Boffins show PIN bypass attack Mastercard and Maestro contactless payments
Boffins from the Swiss ETH Zurich university demonstrated PIN bypass attack on contactless cards from Mastercard and Maestro. A group...
Month: August 2021
CVE-2020-36478
Summary: An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
CVE-2019-15544
Summary: An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve...
CVE-2016-10081
Summary: /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that...
CVE-2019-20326
Summary: A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5...
CVE-2020-2501 – QNAP / Surveillance Station – Out-of-bounds write
Summary: CVE-2020-2501 is an out-of-bounds write vulnerability impacting multiple versions of QNAP Surveillance Station. An exploit was observed in open...
Microsoft Issues an Advisory on ProxyShell Vulnerabilities
Microsoft this week published guidance about three vulnerabilities referred to collectively as ProxyShell days after security researchers at the U.S....
Cisco Published Two Critical and Six High-Severity Patches for Nexus Gear
The American multinational technology conglomerate corporation Cisco Systems, based in San Jose, California - has published six security patches for...
F5 Security Patched Severe Vulnerabilities in its BIG-IP Networking Device
F5 Security has patched over a dozen critical-severity vulnerabilities in its BIG-IP networking device, including one which was classified as...
CISA Published MARs on Samples Targeting Pulse Secure Devices
Five new research reports outlining malware detected on compromised Pulse Secure devices were issued this week by the US Cybersecurity...
AVOS Locker Ransomware Victim: Master Chemical
AvosLocker Ransomware SummaryVictim Name: Master ChemicalMaster Chemical suffered a breach and this is a sample of the files we've downloaded...
Huan – Encrypted PE Loader Generator
Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It...
Pantagrule – Large Hashcat Rulesets Generated From Real-World Compromised Passwords
gargantuan hashcat rulesets generated from compromised passwords Project maintenance warning: This project is deemed completed. No pull requests or changes...
Phorpiex botnet shuts down and authors put source code for sale
Crooks behind the Phorpiex botnet have shut down their operations and put the source code for sale on the dark...
Atlassian released security patches to fix a critical flaw in Confluence
Atlassian released patches to fix a critical flaw, tracked as CVE-2021-26084, affecting the Confluence enterprise collaboration product. Atlassian released security patches...
An RCE in Annke video surveillance product allows hacking the device
Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by...
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’...
BlackMatter Ransomware Victim: Diamond Schmitt
BlackMatter Ransomware NOTE: The information on this page is automated and scraped directly from the BlackMatter Onion Dark Web Tor...
CVE-2021-35940
Summary: An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The...
CVE-2020-18754
Summary: An information disclosure vulnerability exists within Dut Computer Control Engineering Co.'s PLC MAC1100. Reference Links(if available): https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak.md CVSS Score...
CVE-2020-36478
Summary: An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
