150,000 Verkada security cameras hacked—to make a point
Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and...
Several Americans Affected by Netgain Ransomware Attack
The number of Americans influenced by a cyber assault on a cloud facilitating and IT services provider has expanded by...
A Bug in iPhone Call Recording App Exposed Clients Data
A security vulnerability in a famous iPhone call recording application exposed thousands of users' recorded conversations. The flaw was found...
Ryuk Ransomware Hits Spain’s Employment Agency
The Spanish State Employment Service (SEPE) has been targeted by a ransomware attack which has resulted in hundreds of offices...
Norway Parliament, Storting, Hit by a Microsoft Exchange Cyber Attack
Yet again for the second time in about six months, Norway's parliament has been hacked. Government officials acknowledged the infiltration...
Good old malware for the new Apple Silicon platform
Introduction A short while ago, Apple released Mac computers with the new chip called Apple M1. The unexpected release was...
Go-RouterSocks – Router Sock. One Port Socks For All The Others.
The next step after compromising a machine is to enumerate the network behind. Many tools exist to expose a socks...
Internet disruption in Russia coincided with the introduction of restrictions
Experts at the NetBlocks Internet Observatory observed this week a temporary disruption of internet service in Russia due to new...
Researchers warn of a surge in cyber attacks against Microsoft Exchange
Researchers warn of a surge in cyber attacks against Microsoft Exchange servers exploiting the recently disclosed ProxyLogon vulnerabilities. Researchers at...
Malspam campaign uses icon files to delivers NanoCore RAT
Researchers at Trustwave spotted a new malspam campaign that is abusing icon files to trick victims into installing the NanoCore...
Expert publishes PoC exploit code for Microsoft Exchange flaws
This week a security researcher published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers chaining two of ProxyLogon...
Hack the box guide to: Phonebook
Phonebook - 30 points So at always lets fire up burp and visit the page to see what is there...
CVE-2020-27869
Summary: This vulnerability allows remote attackers to escalate privileges on affected installations of SolarWinds Network Performance Monitor 2020 HF1, NPM:...
CVE-2020-27871
Summary: This vulnerability allows remote attackers to create arbitrary files on affected installations of SolarWinds Orion Platform 2020.2.1. Although authentication...
CVE-2020-27874
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Tencent WeChat 7.0.18. User interaction is...
CVE-2020-29020
Summary: Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from...
CVE-2020-29032
Summary: Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious...
Police credit “unlocked” SKY ECC encryption for organized crime bust
At the moment, I’m really torn, and I need your help. Let me tell you what is going on. I...
5 common VPN myths busted
Virtual Private Networks (VPNs) are popular but often misunderstood. There are many misconceptions about them—misconceptions that may be stopping people...
Russian authorities slow access to Twitter over banned content
The Federal Service for Supervision of Communications, Information Technology and Mass Media (Roskomnadzor) accused Twitter of numerous violations and failure...
After OTP Issues,TRAI Suspends New SMS Rules For 7 Days
The Telecom Regulatory Authority of India (TRAI) has temporarily suspended its new rules for curbing spam messages, following major disruptions...
Malware WannaCry And Vulnerability EternalBlue Remain at Large
One specific aspect of malware and one vulnerability continues to develop as security companies have been reconstructing the highest trends...
GitHub Informed Clients of “Potentially Serious” Security Bug
GitHub on Monday informed clients that it had found what it described as an “extremely rare, but potentially serious” security...
Introducing the 2020 Vulnerability Intelligence Report: 50 CVEs that Made Headlines in 2020
2020 was a tumultuous year for vulnerability risk management. Defenders had to contend with a growing volume of high-priority security...
