TsuNAME flaw exposes DNS servers to DDoS attacks
A flaw in some DNS resolvers, tracked as TsuNAME, can allow attackers to launch DDoS attacks against authoritative DNS servers....
A cyberattack shutdown US Colonial Pipeline
A cyberattack forced the shutdown of one of the largest pipelines in the United States, the Colonial Pipeline facility in...
CVE-2021-1501
Summary: A vulnerability in the SIP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2021-1493
Summary: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2021-31919
Summary: An issue was discovered in the rkyv crate before 0.6.0 for Rust. When an archive is created via serialization,...
CVE-2020-7731
Summary: This affects all versions of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML...
Ransomware Hits US Defense Contractor BlueForce
A ransomware attack hit U.S defense contractor Blueforce, says Hatching Triage sample, and a Conti ransomware chat. Ransomware in the...
An Award-Winning iPhone Hack Used by China to Spy on Uyghur Muslims
According to a recent article, the Chinese government used an award-winning iPhone hack first uncovered three years ago at a...
Threat Actors Use Several New Advanced Techniques To Exploit Windows Services
According to the cybersecurity researchers, several fresh techniques, comparatively advanced — are being used by attackers, for exploiting legitimate Windows...
Workings of US Firms Disturbed Due to Covid Surge in Banglore
To say that Bengaluru’s epidemic is huge is an understatement. Bengaluru has more than 65 percent of all active cases...
TsuNAME: New DNS Bug could be used to DDoS Authoritative DNS Servers
Security researchers have found extreme domain name system (DNS) fixes that hackers may use to conduct constructive denial-of-service attacks on...
Kiterunner – Contextual Content Discovery Tool
For the longest of times, content discovery has been focused on finding files and folders. While this approach is effective...
Red-Detector – Scan Your EC2 Instance To Find Its Vulnerabilities Using Vuls.io
Scan your EC2 instance to find its vulnerabilities using Vuls (https://vuls.io/en/). Audit your EC2 instance to find security misconfigurations using...
Microsoft warns of a large-scale BEC campaign to make gift card scam
Microsoft is warning of a large-scale BEC campaign that targeted hundreds of organizations leveraging typo-squatted domains registered days before the...
Russia-linked APT29 group changes TTPs following April advisories
The UK and US cybersecurity agencies have published a report detailing techniques used by Russia-linked cyberespionage group known APT29 (aka...
CVE-2021-25147
Summary: A remote authentication restriction bypass vulnerability was discovered in Aruba AirWave Management Platform version(s) prior to 8.2.12.1. Aruba has...
CVE-2021-21414
Summary: Prisma is an open source ORM for Node.js & TypeScript. As of today, we are not aware of any...
CVE-2021-25811
Summary: MERCUSYS Mercury X18G 1.0.5 devices allow Denial of service via a crafted value to the POST listen_http_lan parameter. Upon...
CVE-2020-21990
Summary: Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due...
Buer malware rewritten in Rust language to curb detection
Ferris, the Rust mascot Developers of the malicious downloader Buer have taken the unusual step of rewriting the malware in...
Millions put at risk by old, out of date routers
Since the first stay-at-home measures were imposed by governments to keep everyone safe from the worsening COVID-19 pandemic, we at...
Google to start automatically enrolling users in two-step verification “soon”
If you use a Google account, it may soon be mandatory to sign up to Google’s two-step verification program. As...
VPN protocols explained and compared
A Virtual Private Network (VPN) creates a safe “tunnel” between you and a computer you trust (normally your VPN provider)...
Weak passwords is one of the main reasons for computer hacking in Russia
According to Sberbank Bi.Zone branch cybersecurity specialists, most users use passwords that are too simple, which cybercriminals can easily guess...
