User database was also hacked in the recent hack of PHP ‘s Git Server
The maintainers of the PHP programming language confirmed that threat actors may have compromised a user database containing their passwords.
Read more
Man arrested after hired a hitman on the dark web
A joint operation of Europol and the Italian Postal and Communication Police resulted in the arrest of an Italian national
Read more
CVE-2020-27952
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted font file may lead to arbitrary code execution.
Read more
CVE-2020-29611
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.
Read more
CVE-2021-28165
In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame.
Read more
CVE-2020-29614
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption.
Read more
CVE-2020-29617
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.
Read more
SAP warns of malicious activity targeting unpatched systems
A timely warning to keep systems patched has appeared, via a jointly-released report from Onapsis and SAP. The report details
Read more
Fake Netflix App Spreads Malware via WhatsApp Messages
Researchers have discovered malware camouflaged as a Netflix application, prowling on the Google Play store, spread through WhatsApp messages.
Read more
Canadian IoT Solutions Provider, Sierra Wireless Hit by a Ransomware Attack
Sierra Wireless, a Canadian IoT solutions provider said that it has reopened its manufacturing site’s production after the company suffered
Read more
Data Stolen from 500 Million LinkedIn Users Leaked Online
Just days after a Facebook data leak was revealed, security experts have discovered another one, this time the victim
Read more
The Russian who hacked JPMorgan was demanded $20 million in compensation
In January, Andrei Tyurin was sentenced to 12 years in prison for the largest theft of personal data of bank
Read more
Janeleiro a New Banking Trojan Targeting Corporate, Government Targets
A banking Trojan has been found out by cybersecurity researchers, which has targeted many organizations across the state of
Read more
Columbo – A Computer Forensic Analysis Tool Used To Simplify And Identify Specific Patterns In Compromised Datasets
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets. It breaks down
Read more
ThreatMapper – Identify Vulnerabilities In Running Containers, Images, Hosts And Repositories
The Deepfence Runtime Threat Mapper is a subset of the Deepfence cloud native workload protection platform, released as a community
Read more
Security Isn’t a Four-Letter Word: How Infrastructure as Code (IaC) Amplifies DevOps Through the Inclusion of Security
Our fast-paced lives are fueled by innovative, cloud-native companies. We are able to watch our favorite programs and movies from
Read more
A Quick Look Into Cloud Infrastructure Entitlement Management (CIEM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business
Read more
A Quick Look Into Cloud Workload Protection Platforms (CWPPs)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business
Read more
MDR Vendor Must-Haves, Part 4: Ingestion of Authentication Data Across Local, Domain, and Cloud Sources
This blog post is part of an ongoing series about evaluating Managed Detection and Response (MDR) providers. For more insights,
Read more
Pwn2Own 2021 Day 1 – participants earned more than $500k
The Pwn2Own 2021 hacking competition has begun and white hat hackers participants earned more than $500000 on the first day.
Read more
Crooks use Telegram bots and Google Forms to automate phishing
Crooks increasingly often use legitimate services such as Google Forms and Telegram to obtain user data stolen on phishing websites.
Read more
Gigaset Android smartphones infected with malware after supply chain attack
A new supply chain attack made the headlines, threat actors compromised at least one update server of smartphone maker Gigaset to
Read more
European Commission and other institutions were hit by a major cyber-attack
Not only the European Commission, but many other organizations of the European Union have been targeted by a cyberattack in
Read more
SAP systems are targeted within 72 hours after updates are released
On-premises SAP systems are targeted by threat actors within 72 hours after security patches are released, security SAP security firm
Read more