U.S. Agencies Warns of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly...
ParkMobile Data Breach: 21Million User Data Exposed
Due to a data breach, the account details of 21 million customers of ParkMobile, a prominent mobile parking app in...
643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo
The issue of data fraud has been on a rapid rise, as of late, and evidently so as data breaches...
University of Hertfordshire Hit by Cyberattack
The University of Hertfordshire has become the most recent victim of a spate of digital assaults against academic institutions after...
IRTriage – Incident Response Triage – Windows Evidence Collection For Forensic Analysis
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions...
PentestBro – Combines Subdomain Scans, Whois, Port Scanning, Banner Grabbing And Web Enumeration Into One Tool
Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses...
Russia-linked APT SVR actively targets these 5 flaws
The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The...
Mirai code re-use in Gafgyt
Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code. ...
Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript...
US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack
The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence...
Chrome users, here’s how to opt out of the Google FLoC trial
Two weeks after Google launched a trial to replace run-of-the-mill online user tracking with new-fangled online user tracking, several companies...
“Huge upsurge” in DDoS attacks during pandemic
Researchers at Netscout have released a report analyzing the malicious internet traffic of 2020 and comparing it to the years...
Malwarebytes releases SMB Cybersecurity Trust & Confidence Report 2021
What can we say about 2020 that hasn’t already been said? Beliefs were shaken. Values were questioned. Truths were tested....
QBot Malware Replaces IcedID in Malspam Campaigns
QBot malware is making a comeback replacing IcedID in Malspam campaigns. Security researchers have noticed that malware distributors are once...
Foreign hackers attack Russian research institutes
Against the backdrop of the pandemic, foreign hackers have increased their activity against Russian research institutes which specialize in developing...
Cracked Version of few Software Steal Session Cookies and Monero Cryptocurrency
Bitdefender which is a Romania-based cybersecurity organization located in Bucharest has recently cautioned that cracked versions of Microsoft Office and...
Capcom Released the Final Update on Ransomware Attack
Capcom, known for multi-million-selling game franchises, announced in November 2020, that it had been hit by a ransomware attack: Hackers...
Defeat-Defender – Powerful Batch Script To Dismantle Complete Windows Defender Protection And Even Bypass Tamper Protection
Powerfull Batch File To Disable Windows Defender,Firewall,Smartscreen And Execute the payloadUsage :Edit Defeat-Defender.bat on this line https://github.com/swagkarna/Defeat-Defender/blob/93823acffa270fa707970c0e0121190dbc3eae89/Defeat-Defender.bat#L72 and replace the...
Swissknife – Scriptable VSCode Extension To Generate Or Manipulate Data. Stop Pasting Sensitive Data In Webpag
The developers swissknife. Do conversions and generations right out of vs code. Extendable with user scripts Available in the Visual...
Cyber thieves move $760 million stolen in the 2016 Bitfinex heist
Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts....
April 2021 Security Patch Day fixes a critical flaw in SAP Commerce
April 2021 Security Patch Day includes 14 new security notes and 5 updates to previously released notes, one of them...
For the second time in a week, a Google Chromium zero-day released online
For the second time in a week, a Chromium zero-day remote code execution exploit code has been released on Twitter, multiple...
WhatsApp flaws could have allowed hackers to remotely hack mobile devices
WhatsApp addressed two security vulnerabilities in its app for Android that could have been exploited to remotely hack the victim’s...
CVE-2021-30185
Summary: CERN Indico before 2.3.4 can use an attacker-supplied Host header in a password reset link. Reference Links(if available): https://github.com/indico/indico/releases/tag/v2.3.4...
