Adobe fixes critical flaws in Magento, patch it immediately
Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security...
Month: August 2021
Microsoft patch Tuesday security updates fix PrintNightmare flaws
Microsoft released patch Tuesday security updates for August that address 120 CVEs in Microsoft products including a zero-day actively exploited...
$611 million stolen in Poly Network cross-chain hack
The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to...
CVE-2021-21866
Summary: A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17....
CVE-2020-13962
Summary: Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue,...
CVE-2021-27943
Summary: The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and mobile application is vulnerable...
CVE-2021-34628
Summary: The Admin Custom Login WordPress plugin is vulnerable to Cross-Site Request Forgery due to the loginbgSave action found in...
CVE-2021-34632
Summary: The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the loc_config function found in the ~/seo-backlinks.php...
Check your passwords! Synology NAS devices under attack from StealthWorker
Synology PSIRT (Product Security Incident Response Team) has put out a warning that it has recently seen and received reports...
Ransomware turncoat leaks Conti data, lifts the lid on the ransomware business
Last week, The Record broke the news that a self-described “pen tester” for the infamous Conti ransomware gang, who goes...
Researchers Reveal DBREACH as New Attack Against Databases
In reference to the past record, many organizations have observed that databases are critical applications for any organization, which give...
Credential Leak Detection Device Scrapesy Limits Incident of Data Breaches
Red team analysts at Standard Industries, have designed an open-source device to assist organizations to detect incidents of the data...
Black Hat 2021: Zero-days, Ransoms and Supply Chains
During Black Hat 2021, Corellium COO Matt Tait warned that the amount of zero-days exploited in the open is "off...
Reindeer Leak Personal Data of 3,00,000 Users In A Breach
WizCase's cybersecurity group discovered a prominent breach impacting Reindeer, an American marketing company that previously worked with Tiffany & Co.,...
NSA Issues Warning Concerning Public Wi-Fi Networks
National Security Agency cautioned public servants against hackers that can benefit from public Wi-Fi in coffee shops, airports, and hotel...
Karton – Distributed Malware Processing Framework Based On Python, Redis And MinIO
Distributed malware processing framework based on Python, Redis and MinIO. The ideaKarton is a robust framework for creating flexible and...
UnhookMe – An Universal Windows API Resolver And Unhooker Addressing Problem Of Invoking Unmonitored System Calls From Within Of Your Red Teams Malware
In the era of intrusive AVs and EDRs that introduce hot-patches to the running processes for their enhanced optics requirements,...
New eCh0raix ransomware variant targets NAS devices from both QNAP and Synology vendors
A new variant of the eCh0raix ransomware is able to target Network-Attached Storage (NAS) devices from both QNAP and Synology vendors....
Microsoft Azure Sentinel uses Fusion ML to detect ransomware attacks
Microsoft Azure Sentinel cloud-native SIEM (Security Information and Event Management) platform used the Fusion machine learning model to detect ransomware...
FlyTrap, a new Android Trojan compromised thousands of Facebook accounts
Experts spotted a new Android trojan, dubbed FlyTrap, that compromised Facebook accounts of over 10,000 users in at least 144...
StealthWorker botnet targets Synology NAS devices to drop ransomware
Taiwanese vendor Synology has warned customers that the StealthWorker botnet is targeting their NAS devices to deliver ransomware. Taiwan-based vendor...
CVE-2021-32066
Summary: An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise...
CVE-2021-27491
Summary: Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed...
CVE-2017-18113
Summary: The DefaultOSWorkflowConfigurator class in Jira Server and Jira Data Center before version 8.18.1 allows remote attackers who can trick...
