Russian-based DoubleVPN seized by law enforcement
Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious...
SolarWinds hackers remained hidden in Denmark’s central bank for months
Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected...
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92%...
PoC exploit for CVE-2021-1675 RCE started circulating online
Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the...
CVE-2021-25653
Summary: A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a...
CVE-2021-21737
Summary: A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection...
CVE-2021-25923
Summary: In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum...
CVE-2021-33537
Summary: In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration...
CVE-2020-28097
Summary: The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka...
Fired by algorithm: The future’s here and it’s a robot wearing a white collar
Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when...
CVE-2021-1675 – Microsoft / Windows – RCE
Summary: CVE-2021-1675 is a remote code execution (RCE) vulnerability impacting multiple products and versions of Microsoft Windows. A proof of...
5G Security Vulnerabilities Concern Mobile Operators
As 5G private networks become more widely available in the next years, security may become a major concern for businesses....
Indian Origin Woman Rewarded with Rs 22 Lakh Bounty by Microsoft
Aditi Singh, a 20-year-old Delhi-based ethical hacker, was awarded $30,000 (Rs 22 lakh roughly) for detecting a bug in the...
Data of 700 Million LinkedIn Users Has Been Compromised
A massive breach has purportedly compromised the data of over 700 million LinkedIn users. LinkedIn has a total of 756...
Russia intends to sign agreements with a number of countries in the field of cybersecurity
Deputy Secretary of the Security Council of the Russian Federation Oleg Khramov named several countries with which Moscow plans to...
Microsoft Admits of Signing a Rootkit Malware
Earlier this month, Microsoft signed a driver called Netfilter that turned out to be a malicious network filter rootkit. Krasten...
Remote dating: How do the apps safeguard our data?
The pandemic and the restrictions that came with it have led to an increase in the popularity of dating apps....
S3-Account-Search – S3 Account Search
This tool lets you find the account id an S3 bucket belongs too. For this to work you need to...
WAF-A-MoLE – A Guided Mutation-Based Fuzzer For ML-based Web Application Firewalls
A guided mutation-based fuzzer for ML-based Web Application Firewalls, inspired by AFL and based on the FuzzingBook by Andreas Zeller...
Linux version of REvil ransomware targets ESXi VM
The REvil ransomware operators added a Linux encryptor to their arsenal to encrypt Vmware ESXi virtual machines. The REvil ransomware...
Experts developed a free decryptor for the Lorenz ransomware
Researchers analyzed a recently discovered threat, the Lorenz ransomware, and developed a free decryptor for the victims of this new...
GitHub paid out over $500K through its bug bounty program for 203 flaws in 2020
Code repository hosting service GitHub announced that it has paid out more than $1.5 million through its bug bounty program since...
CVE-2021-33813
Summary: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a...
CVE-2020-15732
Summary: Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker...
