists, and dissidents living...
CVE-2021-27212
Summary: In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function...
CVE-2021-29069
Summary: Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before...
CVE-2020-10648
Summary: Das U-Boot through 2020.01 allows attackers to bypass verified boot restrictions and subsequently boot arbitrary images by providing a...
CVE-2020-27874
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is...
Perkiler malware turns to SMB brute force to spread
Researchers at Guardicore have identified a new infection vector being used by the Perkiler malware where internet-facing Windows machines are...
Slack hurries to fix direct message flaw that allowed harassment
The enormous work messaging platform Slack quickly reversed course yesterday, promising to revise a brand-new direct message feature that could...
Anonymous Hackers reportedly exposed the anti-Russian activities of the British Council
The Anonymous hacker group published an analysis of documents belonging to various British government agencies, including the Foreign Office, according...
Personal Details of 6.5 Million Israeli Voters Leaked Online
A database with the names and ID numbers of all the eligible voters in Israel was leaked online by anonymous...
New Worm Capabilities Targets Windows Machines
A malware that has verifiably targeted exposed Windows machines through phishing and exploit kits have been retooled to add new...
Data From These Two Universities Stolen and Published Online by Clop Ransomware Group
The Clop ransomware group has officially published online the grades and social security numbers for students at the University of...
Threat landscape for industrial automation systems. Statistics for H2 2020
Figures Indicator H1 2020 H2 2020 2020 Global percentage of attacked ICS computers 32.6% 33.42% 38.55% Percentage of attacked ICS...
Smogcloud – Find Cloud Assets That No One Wants Exposed
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to...
Gitrecon – OSINT Tool To Get Information From A Github Profile And Find GitHub User’S Email Addresses Leaked On Commits
OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits.How does this...
Attack vs. Data: What You Need to Know About Threat Hunting
Mitigate threats by going on the offensiveWhile the definition of threat hunting may be straightforward—proactively hunting for threats—the reality of...
The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web
Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web....
30 million Americans affected by the Astoria Company data breach
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data...
Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue
Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and...
CVE-2021-27587
Summary: When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise...
CVE-2021-27586
Summary: When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual...
CVE-2021-28089
Summary: Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target,...
