Sorry, Joe Biden isn’t offering you a work visa, it’s a scam
A US diplomatic mission in Nigeria warns of a visa scam affecting Nigerian citizens looking to move to the United...
Month: April 2021
NCSC Warns of Exploited VPN Servers: Here are the Safety Tips to Fix Your VPN
The UK’s Nationwide Cyber Safety Centre (NCSC) has published a new advisory warning that cybercriminals as well as Advanced Persistent...
500,000 Huawei Devices hit by the Joker Malware
Security researchers have discovered that over 500,000 Huawei smartphone users who inadvertently subscribe to premium mobile services have downloaded apps...
New Malware Downloader Spotted in Targeted Campaigns
In recent weeks, a relatively sophisticated new malware downloader has emerged that, while not widely distributed yet, appears to be...
APKPure Compromised to Deliver Malware
APKPure, one of the biggest alternative application stores outside of the Google Play Store, was tainted with malware this week,...
Zero-day vulnerability in Desktop Window Manager (CVE-2021-28310) used in the wild
While analyzing the CVE-2021-1732 exploit originally discovered by the DBAPPSecurity Threat Intelligence Center and used by the BITTER APT group,...
Traitor – Automatic Linux Privesc Via Exploitation Of Low-Hanging Fruit E.G. GTFOBin
Automatically exploit low-hanging fruit to pop a root shell. Linux privilege escalation made easy! Traitor packages up a bunch of...
Ronin – A Ruby Platform For Vulnerability Research And Exploit Development
Ronin is a Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of...
Experts released PoC exploit code for a critical RCE in QNAP NAS devices
The exploit code for a remote code execution vulnerability affecting QNAP network-attached storage (NAS) devices that run the Surveillance Station...
Millions of devices impacted by NAME:WRECK flaws
Security experts disclosed nine flaws, collectively tracked as NAME:WRECK, affecting implementations of the DNS protocol in popular TCP/IP network communication...
Expert publicly released Chromium-based browsers exploit demonstrated at Pwn2Own 2021
An Indian security researcher has published a proof-of-concept (PoC) exploit code for a vulnerability impacting Google Chrome and other Chromium-based...
Expired certificate caused a Pulse Secure VPN global scale outage
Pulse Secure VPN users were not able to login due to the expiration of a code signing certificate used to...
Two former NSA Officials appointed by Joe Biden for prominent cyber roles
President Joe Biden has appointed two former senior NSA officials for two prominent cyber roles in his administration. President Joe...
CVE-2021-27380
Summary: A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions <...
CVE-2020-36313
Summary: An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after...
CVE-2017-7429
Summary: The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload...
CVE-2018-7686
Summary: Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. Reference Links(if available): https://www.netiq.com/documentation/edirectory-91/edirectory9111_releasenotes/data/edirectory9111_releasenotes.html CVSS...
CVE-2020-24136
Summary: Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an...
How ransomware gangs are connected, sharing resources and tactics
Many of us who read the news daily encounter a regular drum beat of ransomware stories that are both worrying...
How bitcoin payments unmasked a man who hired a Dark Web contract killer
An Italian citizen’s apparent attempt to hire a hitman on the Dark Web has been undone by clever analysis of...
Google Tricked Millions of Chrome Users in the Name of ‘Privacy’
Google revealed last month that it is rolling out the Federated Learning of Cohorts (FLoC) program, an important part of...
Iran Natanz Nuclear Facility Struck by a Blackout Labelled as an Act of “Nuclear Terrorism”
On Sunday 11th of April, just hours after newly developed centrifuges, which could enrich uranium faster were launched in Iran,...
Dwn – D(Ockerp)Wn – A Docker Pwn Tool Manager
dwn is a "docker-compose for hackers". Using a simple YAML "plan" format similar to docker-compose, image names, versions and volume...
SYNwall – A Zero-Configuration (IoT) Firewall
Zero config (IoT) firewall. SYNwall is a project built (for the time being) as a Linux Kernel Module, to implement...
