SolarWinds Attack: Microsoft sheds lights into Solorigate second-stage activation
Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware...
Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI
Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices....
Logic bugs found in popular apps, including Signal and FB Messenger
Flaws in popular messaging apps, such as Signal and FB Messenger allowed to force a target device to transmit audio...
CVE-2021-21248
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build...
CVE-2021-1701
Summary: Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667,...
CVE-2021-21246
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check...
CVE-2021-21247
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener...
CVE-2021-1704
Summary: Windows Hyper-V Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1704 CVSS Score (if available) v2: / HIGH v3: /...
Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems
Oracle Co-Founder Larry Ellison delivers a keynote address at the Oracle OpenWorld conference in 2006. Researchers discovered a new Internet...
Zoom watermarking: pros and cons
Metadata, which gives background information on pieces of data, is typically hidden. It becomes a problem when accidentally revealed. Often...
3 Unique Procedures to Counter Money Laundering in India
The main weapon used by money launders to launder cash is bitcoin and other cryptocurrencies alternatives. India’s cryptocurrency exchanges deployed...
AnyVan 4.1 Million Users Comprised with Data-Breach
Headquartered in Hammersmith, London (UK)- AnyVan is a European online platform for the patrons to access consignment, transport, and removal...
DMV Warns New Yorkers of Text Phishing Schemes
The New York State Department of Motor Vehicles cautioned New Yorkers of progressing text message phishing schemes. These counterfeit text...
Reconftw – Simple Script For Full Recon
This is a simple script intended to perform a full recon on an objective with multiple subdomains tl;drRequires Go Run...
MobileHackersWeapons – Mobile Hacker’s Weapons / A Collection Of Cool Tools Used By Mobile Hackers
A collection of cool tools used by Mobile hackers. Happy hacking , Happy bug-hunting WeaponsOSTypeNameDescriptionAllAnalysisRMS-Runtime-Mobile-SecurityRuntime Mobile Security (RMS) - is a...
You Can Now Buy (And Renew) Five More Rapid7 Products Through AWS Marketplace
Purchasing software through AWS Marketplace has to be one of the most under-appreciated perks of being an Amazon Web Services...
Livecoin halted operations after the December attack
The Russian cryptocurrency exchange Livecoin has announced it is terminating its operation following the December cyberattack. The Russian cryptocurrency exchange...
FireEye releases an auditing tool to detect SolarWinds hackers’ activity
Cybersecurity firm FireEye has released a report that sheds the light on the SolarWinds attack and the way hackers breached...
Malwarebytes ‘s email systems hacked by SolarWinds attackers
Cyber security firm Malwarebytes announced that threat actor behind the SolarWinds attack also breached its network last year. Malwarebytes revealed...
Raindrop, a fourth malware employed in SolarWinds attacks
The threat actors behind the SolarWinds attack used malware dubbed Raindrop for lateral movement and deploying additional payloads. Security experts...
CVE-2020-8277
Summary: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could...
CVE-2020-9327
Summary: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column...
CVE-2020-9484
Summary: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if...
CVE-2020-9490
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
