CVE-2020-21547
Summary: Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. Reference Links(if available): https://github.com/saitoha/libsixel/issues/114 CVSS Score...
Year: 2021
CVE-2020-21548
Summary: Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Reference Links(if available): https://github.com/saitoha/libsixel/issues/116 CVSS Score...
CVE-2020-21548
Summary: Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. Reference Links(if available): https://github.com/saitoha/libsixel/issues/116 CVSS Score...
CVE-2021-30123
Summary: FFmpeg
CVE-2021-31836
Summary: Improper privilege management vulnerability in maconfig for McAfee Agent for Windows prior to 5.7.4 allows a local user to...
FoggyWeb, analysis of a Nobelium backdoor
Microsoft’s Threat Intelligence Center has been analyzing a custom-built backdoor that has been used by the Nobelium group since April...
Phone screenshots accidentally leaked online by stalkerware-type company
pcTattleTale hasn’t been very careful about securing the screenshots it sneakily takes from its victims’ phones. pcTattleTale markets itself as...
Russia will develop a new cyber security standard
Positive Technologies is developing a new concept of cyber security standard. The document should become an open knowledge base, which...
5 French Minister Phones Affected with Pegasus Spyware
 At least five French ministers and President Emmanuel Macron's diplomatic advisor mobile phones have been infected by Israel-made Pegasus spyware,...
A Malicious Firefox Add-On Targets Cryptocurrency Users
 Covid-19 pandemic has turned the world upside down in the last year and a half, leaving us with no option...
Hackers Steal $17,000 in ‘Double Your Cash’ Fraud on Bitcoin.org
 Bitcoin.org, the authentic website of the Bitcoin project was hacked by criminals who advertised a double your money scam and...
FinSpy: unseen findings
FinSpy, also known as FinFisher or Wingbird, is an infamous surveillance toolset. Kaspersky has been tracking deployments of this spyware...
LittleCorporal – A C# Automated Maldoc Generator
LittleCorporal: A C# Automated Maldoc Generator C:LittleCorporalbinRelease>LittleCorporal.exe C:beacon.bin explorer.exe.____ .__ __ __ .__ _________ .__| | |__|/ |__/ |_| |...
SharpSpray – Active Directory Password Spraying Tool. Auto Fetches User List And Avoids Potential Lockouts
SharpSpray is a Windows domain password spraying tool written in .NET C#. IntroductionSharpSpray is a C# port of DomainPasswordSpray with...
A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online
An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using it....
Russia-linked Nobelium APT group uses custom backdoor to target Windows domains
Microsoft discovered new custom malware, dubbed FoggyWeb, used by the Nobelium cyberespionage group to implant backdoor in Windows domains. Microsoft...
ERMAC, a new banking Trojan that borrows the code from Cerberus malware
ERMAC is a new Android banking Trojan that can steal financial data from 378 banking and wallet apps. Researchers from...
New BloodyStealer malware is targeting the gaming sector
Researchers spotted a new malware, dubbed BloodyStealer, that could allow stealing accounts for multiple gaming platforms. Researchers from Kaspersky have...
Expert found RCE flaw in Visual Studio Code Remote Development Extension
Researchers from the Italian cybersecurity firm Shielder found a remote code execution vulnerability in Visual Studio Code Remote Development Extension....
CVE-2021-1947
Summary: Use-after-free vulnerability in kernel graphics driver because of storing an invalid pointer in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial...
CVE-2021-33700
Summary: SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances,...
CVE-2021-33698
Summary: SAP Business One, version - 10.0, allows an attacker with business authorization to upload any files (including script files)...
CVE-2021-33692
Summary: SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be...
CVE-2021-33704
Summary: The Service Layer of SAP Business One, version - 10.0, allows an authenticated attacker to invoke certain functions that...
