Credential Phishing and Brute Force Attacks Continue to Surge
Financial and reputational aspects of organizations across the globe are taking a severe hit as they witness advanced email threats...
Month: September 2021
Driver’s License Exploitation Scams Surge
The Covid epidemic has provided a ripe opportunity for cybercriminals, who are taking advantage of internet information from outdated driver's...
BlackMatter Ransomware Victim: Trust Capital Funding
BlackMatter Ransomware NOTE: The information on this page is automated and scraped directly from the BlackMatter Onion Dark Web Tor...
AVOS Locker Ransomware Victim: Potter Concrete
AvosLocker Ransomware SummaryVictim Name: Potter ConcretePotter Concrete suffered a breach and this is a sample of the files we've downloaded...
403Bypasser – Automates The Techniques Used To Circumvent Access Control Restrictions On Target Pages
403bypasser automates the techniques used to circumvent access control restrictions on target pages. 403bypasser will continue to be improved and...
SigFlip – A Tool For Patching Authenticode Signed PE Files (Exe, Dll, Sys ..Etc) Without Invalidating Or Breaking The Existing Signature
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) in a way that doesn't affect...
SEC announces sanctions against entities over email account hacking
The U.S. Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. The U.S. Securities and...
Watch out, ransomware attack risk increases on holidays and weekends, FBI and CISA
The FBI and CISA issued a joint cybersecurity advisory to warn organizations to remain vigilant against ransomware attacks during weekends...
LockBit ransomware operators leak 200GB of data belonging to Bangkok Airways
LockBit ransomware operators have breached Bangkok Airways, the airline confirmed it was the victim and discloses a data breach impacting...
LockFile Ransomware uses a new intermittent encryption technique
Recently emerged LockFile ransomware family LockFile leverages a novel technique called intermittent encryption to speed up encryption. LockFile ransomware gang...
Threat actors can remotely disable Fortress S03 Wi-Fi Home Security System
Rapid7 researchers discovered two flaws that can be exploited by attackers to remotely disable one of the home security systems...
LockBit 2.0 Ransomware Victim: ch13bham[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: advint[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
CVE-2021-36928
Summary: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36931. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36928 CVSS...
CVE-2021-36928
Summary: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36931. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36928 CVSS...
CVE-2021-30468
Summary: A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service,...
CVE-2021-32263
Summary: ok-file-formats through 2021-04-29 has a heap-based buffer overflow in the ok_csv_circular_buffer_read function in ok_csv.c. Reference Links(if available): https://github.com/brackeen/ok-file-formats/issues/13 CVSS...
CVE-2021-36931
Summary: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36928. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-36931 CVSS...
CVE-2021-3713
Summary: An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior...
CVE-2021-21159 – Google / Chrome – Heap-based buffer overflow
Summary: CVE-2021-21159 is a heap-based buffer overflow vulnerability impacting Google Chrome versions 88.0.4324.182 and earlier. A proof of concept (PoC)...
CVE-2021-21106 – Google / Chrome – Use after free
Summary: CVE-2021-21106 is a use after free vulnerability impacting Google Chrome versions 87.0.4280.88 and earlier. A proof of concept (PoC)...
ProxyToken: Another nail-biter from Microsoft Exchange
Had I known this season of Microsoft Exchange was going to be so long I’d have binge watched. Does anyone...
HPE: Sudo Flaw Grants Attackers Root Privileges to Aruba Platform
A vulnerability in Sudo, open-source software used within HP's Aruba AirWave management platform, can enable any unprivileged and unauthorized local...
Data From Fujitsu is Being Sold on the Dark Web
An organisation called Marketo is selling data from Fujitsu on the dark web, although the firm claims the information "appears...
