A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism
Crooks are exploiting BTC blockchain transactions to hide backup command-and-control (C2) server addresses for a cryptomining botnet. Security experts from...
CVE-2020-2758
Summary: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior...
CVE-2020-2702
Summary: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior...
CVE-2020-2698
Summary: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior...
CVE-2020-2726
Summary: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior...
CVE-2020-2701
Summary: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior...
LazyScripter: From Empire to double RAT
Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication...
A Crypto Mining Botnet is Abusing Bitcoin Blockchains
Security experts from Akamai have detected another botnet utilized for illegal cryptocurrency mining exercises that are abusing Bitcoin (BTC) transactions...
Experts listed the methods used by fraudsters to obtain personal data
As noted by experts, information leakage in large companies does not often happen, but data theft can occur through contractorsScammers...
Bitcoin Slips 17% to $45,000 as Caution Sweeps Over Crypto
Bitcoin, the world’s largest cryptocurrency slumped as much as 17 percent to $45,000 on Tuesday, sparking concerns from investors over...
Russia Accused by Ukraine for Major Cyber Attacks
Ukraine on Monday alleged major attacks against the Ukrainian security and defense website by unidentified Russian Internet networks but did...
FedEx and DHL Express Hit with Phishing Attacks
Researchers reported on Tuesday that they discovered two email phishing assaults targeting at least 10,000 mailboxes at FedEx and DHL...
BlackMamba – C2/post-exploitation Framework
BlackMamba is a multi client C2/post exploitation framework with some spyware features. Powered by Python 3.8.6 and QT Framework. Some...
BugBountyScanner – A Bash Script And Docker Image For Bug Bounty Reconnaissance
A Bash script and Docker image for Bug Bounty reconnaissance, intended for headless use. Low on resources, high on information...
VMware vCenter Server CVE-2021-21972 Remote Code Execution Vulnerability: What You Need to Know
This blog post was co-authored by Bob Rudis and Caitlin Condon. What’s up?On Feb. 23, 2021, VMware published an advisory...
Software Engineering, Vulnerability and Risk Management: Revolutionizing the Security Landscape at Rapid7
Do you know about CVE-2013-4866? No? It details a hardcoded PIN in a Smart Bidet giving attackers access to the...
APT32 state hackers target human rights defenders with spyware
Vietnam-linked APT32 group targeted Vietnamese human rights defenders (HRDs) between February 2018 and November 2020. Vietnam-linked APT32 (aka Ocean Lotus)...
Airplane manufacturer Bombardier has disclosed a security breach, data leaked online
Hackers posted data stolen from manufacturer of business jets Bombardier on Clop ransomware leak site following alleged FTA hack. Hackers...
VMware addresses a critical RCE issue in vCenter Server
VMware addressed a critical remote code execution flaw, tracked as CVE-2021-21972, in vCenter Server virtual infrastructure management platform. VMware has...
Twitter removes 100 accounts linked to Russia disseminating disinformation
Twitter removed dozens of accounts allegedly used by Russia-linked threat actors to disseminate disinformation and target western countries. Twitter has...
IBM addressed flaws in Java Runtime, Planning Analytics Workspace, Kenexa LMS
IBM has released security patches to address high- and medium-severity vulnerabilities impacting some of its enterprise solutions. IBM has released...
CVE-2020-24606
Summary: Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all...
CVE-2021-0351
Summary: In wlan driver, there is a possible system crash due to a missing bounds check. This could lead to...
CVE-2021-27097
Summary: The boot loader in Das U-Boot before 2021.04-rc2 mishandles a modified FIT. Reference Links(if available): https://github.com/u-boot/u-boot/commit/6f3c2d8aa5e6cbd80b5e869bbbddecb66c329d01 https://github.com/u-boot/u-boot/commit/b6f4c757959f8850e1299a77c8e5713da78e8ec0 https://github.com/u-boot/u-boot/commit/8a7d4cf9820ea16fabd25a6379351b4dc291204b CVSS...
