Linux System Service Bug Allows You to Gain Root Access
An authentication bypass vulnerability in the polkit auth system service, which is installed by default on many recent Linux distributions,...
Year: 2021
China-Based Hackers Luring Indians into Fake Tata Motors Scam
On Thursday, cyber-security researchers in India announced the discovery of a malicious free present marketing campaign managed by China-based hackers...
Inadvertently Exposed Secrets and Tokens are promptly Scanned by GitHub
GitHub recently updated its insights to include repositories that contain registry secrets for PyPI and RubyGems. This approach protects millions...
Russian hackers attacked the systems of the Dutch police during the investigation of the Boeing crash
The Dutch newspaper Volkskrant on the day of the start of the hearing on the crash of the Malaysian Boeing...
FBI Alerts: BEC Scammers are Posing as Construction Companies
The FBI has issued a warning to private sector enterprises about scammers masquerading construction companies in business email compromise (BEC)...
Interactsh – An OOB Interaction Gathering Server And Client Library
Interactsh is an Open-Source Solution for Out of band Data Extraction, A tool designed to detect bugs that cause external...
BlueCloud – Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D
Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one...
Mysterious custom malware used to steal 1.2TB of data from million PCs
Experts spotted a new mysterious malware that was used to collect a huge amount of data, including sensitive files, credentials,...
Al Jazeera detected and blocked disruptive cyberattacks
Qatari government-funded international Arabic news channel Al Jazeera announced to have blocked a series of disruptive cyberattacks aimed at its...
DoJ announced to have shut down Slilpp marketplace in international operation
The US Department of Justice seized the servers and domains of the popular cybercrime marketplace SlilPP. The US Department of Justice...
Global Scamdemic: Scams Become Number One Online Crime
Threat hunting and adversarial cyber intelligence company Group-IB published a comprehensive analysis of fraud cases on a global scale. Group-IB, a...
Hackers stole data from the network of the gaming giant Electronic Arts
Hackers breached the network of the gaming giant Electronic Arts (EA) and have stolen roughly 780 GB of data, including game...
CVE-2021-3516
Summary: There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted...
CVE-2021-23895
Summary: Deserialization of untrusted data vulnerability in McAfee Database Security (DBSec) prior to 4.8.2 allows a remote authenticated attacker to...
CVE-2021-22112
Summary: Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can...
CVE-2021-33502
Summary: The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression...
CVE-2021-33194
Summary: golang.org/x/net before v0.0.0-20210520170846-37e1c6afe023 allows attackers to cause a denial of service (infinite loop) via crafted ParseFragment input. Reference Links(if...
‘Nameless’ malware attacks 1.2TB database in the cloud
a so-called “nameless” undetected malware stole a database in the cloud that contained some 1.2 terabytes of files, cookies, and...
Can machine learning help detect zero day malware?
University of College London campus. Researchers identified a number of promising machine learning techniques that may help improve detection of...
How a Resident Evil image leaked in a ransomware attack ended up in the middle of $12m copyright claim
Back in November, gaming giant Capcom suffered a ransomware attack. In its press notification, it mentioned the various types of...
Russia accused of hacking Dutch police during MH17 investigation
Journalists at the Dutch newspaper “De Volkskrant” have reported that the country’s intelligence service, AIVD, discovered in 2017 that Russian...
International Sting Operation Cracks Down Encryption Criminal Groups
In an international sting operation targeting drug suppliers led to an arrest of a man. The suspect's face was blurred...
Chip Maker ADATA Attacked by Ragnar Locker Ransomware Group
ADATA, a Taiwan-based leading memory and storage manufacturer, was forced to take its systems offline after a ransomware attack crippled...
Spanish Government Witnesses Cyber Attack
Earlier this morning, the Ministry of Labour and Social Economy of the Spanish government witnessed a cyber-attack. At the moment,...
