CVE-2021-39225
Summary: Nextcloud is an open-source, self-hosted productivity platform. A missing permission check in Nextcloud Deck before 1.2.9, 1.4.5 and 1.5.3...
CVE-2021-34781
Summary: A vulnerability in the processing of SSH connections for multi-instance deployments of Cisco Firepower Threat Defense (FTD) Software could...
CVE-2021-34783
Summary: A vulnerability in the software-based SSL/TLS message handler of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense...
NSA and CISA explained how to prevent and detect lateral movement in 5G networks via cloud systems
The US NSA and CISA published a security advisory to warn about threat actors compromising 5G networks via cloud infrastructure....
Shrootless: Microsoft finds Apple macOS vulnerability
Microsoft researchers have discovered a vulnerability in macOS, dubbed Shrootless, that can allow attackers to bypass System Integrity Protection (SIP)...
Http-Protocol-Exfil – Exfiltrate Files Using The HTTP Protocol Version (“HTTP/1.0” Is A 0 And “HTTP/1.1” Is A 1)
Use the HTTP protocol version to send a file bit by bit ("HTTP/1.0" is a 0 and "HTTP/1.1" is a...
CVE-2021-33044 – Dahua Technology / Multiple – Improper authentication
Summary: CVE-2021-33044 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a...
CVE-2021-33045 – Dahua Technology / Multiple – Improper authentication
Summary: CVE-2021-33045 is an improper authentication vulnerability impacting multiple Dahua products. An exploit was observed in open source and a...
How we took part in MLSEC and (almost) won
This summer Kaspersky experts took part in the Machine Learning Security Evasion Competition (MLSEC) — a series of trials testing...
Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection
Microsoft finds a flaw in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP). Microsoft discovered a...
Over 1 million WordPress sites affected by OptinMonster plugin flaws
A vulnerability in the popular the OptinMonster plugin allows unauthorized API access and sensitive information disclosure. A high-severity vulnerability (CVE-2021-39341)...
HTTPUploadExfil – A Simple HTTP Server For Exfiltrating Files/Data During, For Example, CTFs
HTTPUploadExfil is a (very) simple HTTP server written in Go that's useful for getting files (and other information) off a...
Wslink, a previously undescribed loader for Windows binaries
ESET researchers discovered a previously undescribed loader for Windows binaries, tracked as Wslink, that runs as a server and executes...
AbstractEmu, a new Android malware with rooting capabilities
AbstractEmu is a new Android malware that can root infected devices to take complete control and evade detection with different tricks. Security...
Threat profile: Ranzy Locker ransomware
Ranzy Locker ransomware emerged in late 2020, when the variant began to target victims in the United States. According to a flash alert issued...
CVE-2020-28969
Summary: Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via...
CVE-2019-10240
Summary: Eclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of...
CVE-2021-24487
Summary: The St-Daily-Tip WordPress plugin through 4.7 does not have any CSRF check in place when saving its 'Default Text...
CVE-2021-34854
Summary: This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must...
CVE-2021-34762
Summary: A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote...
German investigators identify crypto millionaire behind REvil operations
German authorities have identified a Russian man named Nikolay K. who is suspected to be a prominent member of the...
DonPAPI – Dumping DPAPI Credz Remotely
Dumping revelant information on compromised targets without AV detection DPAPI dumpingLots of credentials are protected by DPAPI. We aim at...
What is fileless malware?
Unlike traditional malware, which relies on a file being written to a disk, fileless malware is intended to be memory...
Crooks steal $130 million worth of cryptocurrency assets from Cream Finance
Threat actors have stolen $130 million worth of cryptocurrency assets from the Cream Finance decentralized finance (DeFi) platform. C.R.E.A.M. Finance...
