CVE-2021-33773
Summary: Windows Remote Access Connection Manager Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-33761, CVE-2021-34445, CVE-2021-34456. Reference...
CVE-2021-33772
Summary: Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-31183, CVE-2021-34490. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33772...
CVE-2021-33771
Summary: Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-34514. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33771 CVSS...
CVE-2021-33768
Summary: Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33768...
CVE-2021-33766
Summary: Microsoft Exchange Information Disclosure Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-33766 https://www.zerodayinitiative.com/advisories/ZDI-21-798/ CVSS Score (if available) v2: / MEDIUM v3: /...
SonicWall warns users of “imminent ransomware campaign”
SonicWall has issued an urgent security notice warning users of unpatched End-Of-Life (EOL) SRA & SMA 8.X remote access devices...
Ransomware’s Russia problem
This blog post was written in collaboration with members of the Threat Intelligence Team. Last week, US news outlet NBC...
ESET: new generation viruses will be able to imitate human behavior
Experts have named the main cyberthreats posed by the spread of artificial intelligence (AI) technologiesAnalysts predict the growth of the...
Chinese Hackers Exploit New SolarWinds Zero-Day in Targeted Attacks
Microsoft Threat Intelligence Centre (MSTIC) on Tuesday revealed a zero-day remote code execution exploit, being used to attack SolarWinds Serv-U...
Updated Joker Malware Floods into Android Apps
The Joker mobile virus has made its entry back on Google Play with an increase in malicious Android apps that...
APT Malicious Campaigns Target Asian Entities
Researchers from Kaspersky have reported that hundreds of individuals from South East Asia, including Myanmar and the government of the...
Criminals Targeted Security Gaps at Financial Services Firms as Employees Moved to WFH
According to a report released on Tuesday by the international Financial Stability Board (FSB), criminals targeted security flaws at financial...
Ventoy – A New Bootable USB Solution
Ventoy is an open source tool to create bootable USB drive for ISO/WIM/IMG/VHD(x)/EFI files. With ventoy, you don't need to...
Redteam-Hardware-Toolkit – Red Team Hardware Toolkit
A collection of hardware s that aid in red team operations. This repository will help you during red team engagement....
SonicWall warns of ‘imminent ransomware’ attacks on its EOL products
SonicWall has issued an urgent security alert to warn customers of “an imminent ransomware campaing” targeting EOL equipment. SonicWall has...
macOS: Bashed Apples of Shlayer and Bundlore
Uptycs threat research team analyzed macOS malware threat landscape and discovered that Shlayer and Bundlore are the most predominant malware....
Google: four zero-day flaws have been exploited in the wild
Google security experts revealed that Russia-linked APT group targeted LinkedIn users with Safari zero-day. Security researchers from Google Threat Analysis Group (TAG)...
China-linked LuminousMoth APT targets entities from Southeast Asia
LuminousMoth: Kaspersky uncovered an ongoing and large-scale APT campaign that targeted government entities in Southeast Asia, including Myanmar and the...
CVE-2021-36122
Summary: An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access/EligFeedParse_Sup/UnzipFile_Upd.cfm is susceptible to a command argument...
CVE-2021-0600
Summary: In onCreate of DeviceAdminAdd.java, there is a possible way to mislead a user to activate a device admin app...
CVE-2021-36121
Summary: An issue was discovered in Echo ShareCare 8.15.5. The file-upload feature in Access/DownloadFeed_Mnt/FileUpload_Upd.cfm is susceptible to an unrestricted upload...
CVE-2021-30547
Summary: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform...
CVE-2020-19907
Summary: A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows authenticated attackers to execute any...
Is crypto’s criminal rollercoaster approaching a terminal dip?
It’s a turbulent time in the cryptomining realm, especially for malware authors. Some big attacks and a lot of publicity...
