Sunshuttle, the fourth malware allegedly linked to SolarWinds hack
FireEye researchers spotted a new sophisticated second-stage backdoor that was likely linked to threat actors behind the SolarWinds hack. Malware researchers...
Year: 2021
VMware addresses Remote Code Execution issue in View Planner
VMware released a security patch for a remote code execution vulnerability that affects the VMware View Planner product. VMware released...
CISA emergency directive urges to fix Microsoft Exchange zero-days
The US Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency directive related to recently fixed Microsoft Exchange zero-days. ...
Group-IB: ransomware empire prospers in pandemic-hit world. Attacks grow by 150%
Group-IB published a report titled “Ransomware Uncovered 2020-2021”. analyzes ransomware landscape in 2020 and TTPs of major threat actors. Group-IB, a...
CVE-2020-16043
Summary: Insufficient data validation in networking in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to bypass discretionary access...
CVE-2020-16003
Summary: Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap...
CVE-2020-15978
Summary: Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had...
CVE-2020-24686
Summary: The vulnerabilities can be exploited to cause the web visualization component of the PLC to stop and not respond,...
CVE-2021-23840
Summary: Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length...
Microsoft links new malware to SolarWinds hackers
Microsoft released details on later-stage malware the company says was used by the group behind the SolarWinds espionage campaign. (Microsoft)Microsoft...
Update now! Chrome fix patches in-the-wild zero-day
The Microsoft Browser Vulnerability Research team has found and reported a vulnerability in the audio component of Google Chrome. Google...
Kaspersky detected new ransomware attack on Russian companies
Kaspersky Lab has recorded a series of targeted attacks targeting Russian financial and transport companies. Hackers used a previously unknown...
US Telemarketing Company Leaks Data of 114,000 Consumers In a Cloud Storage Error
In a recent cybersecurity incident, a US telemarketing firm leaked sensitive data of tens of thousands of customers after a...
Zee5 Once Again Caught In Data Breach; Info Of 9 Million Users Exposed
Zee5, an Indian Leading giant over-the-top (OTT) platform has witnessed a data breach. According to the information, the data breach...
Crypto Exchange Platform WazirX Hit a Record High of $2 Billion in Trading Volumes
Cryptocurrency exchange platform, WazirX has almost doubled its trading volumes since February 1st, 2021 regardless of fears of a government-imposed...
FacePay fare payment system to launch in Moscow metro by the end of the year
"In the Moscow metro, by the end of 2021, we plan to launch contactless fare payment for travel through a...
Zero-day vulnerabilities in Microsoft Exchange Server
What happened? On March 2, 2021 several companies released reports about in-the-wild exploitation of zero-day vulnerabilities inside Microsoft Exchange Server....
PyBeacon – A Collection Of Scripts For Dealing With Cobalt Strike Beacons In Python
PyBeacon is a collection of scripts for dealing with Cobalt Strike's encrypted traffic. It can encrypt/decrypt beacon metadata, as well...
SharpSphere – .NET Project For Attacking vCenter
SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter....
Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys
Cybersecurity firm Qualys seems to have suffered a data breach, threat actors allegedly exploited zero-day flaw in their Accellion FTA server....
The Ursnif Trojan has hit over 100 Italian banks
Avast researchers reported that the infamous Ursnif Trojan was employed in attacks against at least 100 banks in Italy. Avast...
CVE-2021-24091
Summary: Windows Camera Codec Pack Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24091 CVSS Score (if available) v2: / MEDIUM...
CVE-2021-24091
Summary: Windows Camera Codec Pack Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-24091 CVSS Score (if available) v2: / MEDIUM...
CVE-2021-1648
Summary: Microsoft splwow64 Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1648 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C v3: /...
