Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware
Russia-link cyberespionage APT28 leverages COVID-19 as phishing lures to deliver the Go version of their Zebrocy (or Zekapab) malware. Russia-linked APT28 is...
threatintel
Attack on Vermont Medical Center is costing the hospital $1.5M a day
The attack that hit the University of Vermont Medical Center at the end of October is costing the hospital about $1.5 million...
European Medicines Agency targeted by cyber attack
The European Medicines Agency (EMA) announced it has been targeted by a cyber attack. The European Medicines Agency (EMA) announced...
VideoBytes: Ryuk Ransomware Targeting US Hospitals
Hello Folks! In this Videobyte, we’re talking about why hospitals are being targeted by the Ryuk ransomware, what tricks they...
RESTler – The First Stateful REST API Fuzzing Tool For Automatically Testing Cloud Services Through Their REST APIs And Finding Security And Reliability Bugs In These Services
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding...
Depix – Recovers Passwords From Pixelized Screenshots
Depix is a tool for recovering passwords from pixelized screenshots. This implementation works on pixelized images that were created with...
New All Apps and Asset Report Combines Power of InsightVM and InsightAppSec for Boosted Visibility
Just using InsightAppSec and still want access to the new executive reports? Don’t worry—we have you covered. Check out your...
Crooks hide software skimmer inside CSS files
Security researchers have uncovered a new technique to inject a software skimmer onto websites, the malware hides in CSS files....
Microsoft December 2020 Patch Tuesday fixes 58 bugs, 9 are critical
Microsoft December 2020 Patch Tuesday security update address 58 vulnerabilities, 22 of them are remote code execution vulnerabilities. Microsoft December...
The importance of computer identity in network communications: how to protect it and prevent its theft
The importance of computer identity in network communications: how to protect it and prevent threat actors from spying or stealing...
Apache Software Foundation fixes code execution flaw in Apache Struts 2
The Apache Software Foundation addressed a possible remote code execution vulnerability in Struts 2 related to the OGNL technology. The...
Top cybersecurity firm FireEye hacked by a nation-state actor
The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The cybersecurity firm...
OpenSSL is affected by a ‘High Severity’ security flaw, update it now
The OpenSSL Project disclosed a serious security vulnerability in TLS/SSL toolkit that exposes users to denial-of-service (DoS) attacks. The OpenSSL...
Huawei HedEx Lite (DM) – Path Traversal Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== Huawei HedEx Lite (DM) - Path Traversal Web Vulnerability References (Source):...
VestaCP v0.9.8-26 – (LoginAs) Token Session Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - (LoginAs) Token Session Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2240 Release...
VestaCP v0.9.8-26 – Insufficient Session Validation Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - Insufficient Session Validation Web Vulnerability References (Source): ====================https://www.vulnerability-lab.com/get_content.php?id=2238...
VestaCP v0.9.8-26 – (period) Cross Site Scripting Web Vulnerability
Posted by Vulnerability Lab on Dec 08Document Title: =============== VestaCP v0.9.8-26 - (period) Cross Site Scripting Web Vulnerability References (Source):...
Get a head start on defending against tax scams
It may not be tax season in your part of the world right now but you’ll no doubt be pleased...
Kaspersky announced the creation of the new smartphones with protection from hackers
A smartphone with a secure Kaspersky will have minimal functionality, said the head of Kaspersky Lab, Eugene Kaspersky. According to...
US Cybersecurity Company FireEye Hacked by ‘Nation-Backed’ Threat Actors
On Tuesday, one of the leading cybersecurity firms, FireEye said that it has been attacked by "highly sophisticated" state-sponsored hackers...
NSA Issued Warning Against Russian State-Sponsored Attackers for Exploiting VMware Access
An advisory warning has been issued by the United States National Security Agency (NSA) on 7th December that Russian malicious...
Putin announced a digital transformation in Russia
In the next decade, Russia will face digital transformation and the widespread introduction of artificial intelligence and big data analysis,...
UAE Faces Cyber Pandemic, Cyberattacks In The Middle East On The Rise
The Middle East is suffering a "cyber pandemic" crisis due to coronavirus-themed cyberattacks on the rise this year, says Mohamed...
Packer-Fuzzer – A Fast And Efficient Scanner For Security Detection Of Websites Constructed By Javascript Module Bundler Such As Webpack
With the popularity of web front-end packaging tools, have you encountered more and more websites represented by Webpack packager in...
