APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave macOS Catalina 10.15.7, Security…
APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 iOS 14.0 and iPadOS 14.0 addresses the following issues. Information about…
APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0 tvOS 14.0 addresses the following issues. Information about the security content is also available…
APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0
Posted by Apple Product Security via Fulldisclosure on Nov 15APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0 Safari 14.0 addresses the following issues. Information about the security content is also available…
Cit0day – 226,883,414 breached accounts
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below. Original Source
123RF – 8,661,578 breached accounts
In March 2020, the stock photo site 123RF suffered a data breach which impacted over 8 million subscribers and was subsequently sold online. The breach included email, IP and physical…
Decentralized Finance (Defi) Protocol Akropolis Hacked For $2 Million In DAI
Decentralized finance (defi) protocol Akropolis was recently hacked for $2 million in DAI, in the most recent flash loan attack to hit the 'nascent defi industry'. When the attack occurred, (GMT…
Herpaderping – Process Herpaderping Bypasses Security Products By Obscuring The Intentions Of A Process
Process Herpaderping is a method of obscuring the intentions of a process by modifying the content on disk after the image has been mapped. This results in curious behavior by…
Linux-Evil-Toolkit – A Framework That Aims To Centralize, Standardize And Simplify The Use Of Various Security Tools For Pentest Professionals
Linux evil toolkit is a framework that aims to centralize, standardize and simplify the use of various security tools for pentest professionals.LETK (Linux evil toolkit) has few simple commands, one…
Government in Australia issues Clop Ransomware warning to Healthcare Organizations
The Australian Cyber Security Center has issued a security alert for the health sector to check their barriers and defenses against potential ransomware attacks especially the Clop Ransomware that uses…
Tfsec – Security Scanner For Your Terraform Code
tfsec uses static analysis of your terraform templates to spot potential security issues. Now with terraform v0.12+ support. Example OutputInstallationInstall with brew/linuxbrew: brew install tfsec Install with Chocolatey: choco install…
Scripthunter – Tool To Find JavaScript Files On Websites
Scripthunter is a tool that finds javascript files for a given website. To scan Google, simply run ./scripthunter.sh https://google.com. Note that it may take a while, which is why scripthunter…
Home Chef – 8,815,692 breached accounts
In early 2020, the food delivery service Home Chef suffered a data breach which was subsequently sold online. The breach exposed the personal information of almost 9 million customers including…
Hat trick for Google as it patches two more zero-days in Chrome
Slightly over a week ago we advised you to update your Chrome browser. That warning came only a week or so after we advised you to update your Chrome browser.…
Surviving college distance learning during the pandemic: a cybersecurity guide
Social distancing, the wearing of face masks, practicing hand hygiene, and disinfecting often-touched surfaces have become human necessities during the pandemic era. For schools, they’ve also had to adapt quickly…
ADHD, what is it? and how does it affect me?
(it captures the ADHD experience well) TLDR: Life can be challenging for a person with ADHD; there are hidden struggles that no one else can see and our ADHD brains…
Here’s why a Greece Hacker Easily Hacked Croatian University?
A hacker from Greece has published the database of the University of Rijeka in the context of Croatia supporting the anti-Serb movement. Reportedly, the hacker was fueled by the prevailing…
Hackers Use Bugs To Attack iOS and Android Devices; Google Doesn’t Disclose Details
Google's cybersecurity team found a cluster of high-end vulnerabilities in iOS, Windows, Android, and Chrome earlier this week. According to Google, these vulnerabilities were in high usage, which means hackers…
Spam and phishing in Q3 2020
Quarterly highlights Worming their way in: cybercriminal tricks of the trade These days, many companies distribute marketing newsletters via online platforms. In terms of capabilities, such platforms are quite diverse:…
Scope of Debian’s /home/loser is with permissions 755, default umask 002
Posted by Georgi Guninski on Nov 12On Debian /home/loser is with permissions 755, default umask 0022 (If you don't understand the numbers, this means a lot of files are world…
Avian JVM FileOutputStream.write() Integer Overflow
Posted by Pietro Oliva via Fulldisclosure on Nov 12Vulnerability title: Avian JVM FileOutputStream.write() Integer Overflow Author: Pietro Oliva Vendor: ReadyTalk Product: Avian JVM Affected version: 1.2.0 before 27th October 2020…
FAMA – Forensic Analysis For Mobile Apps
LabCIF - Forensic Analysis for Mobile AppsGetting StartedAndroid extraction and analysis framework with an integrated Autopsy Module. Dump easily user data from a device and generate powerful reports for Autopsy…
Leonidas – Automated Attack Simulation In The Cloud, Complete With Detection Use Cases
Leonidas is a framework for executing attacker actions in the cloud. It provides a YAML-based format for defining cloud attacker tactics, techniques and procedures (TTPs) and their associated detection properties.…
Animal Jam – 7,104,998 breached accounts
In October 2020, the online game for kids Animal Jam suffered a data breach which was subsequently shared through online hacking communities the following month. The data contained 46 million…