The surge of fake COVID-19 test results, vaccines and vaccination certificates on the Dark Web
Threat actors are offering fake COVID-19 test results and vaccination certificates in blackmarkets and hacking forums on the Dark Web....
30 million Americans affected by the Astoria Company data breach
Researchers discovered the availability in the DarK Web of 30M of records of Americans affected by the Astoria Company data...
Cisco Jabber for Windows, macOS, Android and iOS is affected by a critical issue
Cisco has addressed a critical arbitrary program execution flaw in its Cisco Jabber client software for Windows, macOS, Android, and...
CVE-2021-27587
Summary: When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise...
CVE-2021-27586
Summary: When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual...
CVE-2021-28089
Summary: Tor before 0.4.5.7 allows a remote participant in the Tor directory protocol to exhaust CPU resources on a target,...
CVE-2020-11309
Summary: Use after free in GPU driver while mapping the user memory to GPU memory due to improper check of...
CVE-2021-21349
Summary: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there...
Software renewal scammers unmasked
We’ve been tracking a fraudulent scheme involving renewal notifications for several months now. It came to our attention because the...
GitHub Awards $25,000 Bug Bounty to the Google Employee
GitHub awarded $25,000 to the security researcher, Teddy Katz for discovering a bug and patching it. On March 17, bug...
Russia’s Central Bank has warned of hackers targeting banks’ mobile apps
The Central Bank of Russia has warned of the emergence of a group of hackers investigating vulnerabilities in banks' mobile...
Email Scam Under the Name of IRS Try to gain EFIN of Tax Preparers
A lot of people are familiar with the US Internal Revenue Service (IRS) scam letters about the tax season that...
OSCP-Exam-Report-Template-Markdown – Markdown Templates For Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP Exam Report
I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer...
Kraker – Distributed Password Brute-Force System That Focused On Easy Use
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and...
Rapid7 Recognized as a Strong Performer in the Inaugural Forrester Wave™ for MDR, Q1 2021
Independent research firm cites Rapid7 MDR’s “security professionals with extensive incident response and threat hunting experience” delivering a “white-glove, behavioral...
Billions of FBS Records Exposed in Online Trading Broker Data Leak
Ata Hakcil led the team of white hat hackers from WizCase in identifying a major data leak on online trading broker FBS’...
Black Kingdom ransomware is targeting Microsoft Exchange servers
Security experts reported that a second ransomware gang, named Black Kingdom, is targeting Microsoft Exchange servers. After the public disclosure...
A day before elections, hackers leaked details of millions of Israeli voters
Hackers have exposed personal and voter registration details of over 6.5 million Israeli voters, less than 24 hours before the...
92% of worldwide Microsoft Exchange IPs are now patched or mitigated
Microsoft revealed that 92% of all on-premises Microsoft Exchange servers exposed online affected by the ProxyLogon vulnerabilities are now patched....
Sierra Wireless halted production at its manufacturing sites due to ransomware attack
This week, IoT company Sierra Wireless disclosed a ransomware attack that hit its internal IT systems on March 20 and...
CVE-2021-28789
Summary: The unofficial apple/swift-format extension before 1.1.2 for Visual Studio Code allows remote attackers to execute arbitrary code by constructing...
CVE-2020-25649
Summary: A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw...
CVE-2021-21380
Summary: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
