REvil ransomware gang demanded $70M for universal decryptor for Kaseya victims
REvil ransomware is demanding $70 million for decrypting all systems locked during the Kaseya supply-chain ransomware attack. REvil ransomware is...
Month: July 2021
US water company WSSC Water hit by a ransomware attack
US water company WSSC Water is investigating a ransomware attack that affected non-essential business systems in May. WSSC Water is investigating a...
REvil gang exploited a zero-day in the Kaseya supply chain attack
Kaseya was addressing the zero-day vulnerability that REvil ransomware gang exploited to breach on-premise Kaseya VSA servers. A new supply...
CVE-2017-3162
Summary: HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as...
CVE-2018-17196
Summary: In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses...
CVE-2021-32708
Summary: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes...
CVE-2021-32708
Summary: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes...
CVE-2021-33503
Summary: An issue was discovered in urllib3 before 1.26.5. When provided with a URL containing many @ characters in the...
CVE-2021-30468
Summary: A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service,...
After Ransomware Attack AJG US Reported Data Breach
US-based global insurance brokerage and risk management firm, Arthur J. Gallagher (AJG) has reported a cyberattack on the company’s infrastructure....
Indian Startup Exposed Byju’s Compromised Server Data
Salesken.ai, an Indian-based technology secured a compromised server that was leaking out private and sensitive data on one of its...
A ‘Colossal’ Ransomware Attack Paralyzes Hundreds of US Companies
Ahead of the US Independence Day weekend, a ransomware attack crippled the networks of at least 200 American companies on...
Babuk Ransomware Gang is Back Into Action
Although they are declaring their retirement from the firm, the Babuk ransomware operators seem to have reverted into old habits...
Mongolian Certificate Authority Hacked Eight Times
The unidentified hackers attacked the website of MonPass, one of Mongolia's leading certificate authorities, to backdoor its installation software with...
Scour – AWS Exploitation Framework
Scour is a modern module based AWS exploitation framework written in golang, designed for red team testing and blue team...
FRIDA-DEXDump – Fast Search And Dump Dex On Memory
Featuressupport fuzzy search broken header dex. fix struct data of dex-header. compatible with all android version(frida supported). support loading as...
Hackers spread backdoor after compromising the Mongolian CA MonPass
Threat actors compromised the servers of Mongolian certificate authority (CA) MonPass and used its website to spread malware. Hackers compromised...
Security Affairs newsletter Round 321
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Coop supermarket closes hundreds of stores after Kaseya supply chain ransomware attack
Swedish supermarket chain Coop is the first company to disclose the impact of the recent supply chain ransomware attack that...
Kaseya VSA supply-chain ransomware attack hit hundreds of companies
A supply attack by REvil ransomware operators against Kaseya VSA impacted multiple managed service providers (MSPs) and their clients. A...
CVE-2020-18032
Summary: Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary...
CVE-2017-3162
Summary: HDFS clients interact with a servlet on the DataNode to browse the HDFS namespace. The NameNode is provided as...
CVE-2018-17196
Summary: In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses...
CVE-2021-32708
Summary: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes...
