CVE-2021-33000
Summary: Parsing a maliciously crafted project file may cause a heap-based buffer overflow, which may allow an attacker to perform...
CVE-2021-35448
Summary: Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image...
CVE-2020-9478
Summary: An issue was discovered in Rubrik 5.0.3-2296. An OS command injection vulnerability allows an authenticated attacker to remotely execute...
CVE-2021-32708
Summary: Flysystem is an open source file storage library for PHP. The whitespace normalisation using in 1.x and 2.x removes...
Police seize DoubleVPN data, servers, and domain
A coordinated effort between global law enforcement agencies—led by the Dutch National Police—shut down a VPN service that was advertised...
Babuk ransomware builder leaked following muddled “retirement”
In the last days of April 2021, the operators of Babuk ransomware announced they were going to focus on demanding...
Second colossal LinkedIn “breach” in 3 months, almost all users affected
LinkedIn has reportedly been breached—again—following reports of a massive sale of information scraped from 500M LinkedIn user profiles in the...
Logins and passwords of at least 1.2 million Russians have been leaked online
The credential verification service developed by cybersecurity company BI.ZONE (a subsidiary of Sberbank) has revealed that information about logins and...
Threat Actors Target Aviation Firms Via Spear Phishing Campaign
Fortinet researchers discovered a spear-phishing campaign targeting the aviation industry with malicious download links that distribute the AsyncRAT with a...
Red-Shadow – Lightspin AWS IAM Vulnerability Scanner
Scan your AWS IAM Configuration for shadow admins in AWS IAM based on misconfigured deny policies not affecting users in...
Forblaze – A Python Mac Steganography Payload Generator
Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C...
Colombian authorities arrested hacker behind the Gozi Virus
Colombian authorities arrested a Romanian hacker who is wanted in the U.S. for distributing the Gozi virus that already infected...
Russian-based DoubleVPN seized by law enforcement
Law enforcement seized the servers and customer logs for DoubleVPN, a double-encryption service widely used by threat actors for malicious...
SolarWinds hackers remained hidden in Denmark’s central bank for months
Russia-linked threat actors compromised Denmark’s central bank (Danmarks Nationalbank) and remained in its systems for months. Russia-linked threat actors infected...
New LinkedIn breach exposes data of 700 Million users
A new massive LinkedIn breach made the headlines, the leak reportedly exposes the data of 700M users, more than 92%...
PoC exploit for CVE-2021-1675 RCE started circulating online
Proof-of-concept exploit code for CVE-2021-1675 flaw, an attacker could exploit it to compromise Windows systems. Proof-of-concept exploit code for the...
CVE-2021-25653
Summary: A privilege escalation vulnerability was discovered in Avaya Aura Appliance Virtualization Platform Utilities (AVPU) that may potentially allow a...
CVE-2021-21737
Summary: A smart STB product of ZTE is impacted by a permission and access control vulnerability. Due to insufficient protection...
CVE-2021-25923
Summary: In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum...
CVE-2021-33537
Summary: In Weidmueller Industrial WLAN devices in multiple versions an exploitable remote code execution vulnerability exists in the iw_webs configuration...
CVE-2020-28097
Summary: The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka...
Fired by algorithm: The future’s here and it’s a robot wearing a white collar
Black Mirror meets 1984. Imagine that your employer uses a bot to keep track of your “production level.” And when...
CVE-2021-1675 – Microsoft / Windows – RCE
Summary: CVE-2021-1675 is a remote code execution (RCE) vulnerability impacting multiple products and versions of Microsoft Windows. A proof of...
5G Security Vulnerabilities Concern Mobile Operators
As 5G private networks become more widely available in the next years, security may become a major concern for businesses....
