CVE-2021-37553
Summary: In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used. Reference Links(if available): https://blog.jetbrains.com/blog/2021/08/05/jetbrains-security-bulletin-q2-2021/ CVSS Score (if available) v2:...
CVE-2018-13844
Summary: ** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in...
CVE-2021-22517
Summary: A potential unauthorized privilege escalation vulnerability has been identified in Micro Focus Data Protector. The vulnerability affects versions 10.10,...
Microsoft’s PrintNightmare continues, shrugs off Patch Tuesday fixes
I doubt if there has ever been a more appropriate nickname for a vulnerable service than PrintNightmare. There must be...
Russian scientists have launched the first quantum network with open access in Moscow
 Russian scientists have launched in Moscow the first quantum network with open access, in which all interested organizations will be...
Crytek Confirms Data Theft After Egregor Ransomware Attack
 German game developer and publisher Crytek has accepted that its encrypted systems containing customers’ private details were breached by a...
Master Key for Decryption of Kaseya, Leaked on Hacking Forum
 The universal decryption key for Kaseya has been leaked on a Russian hacking forum by hackers. An Ekranoplan-named user shared...
Conti Group Exploited Vulnerable Microsoft Exchange Servers
 According to cybersecurity consultancy firm Pondurance, the Conti ransomware gang is now using backdoors that are still active. On-premises Microsoft...
Microsoft Released Security Updates that Block PetitPotam NTLM Relay Attacks
 The PetitPotam NTLM relay exploit, which allows a threat actor to take over a Windows domain, has been blocked by...
IT threat evolution Q2 2021
Targeted attacks The leap of a Cycldek-related threat actor It is quite common for Chinese-speaking threat actors to share tools...
IT threat evolution in Q2 2021. Mobile statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
IT threat evolution in Q2 2021. PC statistics
These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly...
Http-Request-Smuggling – HTTP Request Smuggling Detection Tool
HTTP request smuggling is a high severity vulnerability which is a technique where an attacker smuggles an ambiguous HTTP request...
AlanFramework – A Post-Exploitation Framework
Alan Framework is a post-exploitation framework useful during red-team activities. If you find my tool useful, please consider to sponsor...
Magniber Ransomware operators use PrintNightmare exploits to infect Windows servers
Threat actors behind the Magniber Ransomware are using PrintNightmare exploits in attacks aimed at Windows servers. Threat actors behind the...
Microsoft warns of a new unpatched Windows Print Spooler RCE zero-day
Microsoft is warning of another zero-day Windows print spooler vulnerability, tracked as CVE-2021-36958, that could allow local attackers to gain...
Threat actors behind the Poly Network hack are returning stolen funds
The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds....
Accenture has been hit by a LockBit 2.0 ransomware attack
Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT...
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing...
CVE-2021-38202
Summary: fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read...
CVE-2021-38201
Summary: net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access)...
CVE-2021-1610
Summary: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN...
CVE-2021-32772
Summary: Poddycast is a podcast app made with Electron. Prior to version 0.8.1, an attacker can create a podcast or...
CVE-2018-8172
Summary: A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup...
