Security Affairs newsletter Round 333
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Google TAG spotted actors using new code signing tricks to evade detection
Researchers from Google’s TAG team reported that financially motivated actors are using new code signing tricks to evade detection. Researchers...
GSS, one of the major European call center providers, suffered a ransomware attack
The customer care and call center provider GSS has suffered a ransomware attack that crippled its systems and impacted its...
CVE-2020-3702
Summary: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2...
CVE-2021-37576
Summary: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host...
CVE-2021-38160
Summary: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by...
CVE-2021-38166
Summary: In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements...
CVE-2021-40490
Summary: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13....
CVE-2021-40490
Summary: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13....
Ajarn – 266,399 breached accounts
In September 2021, the Thai-based English language teaching website Ajarn discovered they'd been the victim of a data breach dating...
Malware Creators Use Malformed Certificates To Trick Windows Validation
Google researchers have identified malware developers generating malformed code signatures that appear to be valid in Windows to bypass security...
African Bank Alerts of Data Breach With Personal Details Compromised
South African retail bank African Bank has confirmed that one of its debt recovery partners, Debt-IN, was targeted by a...
Port of Houston Attacked Employing Zoho Zero-Day Vulnerability
CISA officers on 23rd of September reported about a potential government-backed hacker organization that has tried to break the Port...
3.8 Billion Clubhouse and Facebook User Records are Being Sold Online
According to CyberNews, a database holding the records of about 3.8 billion Clubhouse and Facebook users is being auctioned at...
QueenSono – Golang Binary For Data Exfiltration With ICMP Protocol
QueenSono tool only relies on the fact that ICMP protocol isn't monitored. It is quite common. It could also been...
PoW-Shield – Project Dedicated To Fight DDoS And Spam With Proof Of Work, Featuring An Additional WA
Project dedicated to provide DDoS protection with proof-of-workDescriptionPoW Shield provides DDoS protection on OSI application layer by acting as a...
Threat actors are attempting to exploit VMware vCenter CVE-2021-22005 flaw
Immediately after the public release of the exploit code for the VMware vCenter CVE-2021-22005 flaw threat actors started using it....
Google addressed the eleventh Chrome zero-day flaw this year
Google released a Chrome emergency update for Windows, Mac, and Linux that addresses a high-severity zero-day flaw exploited in the wild....
European Union formally blames Russia for the GhostWriter operation
European Union representatives formally accused Russia of attempting to target the elections and political systems of several EU states. European...
CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now!
SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that...
CVE-2021-39253
Summary: A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. Reference Links(if available): https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp...
CVE-2021-39254
Summary: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the...
CVE-2021-3673
Summary: A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can...
CVE-2021-22148
Summary: Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound...
