CVE-2021-26038
Summary: An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks...
CVE-2021-3606
Summary: OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration...
CVE-2021-3613
Summary: OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file...
Year-long spear-phishing campaign targets global energy industry
Working oil pumps are seen against a sunset sky. Intezer uncovered a year-long spear-phishing campaign against energy companies. (Getty Images)An...
Malspam banks on Kaseya ransomware attack
The Malwarebytes Threat Intelligence Team recently found a malicious spam campaign making the rounds and banking on the ransomware attack...
Kaseya update delayed for security reasons
Software vendor Kaseya has been caught in the chaos of a supply-chain compromise by the REvil ransomware gang since Friday....
Presidential Press Secretary Said Moscow Not Involved in The Cyber Attacks on the Republican National Committee of US
On Wednesday, the press secretary of the President of the Russian Federation Dmitry Peskov told reporters that the cyber attack...
Chinese Hackers Target Indian SBI Users Via Phishing
Recently Indian officials have reported that China-based cybercriminals are targeting customers of the Indian National Bank State Bank of India...
Trump’s Social Media Website GETTR Hacked
An attacker leaked non-public information from GETTR, a social media platform made by former president Donald Trump's team in July...
SonicWall Patches Critical CVE-2021-20026 Vulnerability in NSM Product
A researcher at Positive Technologies has provided details about the CVE-2021-20026 command injection flaw that exploits SonicWall’s Network Security Manager...
Experts explained how and where confidential company data leaks
Despite the development of security tools, the number of leaks of confidential information of companies and individuals is not decreasing....
Ipa-Medit – Memory Search And Patch Tool For Resigned Ipa Without Jailbreak
Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security...
Cariddi – Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...PreviewInstallationYou need...
Tor Browser 10.5 is out, it includes a new anti-censorship feature
The Tor Project has released Tor Browser 10.5 which enhances an anti-censorship feature and warns of V2 onion URL deprecation....
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. A...
Experts bypassed Microsoft’s emergency patch for the PrintNightmare
The emergency patch for the PrintNightmare vulnerability released by Microsoft is incomplete and still allows RCE. Yesterday, Microsoft has released an...
Wiregrass Electric Cooperative hit by a ransomware attack
Wiregrass Electric Cooperative, a rural Alabama electric cooperative was hit by a ransomware attack. Wiregrass Electric Cooperative, a rural Alabama...
WildPressure APT expands operations targeting the macOS platform
WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware...
CVE-2021-3500
Summary: A flaw was found in djvulibre-3.5.28 and earlier. A Stack overflow in function DJVU::DjVuDocument::get_djvu_file() via crafted djvu file may...
CVE-2021-3517
Summary: There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who...
CVE-2019-25048
Summary: LibreSSL 2.9.1 through 3.2.1 has a heap-based buffer over-read in do_print_ex (called from asn1_item_print_ctx and ASN1_item_print). Reference Links(if available):...
CVE-2021-1723
Summary: ASP.NET Core and Visual Studio Denial of Service Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723 CVSS Score (if available) v2: /...
CVE-2021-1723
Summary: ASP.NET Core and Visual Studio Denial of Service Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1723 CVSS Score (if available) v2: /...
CVE-2021-32704
Summary: DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability...
