Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw...
Month: October 2021
Flubot Android banking Trojan spreads via fake security updates
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat...
CVE-2021-41617
Summary: sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental...
CVE-2021-32277
Summary: An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It...
CVE-2021-32274
Summary: An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It...
CVE-2021-32273
Summary: An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It...
CVE-2021-38714
Summary: In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability...
Kekeo – A Little Toolbox To Play With Microsoft Kerberos In C
kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) ASN.1 libraryIn kekeo,...
Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G
Telecom Italia Red Team Research (RTR) laboratory led by Massimiliano Brolli reported three new flaws in Oracle GlassFish and Nokia...
Elastic Stack API Security Vulnerability Exposes Customer and System Data
The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics...
Pwncat – Fancy Reverse And Bind Shell Handler
pwncat is a post-exploitation platform for Linux targets. It started out as a wrapper around basic bind and reverse shells...
Baby died at Alabama Springhill Medical Center due to cyber attack
A baby allegedly received inadequate childbirth health care, and later died, at an Alabama Springhill Medical Center due to a...
The expert assessed the prospects of cybersecurity company Group-IB after the arrest of its founder
Experts believe that the arrest of Ilya Sachkov, the founder and CEO of Group-IB, will not affect the company's work,...
The FCC moves to curb SIM swap attacks
The Federal Communications Commission (FCC) is going to set new rules to curb the rising threat of SIM swapping, also...
Analysts Warn of Telegram Powered Bots Stealing Bank OTPs
In the past few years, two-factor verification is one of the simplest ways for users to safeguard their accounts. It...
Hydra Android trojan campaign targets customers of European banks
Experts warn of a new Hydra banking trojan campaign targeting European e-banking platform users, including the customers of Commerzbank. ...
Apple Pay vulnerable to wireless pickpockets
Researchers have shown that it is possible for attackers to bypass an Apple iPhone’s lock screen to access payment services...
Newly Discovered ‘Tomiris’ Backdoor Linked to SolarWinds Attack Malware
Kaspersky security researchers have unearthed a new backdoor likely designed by the Nobelium advanced persistent threat (APT) behind last year's...
CVE-2021-41535
Summary: A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free...
CVE-2021-41536
Summary: A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free...
CVE-2021-41537
Summary: A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free...
CVE-2021-41539
Summary: A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free...
CVE-2021-41540
Summary: A vulnerability has been identified in Solid Edge SE2021 (All versions < SE2021MP8). The affected application contains a use-after-free...
Neiman Marcus discloses data breach, payment card data exposed
Luxury retail company Neiman Marcus Group has announced this week that it has suffered a data breach that impacted customer...
