German Company Hit By Supply Chain Attack, Only Few Device Affected
Gigaset, a German device maker, was recently hit with a supply chain attack, the hackers breached a minimum of one...
Threat Actors are Using Telegram & Google Forms to Obtain Stolen User Data
 Security researchers have noted an increase in the misuse of legitimate services such as Google Forms and Telegram for gathering...
Max – Maximizing BloodHound
Maximizing BloodHound.DescriptionNew Release: dpat - The BloodHound Domain Password Audit Tool (DPAT) A simple suite of tools: get-info - Pull...
NtHiM – Super Fast Sub-domain Takeover Detection
NtHiM - Super Fast Sub-domain Takeover DetectionInstallationMethod 1: Using Pre-compiled BinariesThe pre-compiled binaries for different systems are available in the...
Attackers Targeting Fortinet Devices and SAP Applications
The following blog was co-authored by Caitlin Condon and Bob Rudis, also known (in his own words) as “some caveman...
Kubernetes Namespaces Are Not as Secure as You Think
In a previous article, we described how the usage of namespaces in Kubernetes significantly simplifies the management of a Kubernetes...
Looking Back and Moving Forward With Rapid7’s Cloud Security Solution
This blog post was co-authored by Jamie Gale and Charles Stokes. Done with Q1The DivvyCloud by Rapid7 team has had...
Swarmshop – What goes around comes around: hackers leak other hackers’ data online
Group-IB, a global threat hunting and adversary-centric cyber intelligence company, discovered that user data of the Swarmshop card shop have been leaked...
Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit
Pwn2Own 2021 – Day 2: a security duo earned $200,000 for a zero-interaction Zoom exploit allowing remote code execution. One...
Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof
Days after a massive Facebook data leak made the headlines, 500 million LinkedIn users are being sold online, seller leaked 2 million...
Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE
Cisco has addressed a critical pre-authentication remote code execution (RCE) vulnerability in the SD-WAN vManage Software. Cisco has addressed multiple...
User database was also hacked in the recent hack of PHP ‘s Git Server
The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords....
Man arrested after hired a hitman on the dark web
A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national...
CVE-2020-27952
Summary: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security...
CVE-2020-29611
Summary: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big...
CVE-2021-28165
Summary: In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon...
CVE-2020-29614
Summary: This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001...
CVE-2020-29617
Summary: An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur...
SAP warns of malicious activity targeting unpatched systems
A timely warning to keep systems patched has appeared, via a jointly-released report from Onapsis and SAP. The report details...
Fake Netflix App Spreads Malware via WhatsApp Messages
 Researchers have discovered malware camouflaged as a Netflix application, prowling on the Google Play store, spread through WhatsApp messages. As...
Canadian IoT Solutions Provider, Sierra Wireless Hit by a Ransomware Attack
Sierra Wireless, a Canadian IoT solutions provider said that it has reopened its manufacturing site's production after the company suffered...
Data Stolen from 500 Million LinkedIn Users Leaked Online
 Just days after a Facebook data leak was revealed, security experts have discovered another one, this time the victim being...
The Russian who hacked JPMorgan was demanded $20 million in compensation
In January, Andrei Tyurin was sentenced to 12 years in prison for the largest theft of personal data of bank...
Janeleiro a New Banking Trojan Targeting Corporate, Government Targets
 A banking Trojan has been found out by cybersecurity researchers, which has targeted many organizations across the state of Brazil....
