CVE-2021-25146
Summary: A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s):...
Month: April 2021
CVE-2021-25150
Summary: A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s):...
CVE-2020-28695
Summary: Askey Fiber Router RTF3505VW-N1 BR_SV_g000_R3505VWN1001_s32_7 devices allow Remote Code Execution and retrieval of admin credentials to log into the...
Video game cheat mod malware demonstrates risks of unlicensed software
Activision reported finding postings on hacking forums on YouTube by a threat actor promoting a Remote Access Trojan that can...
Android “System Update” malware steals photos, videos, GPS location
A newly discovered piece of Android malware shares the same capabilities found within many modern stalkerware-type apps—it can swipe images...
Relax. Internet password books are OK
Passwords are a hot topic on social media at the moment, due to the re-emergence of a discussion about good...
WordPress Websites Infected with Malware Via Fake jQuery Files
Cybersecurity experts discovered fake variants of the jQuery Migrate plugin inserted in various sites that had unclear codes to launch...
Medical Professionals of U.S. and Israel Targeted in a ‘BadBlood’ Phishing Campaign
Email security firm, Proofpoint has exposed a hacking group linked with the Iranian government targeting nearly two-dozen medical researchers in...
Cyberextortion Threat Evolves as Clop Ransomware Attacked 6 U.S Universities Data Security
Malicious actors are now using novel ways to extract universities' data, and are threatening to share stolen data on dark...
Shell’s Employees’ Visas Dumped Online as part of Extortion Attempt
Royal Dutch Shell became the latest corporation to witness an attack by the Clop ransomware group. The compromised servers were...
US Based, Ubiquiti Inc. covers up a Catastrophic Data Breach, Claims a Whistle-blower
Ubiquiti Inc., a major provider of cloud-enabled Internet of Things (IoT) equipment such as routers, network video recorders, and surveillance...
SharpDPAPI – A C# Port Of Some Mimikatz DPAPI Functionality
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt – A C# Project That Performs A Number Of Security Oriented Host-Survey “Safety Checks” Relevant From Both Offensive And Defensive Security Perspectives
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
DeepDotWeb admin pleads guilty to money laundering conspiracy
One of the administrators for the DeepDotWeb dark web portal pleads guilty to receiving kickbacks from the operators of the...
VMware fixed flaws in vROps that can be chained to compromise organizations
VMware addressed two vulnerabilities in its vRealize Operations (vROps) product that can expose organizations to a significant risk of attacks...
Akamai dealt with an 800Gbps ransom DDoS against a gambling company
Akamai has recently involved in the mitigation of two of the largest known ransom DDoS attacks, one of them peaked...
Ubiquiti security breach may be a catastrophe
The data breach disclosed by Ubiquiti in January could be just the tip of the iceberg, a deeper incident could...
US CISA warns of DoS flaws in Citrix Hypervisor
Citrix addressed vulnerabilities in Hypervisor that could be exploited by threat actors to execute code in a virtual machine to...
North Korea-linked hackers target security experts again
Researchers from Google’s Threat Analysis Group (TAG) reported that North Korea-linked hackers are targeting security researchers via social media. The...
CVE-2020-19641
Summary: An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with...
CVE-2021-28669
Summary: Xerox AltaLink B80xx before 103.008.020.23120, C8030/C8035 before 103.001.020.23120, C8045/C8055 before 103.002.020.23120 and C8070 before 103.003.020.23120 provide the ability to...
CVE-2021-21727
Summary: A ZTE product has a DoS vulnerability. A remote attacker can amplify traffic by sending carefully constructed IPv6 packets...
CVE-2021-25349
Summary: Using unsafe PendingIntent in Slow Motion Editor prior to version 3.5.18.5 allows local attackers unauthorized action without permission via...
CVE-2021-25353
Summary: Using empty PendingIntent in Galaxy Themes prior to version 5.2.00.1215 allows local attackers to read/write private file directories of...
