Microsoft found auth bypass, system hijack flaws in Netgear routers
Microsoft experts have disclosed a series of vulnerabilities in the firmware of Netgear routers which could lead to data leaks...
Month: July 2021
US CISA releases a Ransomware Readiness Assessment (RRA) tool
The US CISA has released the Ransomware Readiness Assessment (RRA), a new ransomware self-assessment security audit tool. The US Cybersecurity...
Freshly scraped LinkedIn data of 88,000 US business owners shared online
About a week after scraped data from more than 700 million LinkedIn profiles were put for sale online, it seems that...
Hackers hit a televised phone-in between President Putin and citizens at a TV show
A massive cyber attack attempted to disrupt a televised phone-in between Russian President Vladimir Putin and the Rossiya 24 network....
CVE-2020-17759
Summary: An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This...
CVE-2021-33000
Summary: Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform...
CVE-2021-35448
Summary: Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image...
CVE-2020-9478
Summary: An issue was discovered in Rubrik 5.0.3-2296. An OS command injection vulnerability allows an authenticated attacker to remotely execute...
CVE-2021-32708
Summary: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes...
Police seize DoubleVPN data, servers, and domain
A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised...
Babuk ransomware builder leaked following muddled “retirement”
In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding...
Second colossal LinkedIn “breach” in 3 months, almost all users affected
LinkedIn has reportedly been breached—again—following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the...
Logins and passwords of at least 1.2 million Russians have been leaked online
The credential verification service developed by cybersecurity company BI.ZONE (a subsidiary of Sberbank) has revealed that information about logins and...
Threat Actors Target Aviation Firms Via Spear Phishing Campaign
Fortinet researchers discovered a spear-phishing campaign targeting the aviation industry with malicious download links that distribute the AsyncRAT with a...
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
