CVE-2021-33558
Summary: Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html,...
Year: 2021
CVE-2021-22359
Summary: There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker...
Security pros agree about threats—convincing everyone else is the problem
How about that Colonial Pipeline? As troubling as this event may be, for those of us working in the world of...
Ransomware to be investigated like terrorism
The impact of recent ransomware attacks on vital infrastructure in the US has triggered a reaction from the US Attorney’s...
Ex-SEC Enforcer: Crypto Investors are Enabling Hackers
The founder of the Securities and Exchange Commission's internet enforcement bureau warned Thursday that investors in bitcoin and other digital...
Furniture Village Hit by a Week-Long Cyber Attack
Customers have been left 'with nothing to sit on' and unable to pay while waiting for sofas, beds, and tables...
What is Email Spoofing? How Hackers Impersonate Legitimate Senders
Email spoofing is easily the most commonly employed way by threat actors for initiating phishing and spam attacks. Normally, hackers...
Vulnerabilties Found in Realtek Module
A new type of severe rated vulnerabilities has been revealed in the Realtek RTL8170C Wi-Fi module. A hacker could exploit...
FujiFilm Shuts Down Network Following Ransomware Attack
Japanese multinational conglomerate FujiFilm, headquartered in Tokyo suffered a ransomware attack on Tuesday night. The company has shut down portions...
Metarget – Framework Providing Automatic Constructions Of Vulnerable Infrastructures
1 IntroductionMetarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated...
Penglab – Abuse Of Google Colab For Cracking Hashes
Abuse of Google Colab for fun and profit. What is it ?Penglab is a ready-to-install setup on Google Colab for...
China-linked attackers breached Metropolitan Transportation Authority (MTA) using Pulse Secure zero-day
China-linked APT breached New York City’s Metropolitan Transportation Authority (MTA) network in April using a Pulse Secure zero-day. China-linked threat...
The dark web index 2021, report
PrivacyAffairs released the Dark Web Index 2021, the document provides the prices for illegal services/products available in the black marketplaces....
Trend Micro details CVE-2021-30724 privilege escalation flaw in macOS, iOS
Trend Micro disclosed technical details of a patched privilege escalation issue, tracked as CVE-2021-30724, that impacts macOS, iOS and iPadOS....
Cisco fixes High-severity issues in Webex, SD-WAN, ASR 5000 software
Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. Cisco has...
CVE-2020-4300
Summary: IBM Cognos Analytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML...
CVE-2021-22734
Summary: Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could...
CVE-2021-22735
Summary: Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow...
CVE-2021-22736
Summary: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and...
CVE-2018-16495
Summary: In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed...
Cybercrime, fraud, and insider threats increased in 2020 in the UK, report says
Since the initial lockdown, we have seen the rise of certain types of cybercrime, including scams and fraud campaigns that...
Steamship Authority answers question: Who’s the next ransomware victim?
After the attacks on Colonial Pipeline and JBS, many may have been wondering, as we did, what the next ransomware...
Coronavirus phishing: “Welcome back to the office…”
As offices start to slowly open back up, the theoretically post-pandemic world is changing its threat landscape once again, and...
Cybercrime Forum Publishes Alleged Database, Source Code From Russian Firm That Helped Parler
A seller on a famous cybercrime website claims to be selling source code and a database that they claim belongs...
