REvil Ransomware spokesman releases an interview on recent attacks
The REvil ransomware operators said in an interview on the “Russian OSINT” Telegram channel that they accidentally targeted United States-based...
US arrested Latvian woman who developed part of Trickbot malware
The US Department of Justice (DOJ) announced the arrest of a Latvian woman for her alleged role in the development...
CVE-2019-10081
Summary: HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory...
CVE-2019-10097
Summary: In Apache HTTP Server 2.4.32-2.4.39, when mod_remoteip was configured to use a trusted intermediary proxy server using the "PROXY"...
CVE-2019-9517
Summary: Some HTTP/2 implementations are vulnerable to unconstrained interal data buffering, potentially leading to a denial of service. The attacker...
CVE-2020-11993
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic...
Cryptocurrency Addiction: Here’s Alll You Need to Know!
Cryptocurrency addiction is defined as compulsive cryptocurrency trading and related behaviors that have negative implications in a person's life. Cryptocurrency...
Hacking Group DarkSide Attacks Colonial Pipeline With a Ransomware
Hacking group DarkSide, which was behind the recent ransomware attack on Colonial Pipeline, operates in a much common way than...
Serious Flaws Identified in CODESYS Industrial Automation Software
Cybersecurity researchers at Russian cybersecurity firm Positive Technologies discovered as many as ten critical flaws impacting CODESYS automation computer software...
Hackers Reportedly Target Cox Media Group Stations
‘Cox Media Group’, is one of the largest media conglomerates in the United State, earlier today, the organization has to...
VMware Becomes New Target of FreakOut Malware
A new dangerous "Freakout" alias malware campaign has just targeted unpatched Linux workstations that handle Network Attached Storage (NAS) and...
Shepard – In Progress Persistent Download/Upload/Execution Tool Using Windows BITS
This is an IN PROGRESS persistance tool using Windows Background Intelligent Transfer Service (BITS). Functionality: File Download, File Exfiltration, File...
BlackCocaine Ransomware, a new malware in the threat landscape
Cyble researchers investigated a recent attack on an India-based IT firm that was hit by the BlackCocaine Ransomware gang. Recently Cyber researchers for Cyble...
DoJ: Investigations into ransomware attacks must have similar priority as terrorism
The U.S. Department of Justice was to assign investigation on ransomware attacks the same priority as terrorism in the wake...
US CISA published a guide to better use the MITRE ATT&CK framework
The U.S. CISA announced the availability of a new guide for cyber threat intelligence experts on the use of the...
Hackers scan for VMware vCenter servers vulnerable to CVE-2021-21985 RCE
Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware....
Necro Python bot now enhanced with new VMWare, server exploits
Operators behind the Necro Python botnet have added new features to their bot, including VMWare and server exploits. Experts from...
CVE-2015-5232
Summary: Race conditions in opa-fm before 10.4.0.0.196 and opa-ff before 10.4.0.0.197. Reference Links(if available): https://github.com/01org/opa-fm/commit/c5759e7b76f5bf844be6c6641cc1b356bbc83869 https://github.com/01org/opa-fm/commit/5f4087aabb5d03c42738b320af0fc60e9df4d1f7 https://github.com/01org/opa-ff/commit/080ab97461d80a01636f77ba6aecc667c3c0087c https://bugzilla.redhat.com/show_bug.cgi?id=1257098 http://www.openwall.com/lists/oss-security/2015/09/22/17 CVSS...
CVE-2021-33623
Summary: The trim-newlines package before 3.0.1 and 4.x before 4.0.1 for Node.js has an issue related to regular expression denial-of-service...
CVE-2021-33587
Summary: The css-what package before 5.0.1 for Node.js does not ensure that attribute parsing has Linear Time Complexity relative to...
CVE-2021-33558
Summary: Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html,...
CVE-2021-22359
Summary: There is a denial of service vulnerability in the verisions V200R005C00SPC500 of S5700 and V200R005C00SPC500 of S6700. An attacker...
Security pros agree about threats—convincing everyone else is the problem
How about that Colonial Pipeline? As troubling as this event may be, for those of us working in the world of...
Ransomware to be investigated like terrorism
The impact of recent ransomware attacks on vital infrastructure in the US has triggered a reaction from the US Attorney’s...
