Chrome heap buffer overflow in freetype2 CVE-2020-15999
Posted by Marcin Kozlowski on Oct 30Hi list, Debugged this issue, but somehow cannot trigger the crash in Chrome. Seems...
Security
HP printer issue on Mac: What happened?
Apple holds the keys to nearly all recent Mac software. This is a story of those keys, and how a...
US Security Department Issue Potential Trickbot and Malware Attack Warning to Health Department
The United States Healthcare providers have been alerted to vary of Trickbot and ransomware attacks by their Homeland Security department....
Russian Hackers Infiltrate U.S Government Networks and Steal Data
In a recent cybersecurity incident, the U.S. government issued a statement claiming that state-sponsored Russian hackers attacked the U.S. agencies...
Federal Agencies Warned the US Healthcare System on Facing An “Increased and Imminent” Threat of Cybercrime
A couple of days back the FBI and two federal agencies, the Department of Homeland Security and the Department of...
Widevine-L3-Decryptor – A Chrome Extension That Demonstrates Bypassing Widevine L3 DRM
Widevine is a Google-owned DRM system that's in use by many popular streaming services (Netflix, Spotify, etc.) to prevent media...
Scrying – A Tool For Collecting RDP, Web And VNC Screenshots All In One Place
A new tool for collecting RDP, web and VNC screenshots all in one place This tool is still a work-in-progress...
Oracle WebLogic Unauthenticated Complete Takeover (CVE-2020-14882): What You Need to Know
What’s up? As if October 2020 hasn’t been scary enough, Rapid7 Labs, the SANS Internet Storm Center (ISC), and other...
How Maria Barsallo Lynch Helps Combat the Spread of Misinformation and Disinformation Ahead of the Election
In our most recent episode of Security Nation, we spoke with Maria Barsallo Lynch, Executive Director of the Defending Digital...
Trick or Treat! What We Can Learn from the Spookiest Vulnerabilities of the Year
Spooky season is in full swing, and we’re not just talking about Halloween. Security vulnerabilities can range from tiny errors...
Reincubate – 616,146 breached accounts
In October 2020, the app data company Reincubate suffered a data breach which exposed a backup from November 2017 (the...
German armed forces launch security vulnerability disclosure program
Posted by Vulnerability Lab on Oct 29Title: German armed forces launch security vulnerability disclosure program Source:https://portswigger.net/daily-swig/german-armed-forces-launch-security-vulnerability-disclosure-program Reference:https://www.bundeswehr.de/bw-de/organisation/cyber-und-informationsraum/aktuelles/-liebe-hacker-hiermit-laden-wir-sie-herzlich-ein--3713242 If you like...
New Emotet delivery method spotted during downward detection trend
Emotet, one of cybersecurity’s most-feared malware threats, got a superficial facelift this week, hiding itself within a fake Microsoft Office...
Fake COVID-19 survey hides ransomware in Canadian university attack
This post was authored by Jérôme Segura with contributions from Hossein Jazi, Hasherezade and Marcelo Rivero. In recent weeks, we’ve...
Scammers are spoofing bank phone numbers to rob victims
It can be a very convincing trick… “You can check the number in your display online sir. You’ll see I’m...
Hackers stole the personal data of patients in Finland
Finland: Hackers have stolen data from the Vastaamo Psychotherapy Center. Folders with personal information of tens of thousands of Suomi...
Enel Group attacked by Netwalker, demanding a whooping $14 million
Energy Company Enel Group has yet again been hit by malware, making it a second this year. The energy...
DDoS attacks in Q3 2020
News overview Q3 was relatively calm from a DDoS perspective. There were no headline innovations, although cybercriminals did continue to...
Awesome Android Security – A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
A curated list of Android Security materials and resources For Pentesters and Bug Hunters.BlogAAPG - Android application penetration testing guide...
iSH – Linux Shell For iOS
A project to get a Linux shell running on iOS, using usermode x86 emulation and syscall translation. For the current...
Rapid7 Announces Improvements to Goals and SLAs in InsightVM
We know that proving the efficacy of your vulnerability management program is no easy task. But with the Goals and...
Keeping ransomware cash away from your business
A ransomware gang has made headlines for donating a big chunk of stolen funds to two charities. Two separate donations...
Internet of Things (IoT): Greater Threat for Businesses Reopening Amid COVID-19 Pandemic
Businesses have increasingly adopted IoT devices, especially amid the COVID-19 pandemic to keep their operations safe. Over the past year,...
Impact of Covid-19 Web Threats on Cybersecurity, A Report from Beginning to End
Cyberattacks during the Covid-19 pandemic exposed the flawed systems of cybersecurity. We should glance at these attacks and learn new...
