LockBit 2.0 ransomware hit Israeli defense firm E.M.I.T. Aviation Consulting
Israeli Aerospace & Defense firm E.M.I.T. Aviation Consulting Ltd. was hit by LockBit 2.0 ransomware, operators will leak files on...
AutomatedLab – A Provisioning Solution And Framework That Lets You Deploy Complex Labs On HyperV And Azure With Simple PowerShell Scripts
AutomatedLab (AL) enables you to setup test and lab environments on Hyper-v or Azure with multiple products or just a...
TA544 group behind a spike in Ursnif malware campaigns targeting Italy
Proofpoint researchers reported that TA544 threat actors are behind a new Ursnif campaign that is targeting Italian organizations. Proofpoint researchers...
CVE-2021-38647 OMIGOD flaw impacts IBM QRadar Azure
Experts warn that CVE-2021-38647 OMIGOD flaws affect IBM QRadar Azure and can be exploited by remote attackers to execute arbitrary...
CVE-2021-35944
Summary: Couchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from...
CVE-2021-41617
Summary: sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental...
CVE-2021-30542
Summary: Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user...
CVE-2021-30543
Summary: Use after free in Tab Strip in Google Chrome prior to 91.0.4472.77 allowed an attacker who convinced a user...
CVE-2021-41073
Summary: loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS...
Security Affairs newsletter Round 334
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
LinkedIn Scraped Data – 125,698,496 breached accounts
During the first half of 2021, LinkedIn was targeted by attackers who scraped data from hundreds of millions of public...
efiXplorer – IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation
efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus...
The Biden administration will work with 30 countries to curb global cybercrime
The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime....
LeakDB – Web-Scale NoSQL Idempotent Cloud-Native Big-Data Serverless Plaintext Credential Search
LeakDB is a tool set designed to allow organizations to build and deploy their own internal plaintext "Have I Been...
Threat actors exploit a flaw in Coinbase 2FA to steal user funds
Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw...
Flubot Android banking Trojan spreads via fake security updates
The Flubot Android malware is now leveraging fake security updates warning to trick users into installing the malicious code. Threat...
CVE-2021-41617
Summary: sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental...
CVE-2021-32277
Summary: An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_analysis_32 located in sbr_qmf.c. It...
CVE-2021-32274
Summary: An issue was discovered in faad2 through 2.10.0. A heap-buffer-overflow exists in the function sbr_qmf_synthesis_64 located in sbr_qmf.c. It...
CVE-2021-32273
Summary: An issue was discovered in faad2 through 2.10.0. A stack-buffer-overflow exists in the function ftypin located in mp4read.c. It...
CVE-2021-38714
Summary: In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability...
Kekeo – A Little Toolbox To Play With Microsoft Kerberos In C
kekeo is a little toolbox I have started to manipulate Microsoft Kerberos in C (and for fun) ASN.1 libraryIn kekeo,...
Tim’s RED Team Research reports 3 new CVEs, two of which in 4G/5G
Telecom Italia Red Team Research (RTR) laboratory led by Massimiliano Brolli reported three new flaws in Oracle GlassFish and Nokia...
Elastic Stack API Security Vulnerability Exposes Customer and System Data
The mis-implementation of Elastic Stack, a collection of open-source products that employ APIs for crucial data aggregation, search, and analytics...
