Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator
Microsoft released as open-source the ‘CyberBattleSim Python-based toolkit which is an Enterprise Environment Simulator. Microsoft has recently announced the open-source...
Month: April 2021
LinkedIn confirmed that it was not a victim of a data breach
LinkedIn has formally denied that the recently disclosed data leak was caused by a security breach, data were obtained via...
Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities
Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to...
CVE-2015-8698
Summary: CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before...
CVE-2021-30147
Summary: DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php. Reference Links(if...
CVE-2019-1910
Summary: A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software...
CVE-2020-6309
Summary: SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11),...
CVE-2016-9795
Summary: The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE...
Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we...
Yanbian Gang Malware Continues With Large-Scale Distribution and C2
Fake banking apps laced with malware remain a crucial factor in the success of threat actors. For the Yanbian gang,...
Belden Says Health-Related Information Leaked in Cyberattack
Belden has uncovered that extra information was accessed and copied during their November 2020 cyberattack related to employees' medical care...
Cybercriminals Used Facebook Ads to Lure Users into Installing the Fake Clubhouse App
Audio-only app Clubhouse gained huge success over the last few months and now attackers are misusing the reputation and fame...
Bitcoin Touches the Peak at $60,000 – Everything you Need to Know!
On Saturday 13 March, Bitcoin, the world's largest cryptocurrency, had gone up again, touching an all-time milestone. As per Coin...
New REvil Ransomware Version Automatically Logs Windows into Safe Mode
The REvil Ransomware is unstoppable when it comes to ingenious hacking tactics and techniques. The well-known ransomware has escalated its...
Cpufetch – Simplistic Yet Fancy CPU Architecture Fetching Tool
Simplistic yet fancy CPU architecture fetching tool1. Supportcpufetch currently supports x86_64 CPUs (both Intel and AMD) and ARM. Platform x86_64...
AzureC2Relay – An Azure Function That Validates And Relays Cobalt Strike Beacon Traffic By Verifying The Incoming Requests Based On A Cobalt Strike Malleable C2 Profile
AzureC2Relay is an Azure Function that validates and relays Cobalt Strike beacon traffic by verifying the incoming requests based on...
Is the recent accident at Iran Natanz nuclear plant a cyber attack?
On Sunday, an “accident” occurred in the electricity distribution network at Iran’s Natanz nuclear facility, experts speculate it was caused...
Personal data of 1.3 million Clubhouse users leaked online
An SQL database containing the personal data of 1.3 million Clubhouse users was leaked online for free, a few days...
Security Affairs newsletter Round 309
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Joker malware infected 538,000 Huawei Android devices
More than 500,000 Huawei users have been infected with the Joker malware after downloading apps from the company’s official Android...
Hackers compromised APKPure client to distribute infected Apps
APKPure, one of the largest alternative app stores, was the victim of a supply chain attack, threat actors compromised client...
CVE-2021-21772
Summary: A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP() functionality of 3MF Consortium lib3mf 2.0.0. A specially crafted 3MF file can...
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
