Apple’s Find My Network: Can be Abused to Leak Secrets Via Passing Devices
Apple's Find My network, which is used to track iOS and macOS devices – as well as more recently AirTags...
Year: 2021
FBI – CISA Published a Joint Advisory as Colonial Pipeline Suffers a Catastrophic Ransomware Attack
Following a catastrophic ransomware assault on a Colonial Pipeline, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA)...
RevengeRAT is Targeting the Aerospace and Travel Sectors with Spear-Phishing Emails
Microsoft has released a warning about a remote access tool (RAT) called RevengeRAT, which it claims has been used to...
Mubeng – An Incredibly Fast Proxy Checker And IP Rotator With Ease
An incredibly fast proxy checker & IP rotator with ease.FeaturesProxy IP rotator: Rotates your IP address for every specific request....
R77-Rootkit – Fileless Ring 3 Rootkit With Installer And Persistence That Hides Processes, Files, Network Connections, Etc…
Ring 3 rootkitr77 is a ring 3 Rootkit that hides following entities from all processes: Files, directories, junctions, named pipes,...
Magecart gang hides PHP-based web shells in favicons
Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript...
Ireland’s Health Service Executive hit by ransomware attack
Ireland’s Health Service Executive service shut down its IT systems after they were hit with a “significant ransomware attack.” Another major...
Colonial Pipeline likely paid a $5M ransom to DarkSide
DarkSide demanded a $5 million ransom to Colonial Pipeline, which has quickly recovered operations, did it pay? The Colonial Pipeline...
Rapid7 says source code, credentials accessed as a result of Codecov supply-chain attack
Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack....
Security at Bay: Critical Infrastructure Under Attack
The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on...
Please vote Security Affairs – 1 day left
Hi GuysI need your support. I became aware only not that we can nominate SecurityAffairs as Best Personal Blog. I...
CVE-2021-31165
Summary: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. Reference...
CVE-2021-31170
Summary: Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31170 https://www.zerodayinitiative.com/advisories/ZDI-21-578/...
CVE-2021-1506
Summary: Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to execute arbitrary code or gain...
CVE-2016-4834
Summary: modules/Users/actions/Save.php in Vtiger CRM 6.4.0 and earlier does not properly restrict user-save actions, which allows remote authenticated users to...
CVE-2021-31598
Summary: An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_decode() performs incorrect memory handling while parsing crafted...
WhatsApp calls and messages will break unless you share data with Facebook
WhatsApp told users last week that there was no need for alarm regarding an upcoming privacy policy deadline, as users...
What is a honeypot? How they are used in cybersecurity
Cybersecurity experts strive to enhance the security and privacy of computer systems. Quietly observing threat actors in action can help...
Newly observed PHP-based skimmer shows ongoing Magecart Group 12 activity
This blog post was authored by Jérôme Segura Web skimming continues to be a real and impactful threat to online...
What does WiFi stand for?
We use WiFi to connect to the Internet, but what is it, and what does it stand for? How does...
Using iPhones and AirTags to sneak data out of air-gapped networks
Someone has found an extraordinary way to exfiltrate data by piggybacking data on the backs of unsuspecting iPhones. Say what?...
The White House believes that the attackers on the Colonial Pipeline are located in Russia
The Russian authorities should take action against the hacker group DarkSide, which, according to Washington, is located in Russia and...
Apple App Store Saved Users $1.5 Billion Worth in Fraud Transactions
Tech giant Apple claimed that the measures taken to detect malicious apps and actions by developers on the App Store...
Fake Chrome App is Being Used as Part of a Cyberattack Campaign
According to researchers at cybersecurity company Pradeo, a new Android malware has been discovered that imitates the Google Chrome software...
