APPLE-SA-2020-12-14-7 tvOS 14.3
Posted by Apple Product Security via Fulldisclosure on Dec 15APPLE-SA-2020-12-14-7 tvOS 14.3 tvOS 14.3 addresses the following issues. Information about...
OSINT
APPLE-SA-2020-12-14-6 watchOS 6.3
Posted by Apple Product Security via Fulldisclosure on Dec 15APPLE-SA-2020-12-14-6 watchOS 6.3 watchOS 6.3 addresses the following issues. Information about...
SoReL-20M Sophos & ReversingLabs release 10 million disarmed samples for malware study
Sophos and ReversingLabs released SoReL-20M, a database containing 20 million Windows Portable Executable files, including 10M malware samples. Sophos and...
Apple addressed multiple code execution flaws in iOS and iPadOS
Apple addressed this week serious code execution vulnerabilities that affect its iOS and iPadOS mobile operating systems. Apple released security...
SolarWinds confirmes 18,000 customers may have been impacted
18,000 SolarWinds customers may have been impacted by the attack against its supply chain, the company said in a SEC filing....
SolarWinds advanced cyberattack: What happened and what to do now
Over the weekend we learned more about the sophisticated attack that compromised security firm FireEye, the US Treasury and Commerce...
A week in security (December 7 – December 13)
Last week on Malwarebytes podcast we talked to Doug Levin, founder of the K12 cybersecurity resource center and advisor to the...
Google’s Data Security: How Google Protects your Data from Cyber Threats?
The world is moving very fast towards technology and materialism. Subsequently, it has become increasingly difficult for people to shun...
Adaptive protection against invisible threats
Corporate endpoint security technologies for mid-sized companies struggle to surprise us with anything brand new. They provide reliable protection against...
WSMan-WinRM – A Collection Of Proof-Of-Concept Source Code And Scripts For Executing Remote Commands Over WinRM Using The WSMan.Automation COM Object
A collection of proof-of-concept source code and scripts for executing remote commands over WinRM using the WSMan.Automation COM object.BackgroundFor background...
Stegseek – Worlds Fastest Steghide Cracker, Chewing Through Millions Of Passwords Per Second
Stegseek is a lightning fast steghide cracker that can be used to extract hidden data from files. It is built...
SolarWinds SUNBURST Backdoor Supply Chain Attack: What You Need to Know
On Dec. 12, 2020, FireEye provided detailed information on a widespread attack campaign involving a backdoored component of the SolarWinds...
Details for 1.9M members of Chinese Communist Party Members leaked
Security experts from Cyble discovered that the details of 1.9 million members of the Chinese Communist Party were leaked on...
US Agencies and FireEye were hacked with a supply chain attack on SolarWinds Software
Hackers broke into the networks of federal agencies and FireEye by compromising SolarWinds’ Orion Network Management Products. The cyber espionage...
Robotic Process Automation vendor UiPath discloses data breach
Last week, ZDnet reported in an exclusive that the tech unicorn UiPath admitted having accidentally exposed the personal details of...
Pay2Key hackers stole data from Intel’s Habana Labs
Pay2Key ransomware operators claim to have compromised the network of the Intel-owned chipmaker Habana Labs and have stolen data. ​Intel-owned...
Hacked Subway UK marketing system used in TrickBot phishing campaign
Subway UK confirmed the hack of a marketing system that was used to send out phishing messages to deliver malware to...
In 2020, cybercriminals started laundering four times more money
According to the Kaspersky Fraud Prevention report, in 2020, attackers most often tried to make unauthorized money transfers by using...
Slipstream – NAT Slipstreaming Allows An Attacker To Remotely Access Any TCP/UDP Services Bound To A Victim Machine, Bypassing The Victim’s NAT/firewall, Just By The Victim Visiting A Website
NAT Slipstreaming allows an attacker to remotely access any TCP/UDP services bound to a victim machine, bypassing the victim's NAT/firewall...
403Bypasser – Burpsuite Extension To Bypass 403 Restricted Directory
An burpsuite extension to bypass 403 restricted directory. By using PassiveScan (default enabled), each 403 request will be automatically scanned...
Security Affairs Newsletter is back!
Security Affairs newsletter is back, it is the right time to subscribe to it. Every day I receive several emails...
Security Affairs newsletter Round 293
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs
Researchers have discovered a botnet dubbed PgMiner that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner....
NI CompactRIO controller flaw could allow disrupting production
A serious flaw in National Instruments CompactRIO controllers could allow remote attackers to disrupt production processes in an organization. A...
