Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is...
Security
How COVID-19 Reinforced the Need for Mobile Device Management
How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable...
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack
An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack....
US Govt kicked off ‘Hack the Army 3.0’ bug bounty program
The U.S. government is going to launch the ‘Hack the Army 3.0’ bug bounty program in collaboration with the HackerOne...
SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes
The US DoJ revealed that threat actors behind the SolarWinds attack have gained access to roughly 3% of the department’s...
WhatsApp will share your data with Facebook and its companies
WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving...
Google fixed a critical Remote Code Execution flaw in Android
Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google...
Retrohunting APT37: North Korean APT used VBA self decode technique to inject RokRat
This post was authored by Hossein Jazi On December 7 2020 we identified a malicious document uploaded to Virus Total...
Adobe Flash Player reaches end-of-life
“What now? My farm is no longer working. Can you have a look, honey?” Like millions of other people my...
US Intelligence Task Force Accuses Russia Of Cyber Attack
Previously, US President Donald Trump had accused China of malicious security incidents; security experts and officials have suspected China...
Juspay, the Payment Platform of Leading Online Merchants Amazon and Swiggy Suffers Data Breach
Juspay, the payment processor of prime online merchants like Amazon and Swiggy was hit by a massive data breach and...
Russian experts give tips on how to prevent personal data leakage
In Russia, the number of cyber attacks increased by almost a quarter in the first quarter of 2020, said Anton...
India the Internet Blackout Capital of the World
Cutting off the internet and its services has become a trend in a country like India. The government claims that...
NameSouth’s Data Leaked for not Paying Ransom to Cybercriminals
NameSouth is by all accounts the most recent casualty of the ransomware group that surfaced at some point in 2019....
Hack-Tools v0.3.0 – The All-In-One Red Team Extension For Web Pentester
The all-in-one Red Team browser extension for Web PentestersHackTools, is a web extension facilitating your web application penetration tests, it...
[KIS-2021-01] IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability
Posted by Egidio Romano on Jan 06----------------------------------------------------------------------------- IPS Community Suite <= 4.5.4 (Downloads REST API) SQL Injection Vulnerability ----------------------------------------------------------------------------- Software...
Backdoor.Win32.Zombam.k / Remote Stack Buffer Overflow
Posted by malvuln on Jan 06Discovery / credits: malvuln - Malvuln.com (c) 2021 Original source:https://malvuln.com/advisory/79d9908b6769e64f922e74a090f5ceeb.txt Contact: malvuln13 () gmail com...
Files.com – Auth Bypass (Fat Client)
Posted by Balázs Hambalkó on Jan 06Hi, Vendor: Files.com Product: Fat Client Tested version: 3.3.6 but newer version high likely...
CVE-2020-24386: IMAP hibernation allows accessing other peoples mail
Posted by Aki Tuomi on Jan 06Open-Xchange Security Advisory 2021-01-04 Product: Dovecot Vendor: OX Software GmbH Internal reference: DOP-2009 (Bug...
What’s New in InsightVM: Q4 2020 in Review
Improvements made to the Goals and SLAs wizardWe’re excited to announce that creating a goal or SLA in InsightVM just...
Fake Trump sex video used to spread QNode RAT
Researchers uncovered a malspam campaign that spreads the QNode remote access Trojan (RAT) using fake Trump’s sex scandal video as...
Recently disclosed CVE-2020-29583 Zyxel flaw already under opportunistic attack
Threat actors are attempting to hack Zyxel devices exploiting the recently disclosed vulnerability CVE-2020-29583, security researchers warn. The Taiwanese vendor...
FBI, CISA, ODNI and NSA blames Russia for SolarWinds hack
A joint statement issued by US security agencies confirmed that Russia was likely the origin of the SolarWinds supply chain...
New ElectroRAT employed in a wide-ranging operation targeting cryptocurrency users
Researchers uncovered a large scale operation targeting cryptocurrency users with a previously undetected multiplatform RAT named ElectroRAT. Security researchers from...
