Apple addresses three zero-day flaws actively exploited in the wild
Apple has addressed three zero-day vulnerabilities in macOS and tvOS actively exploited in the wild by threat actors. Apple has...
Month: May 2021
Audio equipment maker Bose Corporation discloses a ransomware attack
The audio equipment manufacturer Bose Corporation said it was the victim of a ransomware attack that took place earlier this...
US banks are giving facial recognition a go; EU tightens regulations, FTC updates AI guidelines
US banks are giving the green light to the adoption of facial recognition technology, while authorities provide regulations and updates...
French intel found flaws in Bluetooth Core and Mesh specs
Attackers could exploit a set of Bluetooth vulnerabilities, affecting the Core and Mesh Profile specifications, to conduct man-in-the-middle (MitM) attacks. Researchers at...
Zeppelin ransomware gang is back after a temporary pause
Operators behind the Zeppelin ransomware-as-a-service (RaaS) have resumed their operations after a temporary interruption. Researchers from BleepingComputer reported that operators...
CVE-2021-22117
Summary: RabbitMQ installers on Windows prior to version 3.8.16 do not harden plugin directory permissions, potentially allowing attackers with sufficient...
CVE-2021-20385
Summary: IBM Security Guardium 11.2 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending...
CVE-2020-10364
Summary: The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of...
CVE-2021-30145
Summary: A format string vulnerability in mpv through 0.33.0 allows user-assisted remote attackers to achieve code execution via a crafted...
CVE-2021-26311
Summary: In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by...
CVE-2021-26311
Summary: In the AMD SEV/SEV-ES feature, memory can be rearranged in the guest address space that is not detected by...
VPN Android apps: What you should know
Months ago, we told readers about the importance of using a VPN on their iPhones, and while those lessons do...
Zeppelin Ransomware have Resumed their Operations After a Temporary Pause
According to BleepingComputer, the operators behind the Zeppelin ransomware-as-a-service (RaaS), aka Buran, have resumed operations following a brief outage. Zeppelin's...
Darkside Ransomware Gang Received Nearly $5 Million as the Extortion Amount from the Victims of Colonial Pipeline Attack
Security experts at London-based blockchain analytics firm Elliptic discovered the bitcoin wallet used by the ransomware group responsible for the...
Pipeline Shutdown Shows Need for Tougher Cybersecurity Laws
The six-day shutdown of a key 5,550-mile fuel pipeline earlier this month as a result of a malware attack proved...
Smart Plugs Used by Cyber Criminals to Break into Victims Property
Inexpensive intelligent connectors are a big threat to cybersecurity and can effectively be used by cybercriminals to hack anyone’s device...
DeFi100, a Crypto Project, Allegedly Scammed Investors of $32 Million
According to reports and tweets, DeFi100, a cryptocurrency project, allegedly defrauded investors out of $32 million (roughly Rs. 233 crores)....
Evolution of JSWorm ransomware
Introduction Over the past few years, the ransomware threat landscape has been gradually changing. We have been witness to a...
CiLocks – Android LockScreen Bypass
CiLocks - Android LockScreen BypassFeaturesBrute Pin 4 Digit Brute Pin 6 Digit Brute LockScreen Using Wordlist Bypass LockScreen {Antiguard} Not...
MurMurHash – Tool To Calculate A MurmurHash Value Of A Favicon To Hunt Phishing Websites On The Shodan Platform
This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.What...
13 flaws in Nagios IT Monitoring Software pose serious risk to orgs
Researchers disclosed details about 13 vulnerabilities in the Nagios network monitoring application that could be exploited for malicious purposes. Cybersecurity...
Anker fixed an issue that caused access to Eufy video camera feeds to random users
A misconfiguration issue in the software used by the Eufy video camera exposed private information and video streams of customers....
CVE-2021-31215
Summary: SchedMD Slurm before 20.02.7 and 20.03.x through 20.11.x before 20.11.7 allows remote code execution as SlurmUser because use of...
CVE-2021-24188
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WP Content Copy Protection & No Right Click...
