CVE-2021-32558
Summary: An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before...
Month: August 2021
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2021-32610
Summary: In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193....
CVE-2021-36754
Summary: PowerDNS Authoritative Server 4.5.0 before 4.5.1 allows anybody to crash the process by sending a specific query (QTYPE 65535)...
CVE-2021-36983
Summary: replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a symlink attack on /tmp/replay-sorcery...
Apple’s search for child abuse imagery raises serious privacy questions
The Internet has been on fire since the August 4 discovery (disclosed publicly by Mathew Green) that Apple will be...
Edge’s Super Duper Secure Mode benchmarked: How much speed would you trade for security?
In an attempt to make Edge more secure, the Microsoft Vulnerability Research team has started to experiment with disabling Just-In-Time...
Crime-as-a-Service Makes Advanced Phishing Attacks Easier For Amateurs
CaaS (Crime as a Service) is a practice where veteran hackers sell tools and knowledge required to perform a cybercrime....
Security Flaw in AWS S3 Possess Security Threat for Business Organizations
New security flaws have emerged in the AWS’ Amazon Simple Storage Service (S3) buckets which are now exposed via additional...
Amazon Fined With EUR 746 Million By Luxembourg Over Data Protection
Amazon has been fined 746 million ($880 million) Euros by the Luxembourg government over data protection rules. Despite its powerful...
Security Researcher Discovers Serious Flaw in Chromium, Bags $15,000 Reward
A recently patched vulnerability in the Chromium project enabled malicious parties to inject code in embedded site pages, despite the...
Spanish botnet attacked Russian companies
StormWall, the provider of services for protecting networks from DDoS attacks, said that Russian companies have been attacked by one...
TwiTi – Tool for extracting IOCs from tweet
TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs. TwiTi does classifying...
WARCannon – High Speed/Low Cost CommonCrawl RegExp In Node.js
WARCannon was built to simplify and cheapify the process of 'grepping the internet'.With WARCannon, you can:Build and test regex patterns...
Conti Leak Indicators – What to block, in your SOC….
Security expert provided leak indicators for Conti ransomware operations that were recently disclosed by a disgruntled affiliate. An affiliate of...
VMware addresses critical flaws in its products
VMware has addressed a critical vulnerability that affects multiple products that could be exploited to gain access to confidential information....
BlackMatter ransomware also targets VMware ESXi servers
BlackMatter gang rapidly evolves, the group has developed a Linux version that allows operators to targets VMware’s ESXi VM platform....
Conti ransomware affiliate leaked gang’s training material and tools
An affiliate of the Conti RaaS has leaked the training material shared by the group with its network along with...
Cryptominer ELFs Using MSR to Boost Mining Process
The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver. By UPTYCS THREAT...
CVE-2021-31894
Summary: A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.X (All...
CVE-2021-31893
Summary: A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All...
CVE-2021-33629
Summary: isula-build before 0.9.5-6 can cause a program crash, when building container images, some functions for processing external data do...
CVE-2021-29143
Summary: A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series,...
