Data from the Russian cybercriminal forum Maza (Mazafaka) leaked to the network
Attackers hacked the Russian-language forum Maza, which was used by the hacker "elite". According to experts, competitors or an anti-hacker...
Year: 2021
U.S. DOD Weapons Programs Struggles to Add ‘Key’ Cybersecurity Measures
The U.S. Defense Department failed to communicate cybersecurity guidelines to contractors tasked with building systems for its weapon programs, according...
Backdoor Affects 20,000 U.S Agencies Via Microsoft Vulnerability
A backdoor breached more than 20,000 US enterprises, it was installed through Microsoft Corp's recently patched flaws in the email...
NSA and CISA Jointly Issued Guidance On Protective DNS Services
America’s chief security departments The National Security Agency (NSA) and Cybersecurity and Infrastructure Agency (CISA) have released a joint information...
Chameleon – Customizable Honeypots For Monitoring Network Traffic, Bots Activities And UsernamePassword Credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres And MySQL)
Customizable honeypots for monitoring network traffic, bots activities and usernamepassword credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP,...
uEmu – Tiny Cute Emulator Plugin For IDA Based On Unicorn.
uEmu is a tiny cute emulator plugin for IDA based on unicorn engine. Supports following architectures out of the box:...
Microsoft releases IOC Detection Tool for Microsoft Exchange Server flaws
After the disclosure of Microsoft Exchange zero-days, MS Exchange Server team has released a script to determine if an install...
Millions of travelers of several airlines impacted by SITA data breach
SITA, a multinational IT company that provides services to the air transport industry was the victim of cyberattack that impacted multiple airlines. SITA is...
GoldMax, GoldFinder, and Sibot, 3 new malware used by SolarWinds attackers
Microsoft experts continue to investigate the SolarWinds attack and spotted 3 new strains of malware used as second-stage payloads. Microsoft...
CVE-2021-23131
Summary: An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager. Reference Links(if available):...
CVE-2020-28599
Summary: A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can...
CVE-2020-27223
Summary: In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers...
CVE-2021-27803
Summary: A vulnerability was discovered in how p2p/p2p_pd.c in wpa_supplicant before 2.10 processes P2P (Wi-Fi Direct) provision discovery requests. It...
‘Educational’ ransomware program may instead become a how-to guide for attackers
A developer published via GitHub a proof-of-concept (POC) ransomware program featuring strong compatibility with the post-exploitation tool Cobalt Strike, open-source...
China’s RedEcho accused of targeting India’s power grids
RedEcho, an advanced persistent threat (APT) group from China, has attempted to infiltrate the systems behind India’s power grids, according...
15 Schools in UK Were Compromised due to Cyber Attack
Fifteen schools in the UK were unable to offer online learning as a result of cyberattacks. The schools affected by...
Around 580,000 Privilege Fliers Data Breached, says Singapore Airlines
Around 580,000 privilege fliers, KrisFlyer and PPS members have been affected by an information breach, Singapore Airlines (SIA) has said....
Russian Hacking Forum Maza Hijacked, Suffers Data Breach
Cybercriminal forum Maza was recently hit by a data breach that led to the leak of user information. Earlier this...
Threat Actors Target PrismHR in a Potential Ransomware Attack
PrismHR, a payroll company, suffered a cyber attack over the weekend that caused massive outages to its system. Although there...
CompuCom MSP Hit By DarkSide Ransomware Cyberattack
CompuCom, a US-managed service provider, has witnessed a DarkSide ransomware attack. It has resulted in a service outage and...
Kubestriker – A Blazing Fast Security Auditing Tool For Kubernetes
Kubestriker performs numerous in depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are...
CertEagle – Asset monitoring utility using real time CT log feeds
In Bugbounties “If you are not first , then you are last” there is no such thing as silver or...
Managed Services provider CompuCom by Darkside ransomware
US managed service provider CompuCom was the victim of a cyberattack that partially disrupted its operations, experts believe it was...
Five privilege escalation flaws fixed in Linux Kernel
Experts found five vulnerabilities in the Linux kernel, tracked as CVE-2021-26708, that could lead to local privilege escalation. Positive Technologies researcher Alexander...
