CVE-2021-1074
Summary: NVIDIA Windows GPU Display Driver for Windows, R390 driver branch, contains a vulnerability in its installer where an attacker...
CVE-2021-33502
Summary: The normalize-url package before 4.5.1, 5.x before 5.3.1, and 6.x before 6.0.1 for Node.js has a ReDoS (regular expression...
How Florida water attack investigators avoided an embarrassing misattribution
An aerial view of a wastewater treatment plant in California. An attempt to poison the Oldsmar, Florida water supply by...
RMM software: What is it and do you need it?
As cybersecurity products evolve to better protect against new forms of malware, trickier evasion techniques, and more organized cybercrime campaigns,...
Falsifying and weaponizing certified PDFs
The Portable Document Format (PDF) file type is one of the most common file formats in use today. It’s value...
Healthcare service faces test of willpower with Ransomware authors
Healthcare and ransomware are in the news in a big way. Data leaks are inevitable, but those are typically associated...
Canada Post’s Data Breach Affected 950K Customers
The state-owned postal service, Canada Post has reported that a cyber-attack on a third-party provider resulted in a data breach...
Moscow has completed a large-scale study on the security of 5G
The press service of the Moscow Department of Information Technologies informs that the specialists of the Scientific-Research Institute of Metallurgical...
Social Media Giants Seek Futher Extension in Deadline to Comply with Government Rules
Social media companies such as Facebook, Twitter, YouTube, Instagram, and WhatsApp will lose their status as ‘intermediaries” that granted them...
M1RACLES Bug Impacts Apple M1 Chips
A security researcher identified the first-ever vulnerability in Apple M1 chips that requires a silicon redesign to fix. The good...
Research Reveals More Than 2000 Chrome Extensions Disabled Security Headers
Tens of thousands of Google Chrome extensions accessible from the official Chrome Online Store manipulate security headers on major websites,...
Dystopia – Low To Medium Multithreaded Ubuntu Core Honeypot Coded In Python
Low to medium Ubuntu Core honeypot coded in Python.FeaturesOptional Login Prompt Logs commands used and IP addresses Customize MOTD, Port,...
FireStorePwn – Firestore Database Vulnerability Scanner Using APKs
fsp scans an APK and checks the Firestore database for rules that are not secure, testing with or without authentication....
NASA identified 1,785 cyber incidents in 2020
NASA identified more than 6,000 cyber-related incidents in the last four years, according to a report published by its Office...
Hackers compromised Japanese government offices via Fujitsu ‘s ProjectWEB tool
Threat actors have compromised offices of multiple Japanese agencies via Fujitsu ‘s ProjectWEB information sharing tool. Threat actors have breached...
M1RACLES, the unpatchable bug that impacts new Apple M1 chips
A security expert has discovered a vulnerability in Apple M1 chips, dubbed M1RACLES, that cannot be fixed. Software engineer Hector...
Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT
Researchers discovered about 50,000 IPs across multiple Kubernetes clusters that were compromised by the TeamTNT.threat actors. Researchers from Trend Micro reported...
French police seized dark web marketplace Le Monde Parallèle
Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police...
CVE-2021-3480
Summary: A flaw was found in slapi-nis in versions before 0.56.7. A NULL pointer dereference during the parsing of the...
CVE-2021-33477
Summary: rxvt-unicode 9.22, rxvt 2.7.10, mrxvt 0.5.4, and Eterm 0.9.7 allow (potentially remote) code execution because of improper handling of...
CVE-2021-31439
Summary: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Synology DiskStation Manager. Authentication is not...
CVE-2021-31473
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is...
CVE-2021-32633
Summary: Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted...
Malware used zero-day exploit to take screenshots of victims’ Macs
An Apple Store in Hong Kong. (ChIfcapsho, CC BY-SA 3.0 https://creativecommons.org/licenses/by-sa/3.0, via Wikimedia Commons)Apple patched a vulnerability that was actively...
