Hackers are selling access to Biochemical systems at Oxford University Lab
Hackers have broken into the biochemical systems of an Oxford University lab where researchers are working on the study of...
Dutch Research Council (NWO) confirms DoppelPaymer ransomware attack
Dutch Research Council (NWO) confirmed that the recent cyberattack that forced it to take its servers offline was caused by...
China-linked TA413 group target Tibetan organizations
The Chinese hacking group, tracked as TA413, used a malicious Firefox add-on in a cyberespionage campaign aimed at Tibetans. China-linked...
Cisco fixes three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS
Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine,...
North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor
North Korea-linked Lazarus APT group has targeted the defense industry with the custom-backdoor dubbed ThreatNeedle since 2020. North Korea-linked Lazarus...
CVE-2020-11296
Summary: Arithmetic overflow can happen while processing NOA IE due to improper error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon...
CVE-2020-11194
Summary: Possible out of bound access in TA while processing a command from NS side due to improper length check...
CVE-2020-11287
Summary: Allowing RTT frames to be linked with non randomized MAC address by comparing the sequence numbers can lead to...
CVE-2020-11177
Summary: User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting...
CVE-2021-23337
Summary: All versions of package lodash; all versions of package org.fujion.webjars:lodash are vulnerable to Command Injection via template. Reference Links(if...
Scammers, profiteers, and shady sites? It must be tax season
US tax season is upon us, a time of the year when a special kind of vermin comes crawling out...
The head of Microsoft announced evidence of the involvement of Russian intelligence in the cyber attack
Approximately 100 US companies and nine government agencies were affected by the hack using Orion software of SolarWinds, which is...
Private Information of 50,000 French Healthcare Workers Stolen
French authorities unearthed a glut of stolen credentials on the dark web, apparently belonging to the healthcare workers. The authorities...
Total Cookie Protection Launched in The New Upgrade of Firefox
Mozilla's latest Firefox 86 has been rolled -out for desktop, Mac, Windows, and Linux platforms. The browser upgrade brings features...
Lazarus targets defense industry with ThreatNeedle
Lazarus targets defense industry with ThreatNeedle (PDF) We named Lazarus the most active group of 2020. We’ve observed numerous activities...
ScareCrow – Payload Creation Framework Designed Around EDR Bypass
If you want to learn more about the techniques utlized in this framework please take a look at Part 1...
APT-Hunter – Threat Hunting Tool For Windows Event Logs Which Made By Purple Team Mindset To Provide Detect APT Movements Hidden In The Sea Of Windows Event Logs To Decrease The Time To Uncover Suspicious Activity
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements...
Kali Linux 2021.1 – Penetration Testing and Ethical Hacking Linux Distribution
Time for another Kali Linux release! – Kali Linux 2021.1. This release has various impressive updates. The summary of the changelog...
Building a Holistic VRM Strategy That Includes the Web Application Layer
Building security into your overall vulnerability risk management (VRM) strategy is a must-do in the age of the all-important web...
Multiple Unauthenticated Remote Code Control and Execution Vulnerabilities in Multiple Cisco Products
What’s up?On Feb. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations...
Google discloses technical details of Windows CVE-2021-24093 RCE flaw
Google Project Zero team disclosed the details of a recently patched remote code execution vulnerability (CVE-2021-24093) in Windows Operating system....
Thousands of VMware Center servers exposed online and potentially vulnerable to CVE-2021-21972 flaw
A Chinese security researcher published a PoC code for the CVE-2021-21972 vulnerability in VMware Center, thousands of vulnerable servers are exposed online....
Ukraine: nation-state hackers hit government document management system
Ukraine ‘s government attributes a cyberattack on the government document management system to a Russia-linked APT group. The Ukraine ‘s...
A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism
Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from...
