Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB,...
Month: July 2021
CISA analyzed stealthy malware found on compromised Pulse Secure devices
U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The...
TicketClub Italy Database Offered in Dark Web
A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb...
Thousands of Humana customers have their medical data leaked online by threat actors
Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database...
France ANSSI agency warns of APT31 campaign against French organizations
French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group....
CVE-2021-34521
Summary: Raw Image Extension Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34521 CVSS Score (if available) v2: / MEDIUM v3:...
CVE-2021-34522
Summary: Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34464. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34522 CVSS Score...
CVE-2021-34525
Summary: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33746, CVE-2021-33754, CVE-2021-33780, CVE-2021-34494. Reference Links(if...
CVE-2021-34529
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34528. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34529 https://www.zerodayinitiative.com/advisories/ZDI-21-827/...
Guntrader – 112,031 breached accounts
In July 2021, the United Kingdom based website Guntrader suffered a data breach that exposed 112k unique email addresses. Extensive...
The life and death of the ZeuS Trojan
Whether you’ve read up on Greek mythology or you’re simply a big fan of Marvel comics, the name “Zeus” should...
ID theft ghouls targeting Surfside victims is appalling, but no surprise
We’ve written at length about account compromise and identity theft, and how criminals will often hijack accounts belonging to dead...
HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11
Users with low privileges can access sensitive Registry database files on Windows 10 and Windows 11, leaving them vulnerable to...
Telegram Pavel Durov says that since 2018 he knew about the potential surveillance of his phone
The billionaire said he had known since 2018 that one of his phone numbers was on the NSO Group list,...
Heartless Attackers Stole Identities of Surfside Condo Collapse Victims
Threat actors are targeting people who died in the June 24 collapse of Champlain Towers South in Surfside by ransacking...
This New Malware Hides Itself Among Windows Defender Exclusions to Avoid Detection
On Tuesday, security experts confirmed the existence of a previously undocumented malware strain named "MosaicLoader," which targets people looking for...
Caliente Bandits Target Spanish Speaking Individuals to Spread Bandook Malware
A new hacking gang TA2721 also commonly known as Caliente Bandits has been tracked by Proofpoint researchers since January 2021....
Apple’s iPhone is the Easiest to Snoop on Using the Pegasus, Says Amnesty
NSO Group, an Israeli cyber intelligence firm, developed Pegasus spyware as a surveillance tool. As claimed by the corporation, this...
Managed Detection and Response in Q4 2020
Download full report (PDF) As cyberattacks become more sophisticated, and security solutions require more resources to analyze the huge amount...
Hash-Buster v3.0 – Crack Hashes In Seconds
Why crack hashes when you can bust them?FeaturesAutomatic hash type identification Supports MD5, SHA1, SHA256, SHA384, SHA512 Can extract &...
XLoader, a $49 spyware that could target both Windows and macOS devices
Check Point Research (CPR) experts have spotted a cheap malware, dubbed XLoader variant, which was upgraded to target both Windows and...
Kelihos botmaster Peter Levashov gets time served
A US federal judge sentenced Russian hacker Peter Levashov to 33 months, time served, and three years of supervised release...
LPE flaw in Linux kernel allows attackers to get root privileges on most distros
Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux...
A 16-year-old bug (CVE-2021-3438) in printer driver affects millions of printers worldwide
Experts warn of a 16-year-old vulnerability (CVE-2021-3438) in an HP, Xerox, and Samsung printers driver that an attacker could exploit...
