Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw
Apache Software Foundation has released HTTP Web Server 2.4.51 to completely address a vulnerability that has been actively exploited in...
Ransomware in the CIS
Introduction These days, when speaking of cyberthreats, most people have in mind ransomware, specifically cryptomalware. In 2020–2021, with the outbreak...
FIN12 ransomware gang don’t implement double extortion to prioritize speed
Researchers detailed the activities of the FIN12 ransomware group that earned million of dollars over the past years. Researchers from...
Attack-Surface-Framework – Tool To Discover External And Internal Network Attack Surface
ASF aims to protect organizations acting as an attack surface watchdog, provided an “Object” which might be a: Domain, IP...
US Navy ship Facebook page hijacked to stream video games
The official Facebook page of the US Navy’s destroyer-class warship, USS Kidd, has been hijacked. According to Task & Purpose,...
PoC exploit for 2 flaws in Dahua cameras leaked online
A proof of concept exploit for two authentication bypass vulnerabilities in Dahua cameras is available online, users are recommended to...
CVE-2021-39836
Summary: Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free...
CVE-2021-1565
Summary: Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software...
CVE-2021-37273
Summary: A Denial of Service issue exists in China Telecom Corporation EPON Tianyi Gateway ZXHN F450(EPON ONU) 3.0. Tianyi Gateway...
CVE-2021-36297
Summary: SupportAssist Client version 3.8 and 3.9 contains an Untrusted search path vulnerability that allows attackers to load an arbitrary...
CVE-2021-41104
Summary: ESPHome is a system to control the ESP8266/ESP32. Anyone with web_server enabled and HTTP basic auth configured on version...
Fantasy Football Hub – 66,479 breached accounts
In October 2021, the fantasy premier league (soccer) website Fantasy Football Hub suffered a data breach that exposed 66 thousand...
SpoolSploit – A Collection Of Windows Print Spooler Exploits Containerized With Other Utilities For Practical Exploitation
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.SummarySpoolSploit is a collection of Windows print...
Stop. Do you really need another security tool?
The last few years have seen a mushrooming of the number and type of security tools that organizations can use...
Twitch data breach updates: login credentials or card numbers not exposed
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent...
Google to auto-enrol users, YouTubers into 2SV
Google’s announced some changes to how it’s helping millions of its users stay safe and secure. The biggest of those...
Operation GhostShell: MalKamak APT targets aerospace and telco firms
Operation GhostShell: Threat actors used ShellClient malware in cyberespionage campaigns aimed at companies in the aerospace and telecommunications sectors. Hackers...
Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs
Resecurity researchers dumped Gigabytes of data from Agent Tesla C2Cs, one of the most well-known cyberespionage tools suffers a data...
Twitch source code and sensitive data leaked online
An anonymous individual has leaked the source code and data of the popular video streaming platform Twitch via a torrent...
Smersh – A Pentest Oriented Collaborative Tool Used To Track The Progress Of Your Company’S Missions
Smersh is a pentest oriented collaborative tool used to track the progress of your company's missions and generate rapport.Preview front...
What special needs kids need to stay safe online
Online safety is hard enough for most adults. We reuse weak passwords, we click on suspicious links, and we love...
Patch now! Apache fixes zero-day vulnerability in HTTP Server
The Apache HTTP Server 2.4.49 is vulnerable to a flaw that allows attackers to use a path traversal attack to...
CVE-2020-26217
Summary: XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary...
CVE-2021-27034
Summary: A heap-based buffer overflow could occur while parsing PICT or TIFF files in Autodesk 2018, 2017, 2013, 2012, 2011....
