CVE-2020-2501 – QNAP / Surveillance Station – Out-of-bounds write
Summary: CVE-2020-2501 is an out-of-bounds write vulnerability impacting multiple versions of QNAP Surveillance Station. An exploit was observed in open...
Microsoft Issues an Advisory on ProxyShell Vulnerabilities
 Microsoft this week published guidance about three vulnerabilities referred to collectively as ProxyShell days after security researchers at the U.S....
Cisco Published Two Critical and Six High-Severity Patches for Nexus Gear
 The American multinational technology conglomerate corporation Cisco Systems, based in San Jose, California - has published six security patches for...
F5 Security Patched Severe Vulnerabilities in its BIG-IP Networking Device
 F5 Security has patched over a dozen critical-severity vulnerabilities in its BIG-IP networking device, including one which was classified as...
CISA Published MARs on Samples Targeting Pulse Secure Devices
 Five new research reports outlining malware detected on compromised Pulse Secure devices were issued this week by the US Cybersecurity...
AVOS Locker Ransomware Victim: Master Chemical
AvosLocker Ransomware SummaryVictim Name: Master ChemicalMaster Chemical suffered a breach and this is a sample of the files we've downloaded...
Huan – Encrypted PE Loader Generator
Huan is an encrypted PE Loader Generator that I developed for learning PE file structure and PE loading processes. It...
Pantagrule – Large Hashcat Rulesets Generated From Real-World Compromised Passwords
gargantuan hashcat rulesets generated from compromised passwords Project maintenance warning: This project is deemed completed. No pull requests or changes...
Phorpiex botnet shuts down and authors put source code for sale
Crooks behind the Phorpiex botnet have shut down their operations and put the source code for sale on the dark...
Atlassian released security patches to fix a critical flaw in Confluence
Atlassian released patches to fix a critical flaw, tracked as CVE-2021-26084, affecting the Confluence enterprise collaboration product. Atlassian released security patches...
An RCE in Annke video surveillance product allows hacking the device
Researchers from Nozomi Networks discovered a critical vulnerability that can be exploited to hack a video surveillance product made by...
ChaosDB, a Critical Cosmos DB flaw affected thousands of Microsoft Azure Customers
Microsoft has fixed a critical flaw in Cosmos DB that allowed any Azure user to remotely take over other users’...
BlackMatter Ransomware Victim: Diamond Schmitt
BlackMatter Ransomware NOTE: The information on this page is automated and scraped directly from the BlackMatter Onion Dark Web Tor...
CVE-2021-35940
Summary: An out-of-bounds array read in the apr_time_exp*() functions was fixed in the Apache Portable Runtime 1.6.3 release (CVE-2017-12613). The...
CVE-2020-18754
Summary: An information disclosure vulnerability exists within Dut Computer Control Engineering Co.'s PLC MAC1100. Reference Links(if available): https://github.com/Ni9htMar3/vulnerability/blob/master/PLC/DCCE/DCCE%20MAC1100%20PLC_leak.md CVSS Score...
CVE-2020-36478
Summary: An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
CVE-2019-15544
Summary: An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve...
CVE-2021-33909 – Linux Foundation / Linux kernel – Out-of-bounds write
Summary: CVE-2021-33909 is an out-of-bounds write vulnerability impacting Linux kernel before version 5.13.4. An exploit was observed in open source...
Microsoft warns about phishing campaign using open redirects
The Microsoft 365 Defender Threat Intelligence Team posted an article stating that they have been tracking a widespread credential phishing...
How to stay secure from ransomware attacks this Labor Day weekend
Labor Day weekend is just around the corner and, believe it or not, cybercriminals are likely just as excited as you are! ...
Russians began to complain more often about hacking accounts on Public Services
DeviceLock, a Russian manufacturer of anti-data leakage systems, reported that the number of complaints about attempts to hack accounts on...
Threat Actors Abuse Top 15 Flaws Millions of Times to Target Linux Systems
 Researchers at Trend Micro, have identified and flagged nearly 14 million Linux-based systems that are directly exposed to the internet,...
Leaked Emails Shows ULA Conspire against Elon Musk and SpaceX
 According to an apparent email leak, the United Launch Alliance, a major SpaceX competitor, was planning to promote conspiracy stories...
