Nobelium APT Group Uses Custom Backdoor to Target Windows Domains
Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to...
Researchers from Microsoft Threat Intelligence Center (MSTIC) identified FoggyWeb, a new custom malware utilized by the Nobelium APT group to...
Just as the US was completing its withdrawal from Afghanistan, several China-linked cyberespionage groups were seen intensifying attacks on a...
Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted...
The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider...
Facebook released Mariana Trench, an internal open-source tool that can be used to identify vulnerabilities in Android and Java applications....
The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet...
Summary: An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka...
Summary: An elevation of privilege vulnerability exists in Visual Studio and Visual Studio Code when they load software dependencies, aka...
Summary: The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. A malicious actor with network access to...
Summary: A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain...
Summary: WeeChat before 3.2.1 allows remote attackers to cause a denial of service (crash) via a crafted WebSocket frame that...
Summary: A CSRF in Concrete CMS version 8.5.5 and below allows an attacker to duplicate files which can lead to...
Security and privacy advocates may have cause to worry after all: Portpass, a vaccine passport app in Canada, has been...
Microsoft offers to help you with patching Exchange servers, CISA offers an insider threat tool, and together with the NSA...
Instagram has announced it is pausing the development of its newest brainchild, Instagram Kids—a version of Instagram aimed at 10-12-year-olds,...
The Japanese government on Tuesday officially approved a new three-year cybersecurity strategy, where Russia, China and North Korea are mentioned...
Cybersecurity researcher at Comparitech has identified a misconfigured MongoDB database containing a treasure trove of data left uncovered to the...
A fully working exploit for the remote code execution vulnerability in VMware vCenter labelled as CVE-2021-22005 is now publicly accessible,...
One of the prominent targets for hackers is Microsoft Exchange, and the attack vector typically involves a popular vulnerability which...
Hackers have used a credential phishing attack to steal data from Office 365, Google Workspace, and Microsoft Exchange by spoofing...
Background In December 2020, news of the SolarWinds incident took the world by storm. While supply-chain attacks were already a...
WebStor is a tool implemented in Python under the MIT license for quickly enumerating all websites across all of your...
Kodex (Community Edition - CE) is an open-source toolkit for privacy and security engineering. It helps you to automate data...
Security researchers uncovered a massive malware operation, dubbed GriftHorse, that has already infected more than 10 million Android devices worldwide....