Russian hacker Pavel Sitnikov arrested for distributing malware via Telegram
The popular Russian hacker Pavel Sitnikov was arrested by Russian authorities on charges of distributing malware via his Telegram channel....
Year: 2021
Prometheus and Grief – two new emerging ransomware gangs targeting enterprises. Mexican Government data is published for sale.
“Prometheus” and “Grief” – a multi-billion dollar ransomware market obtained two new emerging players. In today’s world, information and data...
Swedish Health Agency discloses hacking attempts
The Swedish Public Health Agency has shut down the country’s infectious diseases database, SmiNet, last week after multiple hacking attempts....
Denmark intel helped US NSA to spy on European politicians
Denmark’s foreign secret service allowed the US NSA to spy on European politicians through a Danish telecommunications hub. Journalists from Danish...
CVE-2020-35517
Summary: A flaw was found in qemu. A host privilege escalation issue was found in the virtio-fs shared file system...
CVE-2020-18395
Summary: A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial...
CVE-2021-20095
Summary: Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary...
CVE-2021-29350
Summary: SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands...
CVE-2021-21230
Summary: Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption...
Revisiting the NSIS-based crypter
This blog post was authored by hasherezade NSIS (Nullsoft Scriptable Install System) is a framework dedicated to creating software installers....
Threat Actors Release Patient Data Stolen from New Zealand Hospitals to the Local Media
Cybercriminals who targeted hospitals in New Zealand’s Waikato district have published the stolen patient data to the local media outlets,...
S&P: Cyberattacks Could Trigger More Rating Actions on Banks
Since the Covid pandemic intensified digitalization and remote working, the banking sector is becoming more vulnerable to cybercrime, according to...
An Advisory Issued by Carnegie Mellon University Warns Against the Vulnerability in Checkbox Survey
In the wild, CERT Coordination Center (CERT/CC) in Carnegie Mellon University alerts about a Checkbox Survey vulnerability that might enable...
BazaLoader Malware is Being Distributed by Hackers Using a Bogus Streaming Website
Proofpoint identified the phishing attempt in early May, which entailed hackers creating a phoney movie-streaming website named BravoMovies and stocking...
IT threat evolution Q1 2021
Targeted attacks Putting the ‘A’ into APT In December, SolarWinds, a well-known IT managed services provider, fell victim to a...
IT threat evolution Q1 2021. Mobile statistics
The statistics presented here draw on detection verdicts returned by Kaspersky products as provided by users who consented to share...
IT threat evolution Q1 2021. Non-mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to provide statistical data. Quarterly...
magicRecon – A Powerful Shell Script To Maximize The Recon And Data Collection Process Of An Objective And Finding Common Vulnerabilities
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common...
Bucky – An Automatic S3 Bucket Discovery Tool
Bucky is an automatic tool designed to discover S3 bucket misconfiguration, Bucky consists up of two modules Bucky firefox addon...
Experts devised a new attack to bypass Microsoft PatchGuard
A security researcher discovered a bug in PatchGuard Windows security feature that can allow loading unsigned malicious code into the...
COVID-19 – Phishing attacks target employees that come back to the office
Hackers are attempting to exploit the return to the “new normal” after the governments are removing restrictions imposed in response...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
