Threat actor has been targeting the aviation industry since at least 2018
Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection....
Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection....
Summary: A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use...
Summary: Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Reference Links(if available):...
Summary: Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. Reference Links(if available):...
Summary: Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such...
Summary: Tar.php in Archive_Tar through 1.4.11 allows write operations with Directory Traversal due to inadequate checking of symbolic links, a...
Information security specialists from Kaspersky Lab reported that hackers are trying to attack Russian companies through a new vulnerability in...
The Republican Governors Association was one of many U.S. organizations attacked in March when a nation-state group exploited vulnerabilities in...
Cybersecurity researchers at Cofense Phishing Defense Center (PDC) have unearthed a new phishing campaign that uses 'information technology (IT) support-themed...
South Africa's Justice Department was attacked earlier this month by a major ransomware attack and has been struggling since then...
Ransomware has traditionally concentrated on encryption, but one of the most common recent additions is the exfiltration and threatening disclosure...
BatchQL is a GraphQL security auditing script with a focus on performing batch GraphQL queries and mutations. This script is...
Concealed Position is a local privilege escalation attack against Windows using the concept of "Bring Your Own Vulnerability". Specifically, Concealed...
A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and...
Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive...
The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a...
Summary: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.8 and...
Summary: An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS...
Summary: An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS...
Summary: An integer overflow was addressed with improved input validation. This issue is fixed in Security Update 2021-005 Catalina, iOS...
Summary: A crafted method sent through HTTP/2 will bypass validation and be forwarded by mod_proxy, which can lead to request...
Summary: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host...
Summary: An integer overflow exists in HAProxy 2.0 through 2.5 in htx_add_header that can be exploited to perform an HTTP...
For years, people have accused social media, and particularly image-driven sites like Instagram, of being bad for young people, particularly...