IRS Warned of an Ongoing IRS-Impersonation Scam
The Internal Revenue Service (IRS) has cautioned of ongoing phishing assaults impersonating the IRS and targeting educational establishments. The assaults...
Year: 2021
Here’s How to Safeguard Against Mobikwik Data Breach
Cybersecurity researchers claimed that the KYC data of as many as 11 crores Mobikwik users had been leaked and put...
Data Leak of 10cr Users: ‘The Largest KYC Data Leak in History’
According to cybersecurity researcher Rajshekahar Rajaharia, mobile payment app Mobikwik came under attack after the data of 10 crores of...
Financial Cyberthreats in 2020
2020 was challenging for everyone: companies, regulators, individuals. Due to the limitations imposed by the epidemiological situation, particular categories of...
Rubeus – C# Toolset For Raw Kerberos Interaction And Abuses
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project...
InveighZero – Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 Spoofer/Man-In-The-Middle Tool
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to...
5-star customer service: fraudsters launch massive campaign against Indonesia’s major banks on Twitter
Experts warn that cybercriminals are targeting Indonesia’s major banks posing as bank representatives or customer support team members on Twitter....
Chinese experts earned $20,000 for reporting a Chrome Sandbox Escape
Researchers have reported to Google a sandbox escape vulnerability in the Chrome web browser to Google that awarded them $20,000....
Email accounts of DHS members were compromised in the SolarWinds hack
Russian hackers accessed the email accounts of US Department of Homeland Security (DHS) officials as a result of the SolarWinds...
IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions
IETF has formally deprecated the TLS 1.0 and TLS 1.1 cryptographic protocols because they lack support for recommended cryptographic algorithms...
VMware addresses SSRF flaw in vRealize Operations that allows stealing admin credentials
VMware addressed a high severity vulnerability in vRealize Operations that could allow stealing admin credentials from vulnerable servers. VMware has published...
CVE-2021-1460
Summary: A vulnerability in the Cisco IOx Application Framework of Cisco 809 Industrial Integrated Services Routers (Industrial ISRs), Cisco 829...
CVE-2020-28243
Summary: An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a...
CVE-2020-35662
Summary: In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated....
CVE-2021-21309
Summary: Redis is an open-source, in-memory database that persists on disk. In affected versions of Redis an integer overflow bug...
CVE-2021-23840
Summary: Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length...
PYSA, the ransomware attacking schools
The education sector’s cybersecurity problem has compounded in the last few months. A recent warning from the FBI, in mid-March,...
Malicious commits found in PHP code repository: What you need to know
You’ve probably heard that PHP’s Git repository was recently compromised, allowing backdoors to be added to the code located there....
MIDC’s Server Hacked, Threat to Destroy Data
The server of Maharashtra Industrial Development Corporation was hacked as of late. The ransomware 'SYNack' affected the applications and database...
278,000 GitHub Repositories Affected by a Critical Networking Flaw in Netmask
Security researchers have unearthed a critical networking flaw CVE-2021-28918 in a popular npm library netmask. Netmask is commonly utilized by...
Live Broadcast Got Disrupted Due to Cyber-Attack on The Australian Tv Network- Nine
A cyber-attack on Australia's Channel Nine TV network has interrupted live broadcasts, raising questions about the country's exposure to hackers....
PHP Git Server Hacked to Plant Malware in Code Base
In the most recent software supply chain assault, the official PHP Git repository was hacked and the code base altered....
APT10: sophisticated multi-layered loader Ecipekac discovered in A41APT campaign
Why is the campaign called A41APT? In 2019, we observed an APT campaign targeting multiple industries, including the Japanese manufacturing...
ClearURLs – An Add-On Based On The New WebExtensions Technology And Will Automatically Remove Tracking Elements From URLs To Help Protect Your Privacy
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This...
