CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2020-16156
Summary: CPAN 2.28 allows Signature Verification Bypass. Reference Links(if available): https://metacpan.org/pod/distribution/CPAN/scripts/cpan https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html CVSS Score (if available) v2: / MEDIUM...
Phorpiex botnet is back, in 2021 it $500K worth of crypto assets
Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half...
PseudoManuscrypt, a mysterious massive cyber espionage campaign
Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky...
PseudoManuscrypt: a mass-scale spyware attack campaign
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is...
Flaws in Lenovo laptops allow escalating to admin privileges
The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin...
CVE-2021-37604
Summary: In version 6.5 of our MiWi software and all previous versions including legacy products, there is a possibility of...
CVE-2021-37605
Summary: In version 6.5 of MiWi software and all previous versions including legacy products, the stack is validating only two...
CVE-2021-24945
Summary: The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in...
CVE-2021-41547
Summary: A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All...
CVE-2018-25021
Summary: The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows...
While attackers begin exploiting a second Log4j flaw, a third one emerges
Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web...
Multiple Nation-State actors are exploiting Log4Shell flaw
Nation-state actors from China, Iran, North Korea, and Turkey are attempting to exploit the Log4Shell vulnerability to in attacks in the wild....
Grindr fined for selling user data to advertisers
Dating network Grindr has been slapped with a US$7.7 million fine by Norwegian regulator Datatilsynet for sharing data with advertisers....
After Log4j, December’s Patch Tuesday has snuck up on us
For anyone about to sit back after checking their environment for the Log4j vulnerabilities and applying patches where needed, here...
cl0p Ransomware Victim: enprecis-com
NOTE: The information on this page is fully automated and scraped directly from the cl0p .onion Dark Web Tor Blog...
Owowa, a malicious IIS Server module used to steal Microsoft Exchange credentials
Threat actors are using a malicious Internet Information Services (IIS) Server module, dubbed Owowa, to steal Microsoft Exchange credentials. Kaspersky...
Kaspersky Managed Detection and Response: interesting cases
Kaspersky Managed Detection and Response (MDR) provides advanced protection against the growing number of threats that bypass automatic security barriers....
Kaspersky Security Bulletin 2021. Statistics
All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components...
Volatile and Adaptable: Tracking the Movements of Modern Ransomware
Trend Micro's tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which...
What SMBs can do to protect against Log4Shell attacks
As you may already know, the business, tech, and cybersecurity industries have been buzzing about Log4Shell (CVE-2021-44228), aka Logjam, the...
FBI’s investigation accidentally revealed the HelloKitty ransomware gang operates out of Ukraine
While investigating a data breach suffered by a healthcare organization, FBI accidentally revealed that it believes that the HelloKitty ransomware...
LockBit 2.0 Ransomware Victim: cunninghamgolfcar[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
