CVE-2021-3501
Summary: A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM...
Year: 2021
CVE-2019-19603
Summary: SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. Reference Links(if available): https://github.com/sqlite/sqlite/commit/527cbd4a104cb93bf3994b3dd3619a6299a78b13...
CVE-2020-36226
Summary: A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo...
CVE-2019-0193
Summary: In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources,...
CVE-2019-0193
Summary: In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources,...
CVE-2021-20305
Summary: A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA...
Two Google plans that could make open source code more secure
Recently Google announced that it will fund the further development of Rust. Rust is a low-level programming language that is...
The Polish Prime Minister asked the Sejm to hold a closed meeting on cyber attacks
 The lower house of the bicameral parliament of Poland (Sejm) will hold a closed session on hacking attacks against representatives...
Threat Actors Use Google Drives and Docs to Host Novel Phishing Attacks
 On Thursday, researchers at email and collaboration security firm Avanan revealed that attackers are using standard tools within Google Docs/Drive...
Fraudsters are Mailing Modified Ledger Devices to Steal Cryptocurrency
 Scammers are mailing fraudulent replacement devices to Ledger customers who were recently exposed in a data breach, which are being...
Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config
MotivationThere are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros....
Joern – Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs
Joern's Documentation is available here: https://docs.joern.io/home Quick Installationwget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.shchmod +x ./joern-install.shsudo ./joern-install.shjoernCompiling (synthetic)/ammonite/predef/interpBridge.scCompiling (synthetic)/ammonite/predef/replBridge.scCompiling (synthetic)/ammonite/predef/DefaultPredef.scCompiling /home/tmp/shiftleft/joern/(console) ██╗ ██████╗ ███████╗██████╗ ███╗...
Cruise operator Carnival discloses a security breach
Carnival Corp. said that the data breach it has suffered in March might have impacted its customers and employees. Carnival...
Akamai outage was caused by an issue with its Prolexic DDoS protection service
An outage suffered by CDN, cybersecurity and cloud services provider Akamai was caused by an issue with its Prolexic DDoS...
The return of TA402 Molerats APT after a short pause
TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East....
Over a billion records belonging to CVS Health exposed online
Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records. This week WebsitePlanet...
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran
Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT...
CVE-2020-35519
Summary: An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A...
CVE-2021-21414
Summary: Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any...
CVE-2021-31542
Summary: In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal...
CVE-2021-3501
Summary: A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM...
CVE-2019-0193
Summary: In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources,...
Polazert Trojan using poisoned Google Search results to spread
Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan...
The 6 best Chrome extensions for privacy and security
While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals....
