Etherblob-Explorer – Search And Extract Blob Files On The Ethereum Blockchain Network
Search and extract blob files on the Ethereum network using Etherscan.io API.IntroductionEtherBlob Explorer is a tool intended for researchers, analysts,...
A dozen Android apps exposed data of 100M+ users
Check Point researchers found 23 Android apps that exposed the personal data of more than 100 million users. Security researchers...
Privacy Concerns On Cookies Storing Personal Information
Which are privacy concerns on the way organizations collect personal information through the use of cookies? Data is constantly being...
Russian citizen Anton Bogdanov sentenced to 5 years for cyber tax fraud scheme
Russian hacker Anton Bogdanov was sentenced to 5 years’ imprisonment for attempting to steal $1.5 million in tax refunds by hacking...
Blind SQL Injection flaw in WP Statistics impacted 600K+ sites
Experts discovered a Time-Based Blind SQL Injection vulnerability in the WP Statistics plugin which is installed on over 600,000 WordPress...
Google addresses 4 zero-day flaws in Android exploited in the wild
Google released Android Security Bulletin for May 2021 security updates that address four zero-day vulnerabilities that were exploited in the...
CVE-2021-30482
Summary: In JetBrains UpSource before 2020.1.1883, application passwords were not revoked correctly Reference Links(if available): https://blog.jetbrains.com/blog/2021/05/07/jetbrains-security-bulletin-q1-2021/ https://blog.jetbrains.com CVSS Score (if...
CVE-2021-21655
Summary: A cross-site request forgery (CSRF) vulnerability in Jenkins P4 Plugin 1.11.4 and earlier allows attackers to connect to an...
CVE-2021-23892
Summary: By exploiting a time of check to time of use (TOCTOU) race condition during the Endpoint Security for Linux...
CVE-2021-23891
Summary: Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.32 allows a local user to gain elevated privileges...
CVE-2021-23872
Summary: Privilege Escalation vulnerability in the File Lock component of McAfee Total Protection (MTP) prior to 16.0.32 allows a local...
Hack The Box Walkthrough Guide To: BREACH
Disclaimer: I do NOT want you to read this if you have not even tried to attempt any of it...
“Have I been pwnd?”– What is it and what to do when you *are* pwned
Adobe. Yahoo!. The US Department of Energy (DoE). The New York Times. What these names have in common is that...
Royal Mail phish deploys evasion tricks to avoid analysis
Royal Mail phish scams are still in circulation, slowly upgrading their capabilities with evasion tools deployed in far more sophisticated...
Pega Infinity patches authentication vulnerability
Security researchers came across a Pega Infinity vulnerability through participation in Apple’s bug bounty program, after focusing on vendors that...
The famous Russian-language hacker forum has banned the mention of ransomware
XSS is a well-known forum where users discuss all kinds of vulnerabilities, exploits, malware, and ways to penetrate other people's...
Security Researchers at Tesorion Reveals the Differenece Between NoCry and Judge Ransomware
Earlier this year, researchers at Tesorion published a blog post regarding the analysis of the Judge ransomware. Researchers released a...
Data Breach: Affects Student Health Insurance Carrier guard.me
After a vulnerability enabled a threat attacker to access policyholders' personal details, student health insurance provider guard.me has taken their...
Meal Kit Delivery Scams Increase with Phishing Campaigns
Attackers are sending phishing text messages which appear like authentic correspondence from famous brands, such as HelloFresh and Gousto, and...
Commercial Third Party Code Sources Pose Security Risks
Despite the fact that the use of third-party code in IoT projects has increased by 17 percent in the last...
Overview of Empire 4.0 and C#
The release of Empire 4.0 is just around the corner and we wanted to take some time to walkthrough some...
IPED – Digital Forensic Tool – Process And Analyze Digital Evidence, Often Seized At Crime Scenes By Law Enforcement Or In A Corporate Investigation By Private Examiners
IPED is an open source software that can be used to process and analyze digital evidence, often seized at crime...
Ghidra-Evm – Module For Reverse Engineering Smart Contracts
In the last few years, attacks on deployed smart contracts in the Ethereum blockchain have ended up in a significant...
Hacking the infotainment system used in Mercedes-Benz cars
Security researchers identified five vulnerabilities in the infotainment system in Mercedes-Benz cars, four of them are remotely exploitable. Security researchers...
