OpenWRT forum hacked, intruders stole user data
The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach....
500K+ records of C-level people from Capital Economics leaked online
Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers...
CVE-2021-1719
Summary: Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1712. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1719 CVSS Score...
CVE-2021-3134
Summary: Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878. Reference Links(if available): https://www.cnvd.org.cn/flaw/show/2638444 http://mubu.com/doc/d5501245199 CVSS...
CVE-2021-21006
Summary: Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted...
CVE-2021-21241
Summary: The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a...
CVE-2021-21013
Summary: Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could...
Nitro – 77,159,696 breached accounts
In September 2020, the Nitro PDF service suffered a massive data breach which exposed over 70 million unique email addresses....
What’s up with WhatsApp’s privacy policy?
WhatsApp has been in the news recently after changes to its privacy policy caused a surge of interest in rival...
A week in security (January 11 – January 17)
Last week on Malwarebytes Labs, we looked at IoT problems, Microsoft’s Patch Tuesday, and how cybercriminals want access to your...
Russian hackers hacked the first level Olympiad in a second
A new Olympic season has begun in Russia. Many competitions have been moved online due to the COVID-19 pandemic. The...
Cisco Shows no Intentions on Patching EOL Vulnerabilities
Cisco, an American Multinational Conglomerate stated this week it does not plan on fixing vulnerabilities in end-of-life (EOL) Cisco routers,...
WhatsApp Clients Resort to Other Messaging Platforms
WhatsApp has told its two billion clients they should permit it to share information with its parent organization Facebook if...
Colombian Woman purloin Rs 17.71 Lakh from SBI ATM
Bengaluru Police have confronted a freshly growing crime that goes under the name ATM fraud. In this ATM fraud, the...
BigBountyRecon – This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial...
Token-Hunter – Collect OSINT For GitLab Groups And Members And Search The Group And Group Members’ Snippets, Issues, And Issue Discussions For Sensitive Data That May Be Included In These Assets
Collect OSINT for GitLab groups and members and search the group and group members' snippets, issues, and issue discussions for...
Apple paid a $50,000 bounty to two bug bounty hunters for hacking its hosts
A duo of white hat hackers claims to have earned $50,000 from Apple for reporting serious flaws that allowed them...
Rob Joyce is the new NSA Cyber Director
The U.S. National Security Agency has appointed Rob Joyce as the agency’s new director of cybersecurity, who has long experience...
German laptop retailer fined €10.4m under GDPR for video-monitoring employees
German data regulator LfD announced a €10.4M fine under GDPR against the online laptop and electronic goods retailer NBB for...
President Biden’s Peloton exercise equipment under scrutiny
President Joe Biden can’t bring his Peloton exercise equipment to the White House due to security reasons. According to a...
EMA said that hackers manipulated stolen documents before leaking them
The European Medicines Agency (EMA) revealed Friday that COVID-19 vaccine documents stolen from its servers have been manipulated before the...
CVE-2020-35381
Summary: jsonparser 1.0.0 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via...
CVE-2021-21112
Summary: Use after free in Blink in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap...
CVE-2021-21113
Summary: Heap buffer overflow in Skia in Google Chrome prior to 87.0.4280.141 allowed a remote attacker to potentially exploit heap...
