UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the...
Month: April 2021
Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization
UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a...
Microsoft warns of BadAlloc flaws in OT, IoT devices
Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers...
Command injection flaw in PHP Composer allowed supply-chain attacks
A vulnerability in the PHP Composer could have allowed an attacker to execute arbitrary commands and backdoor every PHP package....
An alleged ransomware attack hit the Italian Banca di Credito Cooperativo causing chaos
Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks was hit by a ransomware attack. Banca di...
ParkMobile – 20,949,825 breached accounts
In March 2021, the mobile parking app service ParkMobile suffered a data breach which exposed 21 million customers' personal data....
Signal app insists it’s so private it can’t provide subpoenaed call data
Signal—the private, end-to-end encrypted messaging app that surged in popularity in recent months—once again reminded criminal investigators that it could...
What is Smishing? The 101 guide
Smishing is a valuable tool in the scammer’s armoury. You’ve likely run into it, even if you didn’t know that...
City fined for tracking its citizens via their phones
The Dutch information watchdog—the Autoriteit Persoonsgegevens (AP)—has fined the city of Enschede for € 600,000 for tracking its citizens’ movements...
Security Researchers Raise Concerns Over Security Flaws in Machine Learning
In today’s age, it is impossible to implement effective cybersecurity technology without depending on innovative technologies like machine learning and...
RedLine Stealer: Masquerades as Telegram Installer
The .Net-based malware has recently been disguised as an installer of the popular secure messaging app, Telegram. Stealers are pieces of...
Cloud Misconfiguration is Still the Leading Source of Cloud Data Violations
Almost everybody by now is workings from home and 84 percent are worried that new security vulnerabilities have been generated...
MeterPwrShell – Automated Tool That Generate The Perfect Powershell Payload
Automated Tool That Generate A Powershell Oneliner That Can Create Meterpreter Shell On Metasploit,Bypass AMSI,Bypass Firewall,Bypass UAC,And Bypass Any AVs....
M365_Groups_Enum – Enumerate Microsoft 365 Groups In A Tenant With Their Metadata
The all_groups.py script allows to enumerate all Microsoft 365 Groups in a Azure AD tenant with their metadata: name visibility:...
An issue in the Linux Kernel could allow the hack of your system
An information disclosure issue in Linux Kernel allows KASLR bypass could be potentially exploited in attacks in the wild. An...
Purple Lambert, a new malware of CIA-linked Lambert APT group
Cybersecurity firm Kaspersky discovered a new strain of malware that is believed to be part of the arsenal of theUS...
RotaJakiro Linux backdoor has flown under the radar since 2018
Experts recently uncovered a Linux backdoor, dubbed RotaJakiro, that has flown under the radar for many years while harvest and...
Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs
China-linked APT Naikon employed a new backdoor in multiple cyber-espionage operations targeting military organizations from Southeast Asia in the last 2 years....
CVE-2021-21225
Summary: Out of bounds memory access in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to potentially...
CVE-2021-28648
Summary: Trend Micro Antivirus for Mac 2020 v10.5 and 2021 v11 (Consumer) is vulnerable to an improper access control privilege...
CVE-2021-29653
Summary: HashiCorp Vault and Vault Enterprise 1.5.1 and newer, under certain circumstances, may exclude revoked but unexpired certificates from the...
CVE-2021-31523
Summary: The Debian xscreensaver 5.42+dfsg1-1 package for XScreenSaver has cap_net_raw enabled for the /usr/libexec/xscreensaver/sonar file, which allows local users to...
CVE-2017-11323
Summary: Stack-based buffer overflow in ESTsoft ALZip 8.51 and earlier allows remote attackers to execute arbitrary code via a crafted...
DoJ building the guardrails for Microsoft Exchange-type malware takedowns
Assistant Attorney General for National Security John Demers, speaks during a virtual news conference at the Department of Justice on...
