CVE-2021-33629
Summary: isula-build before 0.9.5-8 can cause a program crash, when building container images, some functions for processing external data do...
CVE-2021-25801
Summary: A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an...
CVE-2021-25802
Summary: A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an...
CVE-2021-25803
Summary: A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an...
Zoom and gloom? Video comms org agrees to settle for $85m
Zoom has agreed to an $85m settlement regarding privacy, zoom-bombing, and data sharing. The class action privacy lawsuit filed in...
The 3 biggest threats reaching for your antivirus software’s off switch
Having antivirus (AV) software on your computer is a staple. Modern antivirus offers layered protection—a cybersecurity approach that uses multiple...
RDP brute force attacks explained
While you read these words, the chances are that somebody, somewhere, is trying to break in to your computer by...
APT31 hackers attacked Russian companies for the first time
The representatives of the company Positive Technologies reported that the hacker group APT31, known for its attacks on state structures...
McAfee: Hacking Team Babuk Has Flaws In It’s Business Models
Recently, ransomware hacking groups have been mostly focusing on Microsoft Windows OS. McAfee researched dedicated Linux and Unix based ransomware,...
Google: Android Apps Must Provide Privacy Information By April 2022
Some days back Google has announced that the company is about to launch its Google Play ‘Safety Section’ feature that...
Severe Vulnerabilities Discovered in IP Camera Firmware Used by Multiple Vendors
Security researchers at RandoriSec have identified numerous critical and high-severity flaws in IP camera firmware made by UDP Technology, a...
Chipotle’s Email Marketing Account Compromised to Spread Malware
In mid-July, a new phishing attack was detected that used a compromised mailing service account. In the four days between...
Doldrums – A Flutter/Dart Reverse Engineering Tool
To flutter: to move in quick, irregular motions, to beat rapidly, to be agitated.Doldrums: a period of stagnation. Doldrums is...
Rz-Ghidra – Deep Ghidra Decompiler And Sleigh Disassembler Integration For Rizin
This is an integration of the Ghidra decompiler and Sleigh Disassembler for rizin. It is solely based on the decompiler...
Cisco fixed Remote Code Execution issue in Firepower Device Manager On-Box software
Cisco addressed a vulnerability in the Firepower Device Manager (FDM) On-Box software that allows attackers to execute arbitrary code on...
Experts found potential remote code execution in PyPI
A flaw in the GitHub Actions workflow for PyPI ’s source repository could be exploited to potentially execute arbitrary code...
Do You Trust Your Smart TV?
Did you ever stop to think that the office smart TV used for company presentations, Zoom meetings, and other work-related...
PwnedPiper flaws in PTS systems affect 80% of major US hospitals
Cybersecurity researchers disclosed multiple flaws, dubbed PwnedPiper, that left a widely-used pneumatic tube system (PTS) vulnerable to attacks. Researchers from...
CVE-2021-35516
Summary: When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally...
CVE-2021-35517
Summary: When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally...
CVE-2021-36090
Summary: When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally...
CVE-2020-22283
Summary: A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to...
CVE-2021-1600
Summary: Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from...
A week in security (July 26 – August 1)
Last week on Malwarebytes Labs: OSX.XLoader hides little except its main purpose: What we learned in the installation process.The Clubhouse...
