FBI warns of ransomware attacks targeting the food and agriculture sector
FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. The FBI Cyber Division issued a...
Security
Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation
SolarWinds did not enable anti-exploit mitigation available since 2006 allowing threat actors to target SolarWinds Serv-U FTP software in July...
WhatsApp CVE-2020-1910 bug could have led to user data exposure
The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. A high-severity...
New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices
Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash...
WhatsApp hit with €225 million fine for GDPR violations
WhatsApp was hit with a €225 million fine for violating the General Data Protection Regulation (GDPR), the European Union’s sweeping...
Vulnerable WordPress plugin leaves online shoppers vulnerable
The most popular web content management system (CMS) is WordPress, which is used by more than 30% of all websites....
BrakTooth Bluetooth vulnerabilities, crash all the devices!
Security researchers have revealed details about a set of 16 vulnerabilities that impact the Bluetooth software stack that ships with...
NSA Issues FAQs on Quantum Computing and Post-Quantum Cryptography
As concerns regarding quantum computing and post-quantum cryptography are overtaking the forefront of cryptographic discussions, especially in areas associated with...
The largest Internet companies of the Russian Federation signed the charter for the safety of children on the Internet
On Wednesday, September 1, Russian Internet companies, media holdings and telecom operators signed a charter on the safety of children...
US Government Comes Up With A Plan to Restrict Cyberattacks
Ransomware attacks are at an all time high in the United States, hackers are disrupting computer systems administering crucial infrastructure...
White House Directs Federal Agencies to Improve Logging Capabilities
The White House has directed federal agencies to improve their logging capabilities in order to accelerate cybersecurity incident response, according...
Hackers are Selling Tool to Hide Malware in GPUs
Cybercriminals are moving towards malware attacks that can execute code from a hacked system's graphics processing unit (GPU). Although the...
QakBot technical analysis
Main description QakBot, also known as QBot, QuackBot and Pinkslipbot, is a banking Trojan that has existed for over a...
Community Contributors Program
Now that Defcon and Blackhat are checked off for the year, we can get back to real work the fun...
KnockOutlook – A Little Tool To Play With Outlook
"The best feeling is to win by knockout." - Nonito Donaire OverviewKnockOutlook is a C# project that interacts with Outlook's...
Assless-Chaps – Crack MSCHAPv2 Challenge/Responses Quickly Using A Database Of NT Hashes
Crack MSCHAPv2/NTLMv1 challenge/responses quickly using a database of NT hashes IntroductionAssless CHAPs is an efficient way to recover the NT...
Attackers are attempting to exploit recently patched Atlassian Confluence CVE-2021-26084 RCE
Threat actors are actively exploiting a recently patched vulnerability in Atlassian’s Confluence enterprise collaboration product. Threat actors were spotted exploiting...
Cyber Defense Magazine – September 2021 has arrived. Enjoy it!
Cyber Defense Magazine September 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with 161 pages of excellent...
Cisco fixes a critical flaw in Enterprise NFVIS for which PoC exploit exists
Cisco released patches for a critical authentication bypass issue in Enterprise NFV Infrastructure Software (NFVIS) for which PoC exploit code...
Google paid over $130K in bounty rewards for the issues addressed with the release of Chrome 93
Google announced the release of Chrome 93 that addresses 27 security vulnerabilities, 19 issues were reported through its bug bounty...
Mozi infections will slightly decrease but it will stay alive for some time to come
The Mozi botnet continues to spread despite the arrest of its alleged author and experts believe that it will run...
QNAP will patche OpenSSL flaws in its NAS devices
Network-attached storage (NAS) appliance maker QNAP is working on security patches for its products affected by recently fixed OpenSSL flaws. Taiwanese...
FTC bans SpyFone and its CEO from continuing to sell stalkerware
Nearly two years after the US Federal Trade Commission first took aim against mobile apps that can non-consensually track people’s...
Google Play sign-ins can be abused to track another person’s movements
Even people that have been involved in cybersecurity for over 20 years make mistakes. I’m not sure whether that is...
