800 arrests after police dupe crime groups into using backdoored phones
An international operation that monitored an encrypted device company under control of the Federal Bureau of Investigation (FBI) and the...
Year: 2021
This Malware that Uses Steam Profile Images to Hide Itself
In May 2021, a researcher tweeted about a new malware that hides itself inside Steam profile photos. Except for a...
The Russian expert assessed the demand of the State Department to stop cyberattacks on the United States
"Moscow should not react to such statements until the United States is ready to seriously discuss the rules of conduct...
India’s Finance Software Powerhouse NSE Blown By EpsilonRed Ransomware
Nucleus Software Exports, an Indian financial software company has witnessed a major ransomware attack. The company that facilitates Indian banks...
Private Details Compromised After Cyber Attack on NSW Health
The New South Wales Ministry of Health (NSW Health) has confirmed that it was impacted by a cyberattack involving the...
Identity Verification Platform Troolio Closes a $394 Million Deal
Id verification online platform Trulioo lands a $394 Million series D round of funding at a $1.75 Billion valuation after...
PuzzleMaker attacks with Chrome zero-day exploit chain
On April 14-15, 2021, Kaspersky technologies detected a wave of highly targeted attacks against multiple companies. Closer analysis revealed that...
ColdFire – Golang Malware Development Library
Golang malware development framework IntroductionColdFire provides various methods useful for malware development in Golang. Most functions are compatible with both...
Link – A Command And Control Framework Written In Rust
link is a command and control framework written in rust. Currently in beta. Introductionlink provides MacOS, Linux and Windows implants...
Spotify, PayPal, GitHub, and other major websites down due to Fastly CDN outage
A large number of popular websites including Reddit, Spotify, PayPal, GitHub, gov.uk, CNN, and the BBC are currently facing problems...
Trojan Shield, the biggest ever police operation against encrypted communications
Trojan Shield operation: The FBI and Australian Federal Police ran an encrypted chat platform that was used by crime gangs...
US authorities recovered most of the ransom paid by Colonial Pipeline
US officials announced to have recovered most of the $4.3 million ransom that Colonial Pipeline paid to the DarkSide ransomware...
RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries
RockYou2021, the largest password compilation of all time has been leaked on a popular hacker forum, it contains 8.4 billion...
Siloscape, first known malware that drops a backdoor into Kubernetes clusters
Siloscape is a new strain of malware that targets Windows Server containers to execute code on the underlying node and...
CVE-2021-31525
Summary: net/http in Go before 1.15.12 and 1.16.x before 1.16.4 allows remote attackers to cause a denial of service (panic)...
CVE-2016-20011
Summary: libgrss through 0.7.0 fails to perform TLS certificate verification when downloading feeds, allowing remote attackers to manipulate the contents...
CVE-2018-6383
Summary: Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not...
CVE-2021-22908
Summary: A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges...
CVE-2021-28676
Summary: An issue was discovered in Pillow before 8.2.0. For FLI data, FliDecode did not properly check that the block...
New Siloscape malware targets Windows containers and highlights security pitfalls
A visitor photographs a symbol of a cloud at the Deutsche Telekom stand the day before the CeBIT technology trade...
DOJ recovers pipeline ransom, signals more aggressive approach to cybercrime
The US Department of Justice announced Monday that it recovered much of the ransomware payment that Colonial Pipeline paid to...
Can two VPN “wrongs” make a right? Lock and Code S02E10
This week on Lock and Code, we’re presenting you something a little different. We’re telling you a story—with no guest...
White hat, black hat, grey hat hackers: What’s the difference?
When you think of the world of ethical hackers (white hat), malicious hackers (black hat), and hackers that flirt with...
Amazon Sidewalk starts sharing your WiFi tomorrow, thanks
Amazon smart device owners only have until June 8 to opt out of a new program that will group their...
