OpenCSPM – Open Cloud Security Posture Management Engine
Open Cloud Security Posture Management, OpenCSPM, is an open-source platform for gaining deeper insight into your cloud configuration and metadata...
Recently discovered CVE-2021-3156 SUDO bug also affects macOS Big Sur
Experts warn that the recently discovered heap-based buffer overflow bug in Linux SUDO also impacts the latest version of Apple...
Hackers stole personnel records of software developer Wind River
The global leader of embedded system software Wind River Systems discloses a data breach that resulted in the theft of...
Cyber Defense Magazine – February 2021 has arrived. Enjoy it!
Cyber Defense Magazine February 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 108 pages of...
Police Exam Database Exposes 500K Indian Citizens ’ PII
CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the...
CVE-2020-36207
Summary: An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on...
CVE-2020-36206
Summary: An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and...
CVE-2020-28052
Summary: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method...
CVE-2020-27274
Summary: Some parsing functions in the affected product do not check the return value of malloc and the thread handling...
CVE-2020-27295
Summary: The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on...
Credit card skimmer piggybacks on Magento 1 hacking spree
Back in the fall of 2020 threat actors started to massively exploit a vulnerability in the no-longer maintained Magento 1...
Mensa Website Hacked After Britain’s Smartest Folk Failed To Secure Passwords
 The community of British Mensa, which is popularly known for its people with high IQs, they have failed to...
Medvedev mentions about the possible disconnection of Russia from the global network
Disconnecting Russia from the global network is possible, but the authorities have a plan of action in this case, said...
Hackers Attack Gaming Community Using Supply Chain Attacks
 Researchers at ESET found that NoxPlayer's latest updated mechanism, which is an android emulator for macOS and Windows, was attacked...
Threat Actor Targets Outsourcing Firm Serco Via Babuk Ransomware
The outsourcing company responsible for NHS Test and Trace system in the UK confirmed this week that it was targeted...
FBI Warns Victims Against Scammers Threating with Jail Time
 Recently the US FBI has noted an increase in phone calls that usually spoof the Bureau’s telephone number. The actors...
Uroboros – A GNU/Linux Monitoring And Profiling Tool Focused On Single Processes
Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall...
BurpMetaFinder – Burp Suite Extension For Extracting Metadata From Files
Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains...
Kobalos, a complex Linux malware targets high-performance computing clusters
ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed...
Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs
Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning...
CISA: Many victims of SolarWinds hackers had no direct connection to SolarWinds
The U.S. CISA reveals that many of the victims of the SolarWinds hackers had no direct connection to SolarWinds. The...
Experts discovered a new Trickbot module used for lateral movement
Experts spotted a new Trickbot module that is used to scan local networks and make lateral movement inside the target...
Operation NightScout: supply chain attack on NoxPlayer Android emulator
Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and...
CVE-2020-6105
Summary: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs...
