Tala Research Shows that European Telecommunication Websites Expose Sensitive Customer Data
In 7 EU countries, Tala assessed the websites of the leading MSPs for the European top mobile providers, data exposure...
Watson – Enumerate Missing KBs And Suggest Exploits For Useful Privilege Escalation Vulnerabilities
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.Supported VersionsWindows 10 1507,...
SharpHound3 – C# Data Collector For The BloodHound Project
Get SharpHoundThe latest build of SharpHound will always be in the BloodHound repository here Compile InstructionsSharpHound is written using C#...
Malware attack on Applus blocked vehicle inspections in some US states
A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies...
Security Affairs newsletter Round 308
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Clop Ransomware operators plunder US universities
Clop ransomware gang leaked online data stolen from Stanford Medicine, University of Maryland Baltimore, and the University of California. Clop...
Data of 533 million Facebook users leaked in a hacking forum for free
On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a...
CVE-2021-21348
Summary: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there...
CVE-2021-21349
Summary: XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there...
CVE-2020-27918
Summary: A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur...
CVE-2020-10663
Summary: The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6...
CVE-2020-7712
Summary: This affects the package json before 10.0.0. It is possible to inject arbritary commands using the parseLookup function. Reference...
Facebook – 2,529,621 breached accounts
In April 2021, a large data set of 533 million Facebook users was made freely available for download. Encompassing approximately...
Russian hackers suspected of stealing thousands of US State Department emails
In 2020, Russian hackers stole thousands of emails from U.S. State Department employees. As Politico reported, this is the second...
Protect Your Android Phones from Android ‘System Update’ Malware
Security researchers at Zimperium zLabs have discovered a new ‘sophisticated’ Android malware posing as a software update application. This malware...
Russian Law Requires Smart Devices To Come Pre-Installed With Domestic Software
Russia is taking security measures against technology that can hurt big tech companies in the region. In light of new...
Mackenzie Scott Scam: Fraudsters asking Fake Donations in Billionaire’s name
A major phishing campaign that reached tens of thousands of inboxes impersonated as MacKenzie Bezos-Scott grant foundation promising monetary advantages...
Hacker Hacks Underground Covid Vaccine Market On Dark Web
In a recent cybersecurity incident, an attacker hacked down a vaccine marketplace that was running on the dark web....
DefenderCheck – Identifies The Bytes That Microsoft Defender Flags On
Quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until...
SharpGPOAbuse – Tool To Take Advantage Of A User’S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights...
Capital One discovered more customers’ SSNs exposed in 2019 hack
More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of...
Activision warns of Call of Duty Cheat tool used to deliver RAT
The popular video game publisher Activision is warning gamers that threat actors are actively disguising a remote-access trojan (RAT) in...
Attackers are abusing GitHub infrastructure to mine cryptocurrency
The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation...
Evolution and rise of the Avaddon Ransomware-as-a-Service
The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware...
