CVE-2020-27150
Summary: In multiple versions of NPort IA5000A Series, the result of exporting a device’s configuration contains the passwords of all...
Month: May 2021
CVE-2020-28648
Summary: Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote...
CVE-2021-24195
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the Login as User or Customer (User Switching) WordPress...
A week in security (May 17 – May 23)
Last week on Malwarebytes Labs, we looked at a banking trojan full of nasty tricks, explained some tips and pointers...
Shining a light on dark patterns with Carey Parker: Lock and Code S02E09
This week on Lock and Code, we speak to cybersecurity advocate and author Carey Parker about “dark patterns,” which are...
Exploit to SYSTEM for CVE-2021-21551
SpoolPrinter Privesc using SeImpersonatePrivileges was made thanks to @_ForrestOrr https://github.com/forrest-orr/DoubleStar/tree/main/Payloads/Source/Stage3_SpoolPotato I basically just tossed the exploit function in his code and altered...
Ireland suspected Russian hackers of attacking the health service
The National Cyber Security Centre of Ireland (NCSC) believes that the attack on the country's Health Service Executive (HSE) was...
FBI Analyst Charged for Stealing National Security Documents
An FBI employee with a top-secret security clearance has been indicted on charges that she illegally stored several national security...
Domino’s Data Leak Exposed Data of 18 Crore Orders
The famous Pizza company Dominos suffered a data leak again this year wherein the details of 18 crore orders are...
A Chinese Hacking Competition May Have Given Beijing New Ways to Spy on the Uyghurs
In 2019, Apple aimed to reassure its customers when it revealed in a blog post that it had fixed a...
Irish Health System and 16 U.S. Health and Emergency Networks Hit by Conti Ransomware Gang
According to the Federal Bureau of Investigation, the same group of online extortionists responsible for last week's attack on the...
Using AWS + Socat Port Forwarder
This script is designed for using AWS and SOCAT as a forwarder to another IP or Server, for Red Team...
AMSITrigger – The Hunt For Malicious Strings
Hunting for Malicious StringsUsage:AMSI calls (xmas tree mode) -d, --debug Show Debug Info -m, --maxsiglength=VALUE Maximum signature Length to cater...
SQLFluff – A SQL Linter And Auto-Formatter For Humans
SQLFluff is a dialect-flexible and configurable SQL linter. Designed with ELT applications in mind, SQLFluff also works with jinja templating...
CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers
The wormable CVE-2021-31166 vulnerability in the HTTP Protocol Stack of the Windows IIS server also affects WinRM on Windows 10...
Security Affairs newsletter Round 315
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
A malware attack hit the Alaska Health Department
The Alaska health department website was forced offline by a malware attack, officials are investigating the incident. The website of...
Qlocker ransomware leverages HBS flaw to infect QNAP NAS devices
QNAP warns customers of updating the HBS 3 disaster recovery app to prevent Qlocker ransomware attack. Taiwanese vendor QNAP is...
CVE-2021-24190
Summary: Low privileged users can use the AJAX action 'cp_plugins_do_button_job_later_callback' in the WooCommerce Conditional Marketing Mailer WordPress plugin before 1.5.2,...
CVE-2021-32918
Summary: An issue was discovered in Prosody before 0.11.9. Default settings are susceptible to remote unauthenticated denial-of-service (DoS) attacks via...
CVE-2021-32919
Summary: An issue was discovered in Prosody before 0.11.9. The undocumented dialback_without_dialback option in mod_dialback enables an experimental feature for...
CVE-2021-32920
Summary: Prosody before 0.11.9 allows Uncontrolled CPU Consumption via a flood of SSL/TLS renegotiation requests. Reference Links(if available): https://blog.prosody.im/prosody-0.11.9-released/ http://www.openwall.com/lists/oss-security/2021/05/13/1...
Moneycontrol – 762,874 breached accounts
In April 2021, hackers posted data for sale originating from the online Indian financial platform, Moneycontrol. The data included 763...
Japanese E-Commerce Platform Mercari Suffers Major Data Breach
Mercari, an e-commerce platform, has disclosed a major data breach that occurred as a result of the Codecov supply-chain attack....
