Bitcoin scammers phish for wallet recovery codes on Twitter
We’re no strangers to the Twitter customer support DM slide scam. This is where someone watches an organisation perform customer...
Month: April 2021
Watch out! Android Flubot spyware is spreading fast
Using a proven method of text messages about missed deliveries, an old player on the Android malware stage has returned...
Covid-19 has led to Increase in Cyberattacks Against Banks and Insurers
According to recent studies, the coronavirus pandemic and working from home (WFH) provisions are triggering a "huge" increase in attacks...
NTLM Relay Attack Exploits Windows RPC Flaws
Security researchers at SentinelLabs revealed the details of a newly identified NTLM (New Technology LAN Manager) relay attack that exploits...
Apple will pay $100 million to Russian hackers for leaking data on new products
Apple's database was hacked due to cybersecurity deficiencies of the Taiwanese equipment manufacturer. The stolen information is estimated at $50...
Leaked Apple Schematics & Extortion Threats Removed From Dark Web
According to MacRumors, the ransomware group that stole schematics from Apple supplier Quanta Computer last week and threatened to release...
5.6 Million Customer Records Leaked as Music Marketplace Giant Reverb Suffers Data Breach
The sensitive information of some leading artists has been compromised in data breaches witnessed by the world's biggest online music...
PwnLnX – An Advanced Multi-Threaded, Multi-Client Python Reverse Shell For Hacking Linux Systems
An advanced multi-threaded, multi-client python reverse shell for hacking linux systems. There's still more work to do so feel free...
Invoke-Stealth – Simple And Powerful PowerShell Script Obfuscator
Invoke-Stealth is a Simple & Powerful PowerShell Script Obfuscator. This tool helps you to automate the obfuscation process of any...
Google addresses a high severity flaw in V8 engine in Chrome
Google released updates for Chrome 90 that address a new serious issue, tracked as CVE-2021-21227, in the V8 JavaScript engine...
UK rail network Merseyrail hit by ransomware gang
UK rail network Merseyrail was hit by a cyberattack, ransomware operators breached the corporate email system to disclose the attack...
Cloud misconfiguration, a major risk for cloud security
Misconfigured cloud-based databases continue to cause data breaches, millions of database servers are currently exposed across cloud providers. Fugue’s new State...
FBI shares with HIBP 4 million email addresses involved in Emotet attacks
The FBI has shared with Have I Been Pwned service 4 million email addresses collected by Emotet botnet and employed...
CVE-2021-3506
Summary: An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in...
CVE-2020-23921
Summary: An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read. Reference Links(if available):...
CVE-2021-21207
Summary: Use after free in IndexedDB in Google Chrome prior to 90.0.4430.72 allowed an attacker who convinced a user to...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-27077
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26863, CVE-2021-26875, CVE-2021-26900. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27077...
CVE-2021-21204
Summary: Use after free in Blink in Google Chrome on OS X prior to 90.0.4430.72 allowed a remote attacker to...
Descomplica – 4,845,378 breached accounts
In March 2021, the Brazilian EdTech company Descomplica suffered a data breach which was subsequently posted to a popular hacking...
Jefit – 9,052,457 breached accounts
In August 2020, the workout tracking app Jefit suffered a data breach. The data was subsequently sold within the hacking...
Ransomware group threatens to leak information about police informants
One day after a ransomware group shared hacked data that allegedly belonged to the Washington, D.C. Police Department online, the...
International Law Enforcement Takes Down Emotet Malware in a Joint Operation
Emotet, one of the most dangerous email spam botnets in recent history, is being wiped out today from all infected...
Millions of the Pentagon’s Dormant IP Addresses Sprang to Life, Just Minutes Before Trump Left Office
While the world was focused on President Donald Trump's departure on Jan. 20, an obscure Florida corporation quietly revealed a...
