CVE-2021-35197
Summary: In MediaWiki before 1.31.15, 1.32.x through 1.35.x before 1.35.3, and 1.36.x before 1.36.1, bots have certain unintended API access....
Month: July 2021
US offers huge reward in fight against state-sponsored cybercriminals
The US Department of State has announced that its Rewards for Justice (RFJ) program is now offering: …up to $10...
Does using a VPN slow down your Internet?
A Virtual Private Network (VPN) can stop others from snooping on or tampering with your Internet traffic. It does this...
What is scareware?
Scareware is a type of rogue program which has been around for many years, arguably dating back to 1990. It...
The eSIM technology stimulates the growth of the IoT market in Russia
The development of eSIM technology has become one of the drivers of the IoT market, both in Russia and around...
Kremlin Does Not Know Why All Websites Linked to Hacker Group REvil Are Down
Press secretary of the President of the Russian Federation Dmitry Peskov said that the Kremlin does not have information whether...
Fashion Retailer Guess Confirms Data Breach
Guess, the popular clothing and lifestyle brand is notifying the customers via letters of a data breach caused by a...
Palo Alto Networks’ Unit 42 Publishes Report on Mespinoza Group
Unit 42 of Palo Alto Networks has examined the Mespinoza gang's latest techniques and practices in identifying its 'cocky' message...
Threat Actors Use Marvel’s Black Widow Movie To Spread Malware
Marvel's Black Widow film has finally been released in theatres and online streaming platforms after being delayed for over a...
Kali-Whoami – A Privacy Tool Developed To Keep You Anonymous On Kali Linux At The Highest Level
The purpose of the Whoami tool makes you as anonymous as possible on Kali linux. It is an user friendly...
Exploit_Mitigations – Knowledge Base Of Exploit Mitigations Available Across Numerous Operating Systems, Architectures And Applications And Versions
The goal is to list exploitation mitigations added over time in various operating systems, software, libraries or hardware. It becomes...
Microsoft alerts about a new Windows Print Spooler vulnerability
Microsoft published guidance to mitigate the impact of a new Windows Print Spooler vulnerability tracked as CVE-2021-34481 that was disclosed...
Google Chrome 91.0.4472.164 fixes a new zero-day exploited in the wild
Google Chrome 91.0.4472.164 addresses seven security vulnerabilities, including a high severity zero-day flaw exploited in the wild. Google has released...
New enhanced Joker Malware samples appear in the threat landscape
The Joker malware is back, experts spotted multiple malicious apps on the official Google Play store that were able to...
Israeli surveillance firm Candiru used Windows zero-days to deploy spyware
Experts said that Israeli surveillance firm Candiru, tracked as Sourgum, exploited zero-days to deliver a new Windows spyware. Microsoft and...
Exploit broker Zerodium is looking for VMware vCenter Server exploits
Zero-day exploit broker Zerodium is looking for 0day exploits for the VMware vCenter Server Zero-day exploit broker Zerodium announced it...
SpearTip Finds New Diavol Ransomware Does Steal Data
Security researchers have linked a new ransomware strain called Diavol to the Wizard Spider threat group behind the Trickbot botnet....
CVE-2021-33773
Summary: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-34445, CVE-2021-34456. Reference...
CVE-2021-33772
Summary: Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-31183, CVE-2021-34490. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33772...
CVE-2021-33771
Summary: Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33771 CVSS...
CVE-2021-33768
Summary: Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33768...
CVE-2021-33766
Summary: Microsoft Exchange Information Disclosure Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33766 https://www.zerodayinitiative.com/advisories/ZDI-21-798/ CVSS Score (if available) v2: / MEDIUM v3: /...
SonicWall warns users of “imminent ransomware campaign”
SonicWall has issued an urgent security notice warning users of unpatched End-Of-Life (EOL) SRA & SMA 8.X remote access devices...
Ransomware’s Russia problem
This blog post was written in collaboration with members of the Threat Intelligence Team. Last week, US news outlet NBC...
