Crimea “manifesto” deploys VBA Rat using double attack vectors
This blog post was authored by Hossein Jazi. On July 21, 2021, we identified a suspicious document named “Манифест.docx” (“Manifest.docx”)...
This blog post was authored by Hossein Jazi. On July 21, 2021, we identified a suspicious document named “Манифест.docx” (“Manifest.docx”)...
The Prosecutor General's Office of the Russian Federation reported that Russia has submitted to the UN the world's first draft...
Cybersecurity researchers from South Korean security firm S2W Labs have unearthed two new ransomware groups. A sample of the first...
The cybersecurity researchers from Safety Detectives uncovered an insecure Microsoft Azure Blob storage server linked to the Raven Hengelsport retail...
The Personally Identifiable Information (PII) of approximately 100 million users of local business listing site JustDial was at stake after...
Multiple security flaws have been uncovered in the Zimbra email collaboration software, which could be abused to compromise email accounts...
For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware. Sniffle has a number of useful...
r2 is a rewrite from scratch of radare. It provies a set of libraries, tools and plugins to ease...
A new variant of the LockBit 2.0 ransomware is now able to encrypt Windows domains by using Active Directory group policies. Researchers...
Experts disclose details about a critical flaw in Microsoft Hyper-V, tracked as CVE-2021-28476, that can allow executing arbitrary code on...
A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in...
A China-linked cyberespionage group, tracked as PKPLUG, employed a previously undocumented strain of a RAT dubbed THOR in recent attacks....
Summary: HashiCorp Consul and Consul Enterprise 1.9.0 through 1.10.0 default deny policy with a single L7 application-aware intention deny action...
Summary: An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain...
Summary: An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). Reference...
Summary: Basix NEX-Forms through 7.8.7 allows authentication bypass for stored PDF reports. Reference Links(if available): https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34675 http://basixonline.net/nex-forms-wordpress-form-builder-demo/change-log/ CVSS Score (if...
Summary: Basix NEX-Forms through 7.8.7 allows authentication bypass for Excel report generation. Reference Links(if available): https://github.com/rauschecker/CVEs/tree/main/CVE-2021-34676 http://basixonline.net/nex-forms-wordpress-form-builder-demo/change-log/ CVSS Score (if...
IF you already use NordVPN, you will be well aware that they refuse to give out the WireGuard config information...
There’s a new ransomware gang in town—and, frankly, we’re not at all surprised. After DarkSide disappeared—coincidentally, immediately after Colonial Pipeline...
The 2020 Olympics are, after a bit of a delayed start, officially in full swing. So too is the possibility...
Researchers at RandoriSec have found serious vulnerabilities in the firmware provided by UDP Technology to Geutebrück and many other IP...
Signal has patched a critical flaw in its Android app that, in some circumstances, sent random unintended images to contacts...
Malicious malware and websites have targeted both event organizers and regular spectators as the Tokyo Olympics' opening ceremony approaches. According to...