CVE-2021-40449 – Microsoft / Windows – Privilege escalation
Summary: CVE-2021-40449 is a privilege escalation vulnerability impacting multiple products and versions of Microsoft Windows. A proof of concept (PoC)...
Summary: CVE-2021-40449 is a privilege escalation vulnerability impacting multiple products and versions of Microsoft Windows. A proof of concept (PoC)...
Threat actors are using mathematical symbols on impersonated company logos to evade detection in phishing campaigns. Researchers from anti-phishing cybersecurity...
A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A...
Executive Summary In late August and early September 2021, Kaspersky technologies detected attacks with the use of an elevation of...
Straight from the sunny UK to the stage of SAS-at-Home 2021, John Southworth (PwC) will be giving some insights about...
How to build up a fascinating story from a hardcore APT report? Where to find details and how to work...
During the ‘Operation Software Concepts: A Beautiful Envelope for Wrapping Weapon‘ talk on SAS-at-Home 2021, Rintaro Koike, Shogo Hayashi and...
The FreakOut (aka Necro, N3Cr0m0rPh) Python botnet evolves, it now includes a recently published PoC exploit for Visual Tools DVR....
Adobe addressed ten vulnerabilities across its Acrobat and Reader, Connect, Commerce, and Campaign Standard products. Adobe has released security updates...
Shisho is a lightweight Try at PlaygroundYou can try Shisho at our playground. Try with DockerYou can try shisho in...
In an effort to better understand and clamp down on the ransomware economy and its related use of cryptocurrencies, US...
Olympus US was forced to take down IT systems in the American region (U.S., Canada, and Latin America) following a...
Apple has released a security update for iOS and iPad that addresses a critical vulnerability reportedly being exploited in the...
On September 14, the US Department of Justice announced that it had resolved an earlier investigation into an international cyber...
Git GUI client GitKraken team fixed a flaw that lead to the generation of weak SSH keys, users are recommended...
Many companies set up phishing test programs for their employees, often as part of a compliance requirement involving ongoing employee...
Summary: A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12,...
Summary: A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12,...
Summary: A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software...
Summary: A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker...
Summary: SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation. Reference Links(if available): https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_22 https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33 https://github.com/salesagility/SuiteCRM...
The start of fall 2021 saw the fourth Objective by the Sea (OBTS) security conference, which is the only security...
In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug...
Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based...