CVE-2021-30359
Summary: The Harmony Browse and the SandBlast Agent for Browsers installers must have admin privileges to execute some steps during...
CVE-2021-42107
Summary: Unnecessary privilege vulnerabilities in Trend Micro Apex One, Apex One as a Service, Worry-Free Business Security 10.0 SP1 and...
CVE-2021-42108
Summary: Unnecessary privilege vulnerabilities in the Web Console of Trend Micro Apex One, Apex One as a Service and Worry-Free...
The 9th edition of the ENISA Threat Landscape (ETL) report is out!
I’m proud to announce the release of the 9th edition of the ENISA Threat Landscape (ETL) on the state of...
Watch out for the Steam skin “free knife” scam
Have you ever had someone run up to you in the street and insist you take their free knife? I...
Update now! Apple patches bugs in iOS and iPadOS
On two consecutive days Apple has released a few important patches. iOS 14.8.1 comes just a month after releasing iOS...
Lorsrf – SSRF Parameter Bruteforce
Bruteforcing on Hidden parameters to find SSRF vulnerability using GET and POST MethodsNOTELorsrf has been added to scant3r with useful...
CVE-2018-12613 – phpMyAdmin / phpMyAdmin – Improper authentication
Summary: CVE-2018-12613 is an improper authentication vulnerability impacting phpMyAdmin versions 4.8.1 and earlier. An exploit was observed in open source...
North Korea-linked Lazarus APT targets the IT supply chain
North Korea-linked Lazarus APT group is extending its operations and started targeting the IT supply chain on new targets. North...
Operations at Iranian gas stations were disrupted today. Cyber attack or computer glitch?
A cyberattack has disrupted gas stations from the National Iranian Oil Products Distribution Company (NIOPDC) across Iran. A cyber attack...
APT trends report Q3 2021
For more than four years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of...
Dark HunTOR: Police arrested 150 people in dark web drug bust
Dark HunTOR: Police corps across the world have arrested 150 individuals suspected of buying or selling illicit goods on the...
Keeweb – Free Cross-Platform Password Manager Compatible With KeePass
This webapp is a browser and desktop password manager compatible with KeePass databases. It doesn't require any server or additional...
Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv
A researcher from the security firm CyberArk has managed to crack 70% of Tel Aviv’s Wifi Networks starting from a...
How social media mistakes can impact cybersecurity
We talked to members of our Malware Removal Support team and asked them what kind of problems they get asked...
Ranzy Locker ransomware hit tens of US companies in 2021
The FBI published a flash alert to warn of the activity of the Ranzy Locker ransomware that had already compromised...
Patch now to bypass Firefox add-ons that abuse the proxy API to deny updates
In a Firefox security announcement, Mozilla said 455,000 users have downloaded Firefox add-ons that interfere with how they connect to...
CVE-2021-35570
Summary: Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component: Admin UI). Supported versions that are...
CVE-2021-1529
Summary: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute...
CVE-2021-1529
Summary: A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute...
CVE-2021-35566
Summary: Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Diagnostics). Supported versions that are affected are...
CVE-2021-35585
Summary: Vulnerability in the Oracle Incentive Compensation product of Oracle E-Business Suite (component: User Interface). Supported versions that are affected...
CVE-2021-35583
Summary: Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Windows). Supported versions that are affected are 8.0.25...
CVE-2021-0186 – Intel Corporation / SGX SDK – Improper input validation
Summary: CVE-2021-0186 is an improper input validation vulnerability impacting Intel SGX SDK for Windows versions 2.12 and earlier and Intel...
