Acer suffered the second security breach in a few months
Taiwanese electronics technology giant Acer discloses a security breach suffered by its after-sales service systems in India after an isolated...
Month: October 2021
Inside Apple: How Apple’s attitude impacts security
Last week saw the fourth occurrence of the Objective by the Sea (OBTS) security conference, which is the only security...
New Yanluowang ransomware used in highly targeted attacks on large orgs
Researchers spotted a new strain of ransomware, dubbed Yanluowang, that was used in highly targeted attacks against enterprises. Researchers from...
Thingiverse – 228,102 breached accounts
In October 2021, a database backup taken from the 3D model sharing service Thingiverse began extensively circulating within the hacking...
Xmap – A Fast Network Scanner Designed For Performing Internet-wide IPv6 &Amp; IPv4 Network Research Scanning
XMap is a fast network scanner designed for performing Internet-wide IPv6 & IPv4 network research scanning. XMap is reimplemented and...
Apple silently fixed iOS zero-day without crediting the expet who reported it
Apple has silently addressed a zero-day vulnerability that could allow attackers to gain access to sensitive user data. Apple has...
PowerShx – Run Powershell Without Software Restrictions
Unmanaged PowerShell execution using DLLs or a standalone executable. IntroductionPowerShx is a rewrite and expansion on the PowerShdll project. PowerShx...
MyKings botnet operators already amassed at least $24 million
The MyKings botnet (aka Smominru or DarkCloud) is still alive and continues to spread, allowing its operators to make huge...
“Free Steam game” scams on TikTok are Among Us
TikTok has long since evolved beyond being thought of as “just” dance clips, also becoming a home for educational and...
Patch now! Microsoft fixes 71 Windows vulnerabilities in October Patch Tuesday
Yesterday we told you about Apple’s latest patches. Today we turn to Microsoft and its Patch Tuesday. Microsoft tends to...
Dutch police warn customers of a popular DDoS booter service
Dutch police warn customers of a distributed denial-of-service (DDoS) website of stopping using the service to avoid prosecution. Dutch police...
CVE-2021-34714
Summary: A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE...
CVE-2021-34768
Summary: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software...
CVE-2021-34770
Summary: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software...
CVE-2021-34770
Summary: A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software...
CVE-2021-41322
Summary: Poly VVX 400/410 through 5.3.1 allows low-privileged users to change the Admin password by modifying a POST parameter to...
CVE-2021-34769
Summary: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software...
Rdesktop – Open Source Client for Microsoft’s RDP protocol
rdesktop is an open source client for Microsoft's RDP protocol. It is known to work with Windows versions ranging from...
CVE-2021-40449 – Microsoft / Windows – Privilege escalation
Summary: CVE-2021-40449 is a privilege escalation vulnerability impacting multiple products and versions of Microsoft Windows. A proof of concept (PoC)...
Crooks use math symbols to evade anti-phishing solutions
Threat actors are using mathematical symbols on impersonated company logos to evade detection in phishing campaigns. Researchers from anti-phishing cybersecurity...
Chinese APT IronHusky use Win zero-day in recent wave of attacks
A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A...
MysterySnail attacks with Windows zero-day
Executive Summary In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of...
SAS 2021: Learning to ChaCha with APT41
Straight from the sunny UK to the stage of SAS-at-Home 2021, John Southworth (PwC) will be giving some insights about...
SAS 2021: Fireside chat with Chris Bing
How to build up a fascinating story from a hardcore APT report? Where to find details and how to work...
