Year: 2021

CVE-2020-13949

May 31, 2021

Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...

CVE-2020-13949

May 31, 2021

Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...

CVE-2020-13949

May 31, 2021

Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...

CVE-2020-13949

May 31, 2021

Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...

CVE-2020-13949

May 31, 2021

Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...

CVE-2021-33477

May 31, 2021

Summary: rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of...

CVE-2021-1788

May 31, 2021

Summary: A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur...

CVE-2021-1844

May 31, 2021

Summary: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1,...

CVE-2021-1844

May 31, 2021

Summary: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1,...

CVE-2021-1844

May 31, 2021

Summary: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1,...

The slow trend away from facial recognition technology

May 31, 2021

It’s been a busy few weeks for facial recognition technology. Its oft-maligned abilities frequently wind up in tales of privacy...

A week in security (May 24 -30)

May 31, 2021

Last week on Malwarebytes Labs we discussed VPN Android apps, how even the FBI has to deal with insider threats,...

The Ministry of Internal Affairs of Russia will launch a program for recognizing deepfakes in the fall of 2022

May 31, 2021

The scientific and industrial company "High Technologies and Strategic Systems" (HT and SS SIJSC) will develop a computer program for...

HPE Patches the Zero-Day Vulnerabiity in Systems Insight Manager Software for Windows

May 31, 2021

Hewlett Packard Enterprise (HPE) has released a security update to patch critical zero-day remote code execution (RCE) vulnerability in its...

FireEye: Transportation and Telecom Firms Being Hit in Chinese Espionage

May 31, 2021

According to security firm FireEye, a massive Chinese espionage operation against US and European government entities includes four new hacking...

APT: China-Based Threat Group Attacks Pulse Secure VPNs

May 31, 2021

Several hacker groups that are supposed to support Chinese long-term economic goals continue in the defense, high-tech, public, transportation, and...

Kaiju – A Binary Analysis Framework Extension For The Ghidra Software Reverse Engineering Suite

May 31, 2021

CERT Kaiju is a collection of binary analysis tools for Ghidra. This is a Ghidra/Java implementation of some features of...

CheeseTools – Self-developed Tools For Lateral Movement/Code Execution

May 31, 2021

This repository has been made basing onto the already existing MiscTool, so big shout-out to rasta-mouse for releasing them and...

Interpol has intercepted $83 million from financial cyber crimes

May 30, 2021

Interpol has intercepted $83 million in illicit funds transferred from victims to the accounts used by crooks. An operation conducted...

These 2 attacks allow to alter certified PDF Documents

May 30, 2021

Researchers disclosed two new attack techniques that allow modifying visible content on certified PDF documents without invalidating the digital signature....

Security Affairs newsletter Round 316

May 30, 2021

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...

Facefish Backdoor delivers rootkits to Linux x64 systems

May 30, 2021

Qihoo 360 NETLAB spotted a new backdoor dubbed Facefish that could allow attackers to take over Linux systems and steal...

FBI will share compromised passwords with HIBP Pwned Passwords

May 30, 2021

The FBI is going to share compromised passwords discovered during investigations with Have I Been Pwned (HIBP)’s ‘Pwned Passwords’ service....

Secure Search is a Browser Hijacker – How to Remove it Now?

May 30, 2021

Secured Search is a browser hijacker that changes your browser’s settings to promote securedsearch.com, let’s remove it. Secured Search is...

Year: 2021

CVE-2020-13949

CVE-2020-13949

CVE-2020-13949

CVE-2020-13949

CVE-2020-13949

CVE-2021-33477

CVE-2021-1788

CVE-2021-1844

CVE-2021-1844

CVE-2021-1844

The slow trend away from facial recognition technology

A week in security (May 24 -30)

The Ministry of Internal Affairs of Russia will launch a program for recognizing deepfakes in the fall of 2022

HPE Patches the Zero-Day Vulnerabiity in Systems Insight Manager Software for Windows

FireEye: Transportation and Telecom Firms Being Hit in Chinese Espionage

APT: China-Based Threat Group Attacks Pulse Secure VPNs

Kaiju – A Binary Analysis Framework Extension For The Ghidra Software Reverse Engineering Suite

CheeseTools – Self-developed Tools For Lateral Movement/Code Execution

Interpol has intercepted $83 million from financial cyber crimes

These 2 attacks allow to alter certified PDF Documents

Security Affairs newsletter Round 316

Facefish Backdoor delivers rootkits to Linux x64 systems

FBI will share compromised passwords with HIBP Pwned Passwords

Secure Search is a Browser Hijacker – How to Remove it Now?

CVE Alert: CVE-2025-22146

CVE Alert: CVE-2025-0483

CVE Alert: CVE-2025-0486

CVE Alert: CVE-2025-0487

CVE Alert: CVE-2025-0488

You may have missed