Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities
Thousands of public-facing devices can be accessed anywhere in the world, from the US to Russia, from London to Johannesburg....
TeaBot Android banking Trojan targets banks in Europe
Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in...
NSA and ODNI analyze potential risks to 5G networks
U.S. Intelligence agencies warn of weaknesses in 5G networks that could be exploited by crooks and nation-state actors for intelligence...
Hackers target Windows users exploiting a Zero-Day in Reader
Adobe confirmed that a zero-day vulnerability affecting Adobe Reader for Windows has been exploited in the wild in limited attacks....
Researcher hacked Apple AirTag two weeks after its launch
Apple AirTag has been launched less than two weeks ago, but a security researcher already claims to have hacked them. The Apple...
CVE-2020-27652
Summary: Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and...
CVE-2020-27653
Summary: Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and...
CVE-2020-28392
Summary: A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrect...
CVE-2021-26564
Summary: Cleartext transmission of sensitive information vulnerability in synorelayd in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows man-in-the-middle attackers to...
CVE-2016-4838
Summary: The Android Apps Money Forward (prior to v7.18.0), Money Forward for The Gunma Bank (prior to v1.2.0), Money Forward...
Colonial Pipeline attack expected to trigger imminent hardening of cybersecurity rules for federal agencies
The ransomware attack on Colonial Pipeline last week caused the White House to hold emergency meetings to possibly strengthen a...
Avaddon ransomware campaign prompts warnings from FBI, ACSC
Both the Australian Cyber Security Centre (ACSC) and the US Federal Bureau of Investigation (FBI) have issued warnings about an...
GitHub Announced Security Key Support for SSH Git Operations
When using Git over SSH, GitHub, the ubiquitous host for software creation and version control (and unfortunate victim of a...
Short story about Clubhouse user scraping and social graphs
TL;DRDuring this RedTeam testing, Hexway team used Clubhouse as a social engineering tool to find out more about their client’s...
VAST – Visibility Across Space And Time
The network telemetry engine for data-driven security investigations. Getting Started — Installation — Documentation — Development — Changelog — License...
Baserunner – A Tool For Exploring Firebase Datastores
A tool for exploring and exploiting Firebase datastores.Set upgit clone https://github.com/iosiro/baserunner.git cd baserunner npm install npm run build npm start...
City of Chicago Emails Compromised During Data Transfer To Law Firm
The city of Chicago on Friday said that employee emails were stolen in a Jones Day data breach during a...
Chinese hackers attacked a Russian developer of military submarines
Chinese hackers reportedly attacked the Rubin Central Design Bureau for Marine Engineering (СKB Rubin), which designs submarines for the Russian...
$2 Million Cryptocurrency Controversy Linked with WallStreetBets Investors
As per a Bloomberg News story, at least $2 million of a cryptocurrency conspiracy was recently tossed from investors of...
Researchers Flag Serious Authentication Bypass Vulnerability After Pega Infinity Hotfix Released
After security researchers discovered a flaw in the Pega Infinity enterprise software platform, users are being advised to upgrade their...
Apple Covered a Mass Hack on 128 Million iPhone Users in 2015
Apple and Epic are now embroiled in a legal dispute, and as a result, some shocking material has surfaced on...
Apple was aware that XcodeGhost impacted 128 Million iOS Users in 2015
Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. Documents provided in...
Google open sources cosign tool for verifying containers
Google has released a new open-source tool called cosign that could allow administrators to sign and verify the container images....
FBI and Australia ACSC agencies warn of ongoing Avaddon ransomware attacks
The FBI and Australian Australian Cyber Security Centre (ACSC) warn of an ongoing Avaddon ransomware campaign targeting organizations worldwide. The...
