Kconfig-Hardened-Check – A Tool For Checking The Hardening Options In The Linux Kernel Config
MotivationThere are plenty of Linux kernel hardening config options. A lot of them are not enabled by the major distros....
Joern – Open-source Code Analysis Platform For C/C++/Java Based On Code Property Graphs
Joern's Documentation is available here: https://docs.joern.io/home Quick Installationwget https://github.com/ShiftLeftSecurity/joern/releases/latest/download/joern-install.shchmod +x ./joern-install.shsudo ./joern-install.shjoernCompiling (synthetic)/ammonite/predef/interpBridge.scCompiling (synthetic)/ammonite/predef/replBridge.scCompiling (synthetic)/ammonite/predef/DefaultPredef.scCompiling /home/tmp/shiftleft/joern/(console) ██╗ ██████╗ ███████╗██████╗ ███╗...
Cruise operator Carnival discloses a security breach
Carnival Corp. said that the data breach it has suffered in March might have impacted its customers and employees. Carnival...
Akamai outage was caused by an issue with its Prolexic DDoS protection service
An outage suffered by CDN, cybersecurity and cloud services provider Akamai was caused by an issue with its Prolexic DDoS...
The return of TA402 Molerats APT after a short pause
TA402 APT group (aka Molerats and GazaHackerTeam) is back after two-month of silence and is targeting governments in the Middle East....
Over a billion records belonging to CVS Health exposed online
Researchers discovered an unprotected database belonging to CVS Health that was exposed online containing over a billion records. This week WebsitePlanet...
Ferocious Kitten APT targets Telegram and Psiphon VPN users in Iran
Iran-linked Ferocious Kitten APT group used instant messaging apps and VPN software like Telegram and Psiphon to deliver Windows RAT...
CVE-2020-35519
Summary: An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A...
CVE-2021-21414
Summary: Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any...
CVE-2021-31542
Summary: In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal...
CVE-2021-3501
Summary: A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM...
CVE-2019-0193
Summary: In Apache Solr, the DataImportHandler, an optional but popular module to pull in data from databases and other sources,...
Polazert Trojan using poisoned Google Search results to spread
Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan...
The 6 best Chrome extensions for privacy and security
While searching for security- and privacy-improving extensions, users may end up installing an extension that is counterproductive to their goals....
Supply Chain Attack Conducted by Darkside Operator
Mandiant researchers have identified a supply chain attack against a CCTV provider by a Darkside ransomware gang affiliate that has...
Tim Cook Claims Android has 47 Times the Amount of Malware as iOS
During a live chat, Apple CEO Tim Cook stated that Android has more malware than iOS and that "sideloading" mobile...
Putin called the accusations of launching a cyber war against the United States unsubstantiated
Russian President Vladimir Putin said that the US accusations against Russia, including cyber attacks and election interference, are groundless, the...
CVS Health Database Breach Left 1 Billion User Records Exposed Online
Security researchers have discovered an online database belonging to CVS Health which exposed over a billion records online.On March 21st,...
Growing Cyber-Underground Market for Initial-Access Brokers
Ransomware groups are increasingly purchasing access to corporate networks from "vendors" who have previously placed backdoors on targets. Email is a...
Black Kingdom ransomware
Black Kingdom ransomware appeared on the scene back in 2019, but we observed some activity again in 2021. The ransomware...
PPLdump – Dump The Memory Of A PPL With A Userland Exploit
This tool implements a userland exploit that was initially discussed by James Forshaw (a.k.a. @tiraniddo) - in this blog post...
Volatility GUI – GUI For Volatility Forensics Tool
This is a GUI for Volatility forensics tool written in PyQT5Prerequisites:1- Installed version of Volatility. 2- Install PyQT5. sudo apt-get...
Cosmolog Kozmetik Data Breach: Hundreds of Thousands of Customers impacted
The securWizCase experts found a major breach that affected the popular online retailer Cosmolog Kozmetik. WizCase’s security team, led by...
Oleg Koshkin was convicted for operating a crypting service also used by Kelihos botnet
Russian national Oleg Koshkin was convicted for operating a “crypting” service used to obfuscate the Kelihos bot from antivirus software. Russian national Oleg...
