M1RACLES Bug Impacts Apple M1 Chips
A security researcher identified the first-ever vulnerability in Apple M1 chips that requires a silicon redesign to fix. The good...
Month: May 2021
Research Reveals More Than 2000 Chrome Extensions Disabled Security Headers
Tens of thousands of Google Chrome extensions accessible from the official Chrome Online Store manipulate security headers on major websites,...
Dystopia – Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Low to medium Ubuntu Core honeypot coded in Python.FeaturesOptional Login Prompt Logs commands used and IP addresses Customize MOTD, Port,...
FireStorePwn – Firestore Database Vulnerability Scanner Using APKs
fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication....
NASA identified 1,785 cyber incidents in 2020
NASA identified more than 6,000 cyber-related incidents in the last four years, according to a report published by its Office...
Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool
Threat actors have compromised offices of multiple Japanese agencies via Fujitsu ‘s ProjectWEB information sharing tool. Threat actors have breached...
M1RACLES, the unpatchable bug that impacts new Apple M1 chips
A security expert has discovered a vulnerability in Apple M1 chips, dubbed M1RACLES, that cannot be fixed. Software engineer Hector...
Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT
Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported...
French police seized dark web marketplace Le Monde Parallèle
Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police...
CVE-2021-3480
Summary: A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the...
CVE-2021-33477
Summary: rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of...
CVE-2021-31439
Summary: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not...
CVE-2021-31473
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is...
CVE-2021-32633
Summary: Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted...
Malware used zero-day exploit to take screenshots of victims’ Macs
An Apple Store in Hong Kong. (ChIfcapsho, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons)Apple patched a vulnerability that was actively...
What is encryption? And why it matters in a VPN
Encryption is a term used to describe the methods that hide the true meaning of messages using code, especially to...
How to delete your Twitter account: the deactivation process
You may decide to delete your Twitter account, because social media isn’t for everyone. Perhaps you set up an account...
Japan predicts hacker attack on Tokyo Summer Olympics by Russian hackers
According to Masatoshi Fujitani, head of the Tokyo-based Japan Forum for Strategic Studies (JFSS), the Summer Olympic Games in Tokyo...
Plaintext Passwords of 8.3 Million Users Leaked in a DailyQuiz Data Breach
Earlier this year, a cybercriminal exploited the vulnerabilities in the DailyQuiz server and stole personal details of 13 million users,...
Apple Fixes macOS Zero Day Vulnerability, Abused by XCSSET macOS Malware
Apple has released security updates for a variety of its products, including a patch for three macOS and tvOS zero-day...
JSWorm: A Notorious Ransomware
The ransomware threat environment has been shifting over the last few years. Following the major ransomware outbreaks of 2017, such...
Agrius – The Iranian Hacking Group Targets Israel Using Data Wipers
The hacking community of Agrius has switched from a strictly destructive wiper malware to a mix of wiper and ransomware...
Kaspersky Security Bulletin 2020-2021. EU statistics
All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components...
DNS-Black-Cat(DBC) – Multi Platform Toolkit For An Interactive DNS Shell Commands Exfiltration, By Using DNS-Cat You Will Be Able To Execute System Commands In Shell Mode Over DNS Protocol
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in...
