Cyber Criminals broke into the database of patients of the Russian cancer center and demanded a ransom
The Sverdlovsk Regional Clinical Center was hacked. Svetlana Lavrova, a neurophysiologist, told about this on her Facebook page.“The data of...
The Sverdlovsk Regional Clinical Center was hacked. Svetlana Lavrova, a neurophysiologist, told about this on her Facebook page.“The data of...
In a recent cybersecurity incident, Microsoft reports of a new malware called 'Anubis.' Anubis is not related to any banking...
In August 2020, we published a blog post about Operation PowerFall. This targeted attack consisted of two zero-day exploits: a...
SpaceSiren is a honey token manager and alert system for AWS. With this fully serverless application, you can create and...
LOLBITS is a C2 framework that uses Microsoft's Background Intelligent Transfer Service (BITS) to establish the communication channel between the...
Posted by SEC Consult Vulnerability Lab on Sep 02SEC Consult Vulnerability Lab Security Advisory < 20200902-0 > ======================================================================= title: Multiple...
Each year, Rapid7 penetration testers complete hundreds of internally and externally based penetration testing service engagements. This post is part...
Apple appears to have inadvertently approved OSX.Shlayer malware as part of the security notarization process it has touted would boost...
In August 2020, Experian South Africa suffered a data breach which exposed the personal information of tens of millions of...
Posted by RedTeam Pentesting GmbH on Sep 02Advisory: Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site...
The digital credit card skimming landscape keeps evolving, often borrowing techniques used by other malware authors in order to avoid...
Russian techno enthusiast Pavel Zhovner raised almost $5 million for the production of Tamagotchi for hackers Flipper Zero. The project...
Retail giant Amazon got the approval to deliver their products from the sky (like your package dropped straight from the...
What is “Kill Chain”?From Wikipedia: The term kill chain was originally used as a military concept related to the structure...
A security framework for enterprises and Red Team personnel, supports CobaltStrike's penetration testing of other platforms (Linux / MacOS /...
This blog post is part two of a two-part series. For more insights from Gisela and Carlota, check out part...
Posted by Sandro Gauci on Sep 01# Kamailio vulnerable to header smuggling possible due to bypass of remove_hf - Fixed...
Posted by Ryan Delaney on Sep 01<!-- # Exploit Title: Sagemcom router insecure deserialization > privilege escalation # Date: 08-31-2020...
Posted by Balázs Hambalkó on Sep 01Hi, Title: Authentication bypass via Improper Session Management Product: RoundcubeMail Tested version: 1.4.4 -...
Posted by devsecweb--- via Fulldisclosure on Sep 01Vendor: Bagisto (https://bagisto.com/) Affected version: All Introduction: Bagisto is an open source shop...
Posted by devsecweb--- via Fulldisclosure on Sep 01Vendor: Bagisto (https://bagisto.com/) Affected version: All Introduction: Bagisto is an open source shop...
In macOS Mojave, Apple introduced the concept of notarization, a process that developers can go through to ensure that their...
This week on Lock and Code, we discuss the top security headlines generated right here on Labs and around the...
Cybersecurity experts had a lot to say about possible cybersecurity threats in the USA Black Hat Conference.Main HighlightsUS Presidential ElectionsAs...