Beware password-spraying fancy bears
The NSA, FBI, and CISA, in cooperation with the UK’s National Cyber Security Centre (NCSC), have issued a report that...
Research Reveals Americans Not Aware About Cybersecurity Issues Happening In U.S
Although many cyberattacks made major headlines in the US this year, most of the customers are still not aware of...
Threat Actors Target Mongolian Certificate Authority with Cobalt Strike Binaries
Threat actors have breached a server belonging to MonPass, a major certification authority (CA) in Mongolia in East Asia, and...
NCSC Alerts of Cyber Threats to Ireland’s Energy, Telecoms and Transport Sectors
One of the UK's leading cyber officials has cautioned of a rising threat to Ireland's cross-border telecoms, energy, and transportation...
Hackers Hit President Putin and Citizens at a TV show
Recently, a massive cyberattack took place while Russian president Vladimir Putin was answering citizen queries through the state-broadcast Rossiya 24...
More than 3 million Russians have become victims of a new online fraud scheme
Experts of the cybersecurity company Group-IB note that fraudsters skillfully disguise fake payment pages: they often contain logos of the...
Gorsair – Hacks Its Way Into Remote Docker Containers That Expose Their APIs
Gorsair is a penetration testing tool for discovering and remotely accessing Docker APIs from vulnerable Docker containers. Once it has...
Lazyrecon – Tool To Automate Your Reconnaissance Process In An Organized Fashion
Lazyrecon is a subdomain discovery tool that finds and resolves valid subdomains then performs SSRF/LFI/SQLi fuzzing, brute-force and port scanning....
Cyber Defense Magazine – July 2021 has arrived. Enjoy it!
Cyber Defense Magazine July 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 158 pages of...
Experts warn of Babuk Locker attacks with recently leaked ransomware builder
The recently leaked Babuk Locker ransomware builder was used by a threat actor in an ongoing campaign targeting victims worldwide....
CISA alert urges to disable Windows Print Spooler to percent PrintNightmare attacks
CISA issued a security alert to warn admins to disable the Windows Print Spooler service on servers not used for printing due...
UK, US agencies warn of large-scale brute-force attacks carried out by Russian APT
US and UK cybersecurity agencies said the Russia-linked APT28 group is behind a series of large-scale brute-force attacks.US and UK...
Hackers breached a data server of the University Medical Center
The University Medical Center hospital discloses a data breach after threat actors published online images of stolen personal information as...
CVE-2021-1675
Summary: Windows Print Spooler Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675 https://www.kb.cert.org/vuls/id/383432 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P...
CVE-2021-1675
Summary: Windows Print Spooler Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675 https://www.kb.cert.org/vuls/id/383432 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P...
CVE-2021-1675
Summary: Windows Print Spooler Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1675 https://www.kb.cert.org/vuls/id/383432 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P...
CVE-2021-28570
Summary: Adobe After Effects version 18.1 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An unauthenticated attacker...
CVE-2021-28586
Summary: After Effects version 18.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code...
CVE-2021-28588
Summary: Adobe RoboHelp Server version 2019.0.9 (and earlier) is affected by a Path Traversal vulnerability when parsing a crafted HTTP...
CVE-2021-33542
Summary: Phoenix Contact Classic Automation Worx Software Suite in Version 1.87 and below is affected by a remote code execution...
Microsoft exec reveals “routine” secrecy orders from government investigators
Microsoft executive Tom Burt told Congressional lawmakers Wednesday that Federal law enforcement agencies send “routine” secret orders for customer information...
SMS authentication code includes ad: a very bad idea
SMS authentication codes are back in the news, and the word I’d use to summarise their reappearance is “embattled.” I...
PrintNightmare 0-day can be used to take over Windows domain controllers
In a rush to be the first to publish a proof-of-concept (PoC), researchers have published a write-up and a demo...
Microsoft Adds DNS-over-HTTPS to Windows 11
DNS-over-HTTPS is a privacy feature in Windows 11 that allows users to evade censorship and Internet activity by doing encrypted...
