MSBuild tool used to deliver RATs filelessly
Hackers abuses Microsoft Build Engine (MSBuild) to filelessly deliver malware on targeted Windows systems, including RAT and password-stealer. Researchers from...
Month: May 2021
Security Affairs newsletter Round 314
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Pakistan-linked Transparent Tribe APT expands its arsenal
Alleged Pakistan-Linked cyber espionage group, tracked as Transparent Tribe, targets Indian entities with a new Windows malware. Researchers from Cisco...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
CVE-2021-1079
Summary: NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created...
Beware of eCh0raix Ransomware Attacks, QNAP Warns Customers
QNAP warned its users of an actively exploited Roon Server zero-day vulnerability and eCh0raix ransomware attacks that are targeting its...
Washington DC Police Hit by the Worst Ransomware Ever
In the U.S. capital, the police department experienced a major information leak after declining to satisfy the extortion demands of...
Flipkart Users to Reset Passwords to Avoid Fraud: Cyber Expert
A data breach occurred recently at the e-commerce sites Flipkart and BigBasket. According to reports, BigBasket's latest data breach revealed...
Toshiba Unit Hacked by DarkSide
The DarkSide criminal gang, which was also responsible for the assault on Colonial Pipeline, which triggered widespread gas shortages and...
CIMplant – C# Port Of WMImplant Which Uses Either CIM Or WMI To Query Remote Systems
C# port of WMImplant which uses either CIM or WMI to query remote systems. It can use provided credentials or...
Httpx – A Fast And Multi-Purpose HTTP Toolkit Allows To Run Multiple Probers Using Retryablehttp Library, It Is Designed To Maintain The Result Reliability With Increased Threads
httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers using retryablehttp library, it is designed to...
European police dismantle major online investment fraud ring that causes €30 Million in losses
A joint operation of European law enforcement agencies and coordinated by Europol dismantled a criminal ring involved in investment fraud....
Major hacking forums XSS and Exploit ban ads from ransomware gangs
XSS forum (previously known as DaMaGeLab) one of the most popular hacking forums, announced that it would ban the ads...
QNAP warns of eCh0raix ransomware and Roon Server zero-day attacks
QNAP warns of an actively exploited Roon Server zero-day flaw and eCh0raix ransomware attacks on its NAS devices. QNAP warns...
Scheme flooding fingerprint technique may deanonymize Tor users
FingerprintJS experts devised a fingerprinting technique, named scheme flooding, that could allow identifying users across different desktop browsers, including the...
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds...
CVE-2021-21231
Summary: Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
