UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware
A new cybercrime gang, tracked as UNC2529, has targeted many organizations in the US and other countries using new sophisticated...
Cyber Defense Magazine – May 2021 has arrived. Enjoy it!
Cyber Defense Magazine March 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 90 pages of...
Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager
Researchers found a critical vulnerability in HPE Edgeline Infrastructure Manager that could be exploited by a remote attacker to bypass...
A massive DDoS knocked offline Belgian government websites
A massive distributed denial of service (DDoS) attack shut down Belgiums’ government websites, internal networks were also impacted. A massive...
Most of Exim email servers could be hacked by exploiting 21Nails flaws
The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers...
CVE-2020-7226
Summary: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation...
CVE-2020-1763
Summary: An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where,...
CVE-2021-26675
Summary: A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent attackers to execute...
CVE-2021-21300
Summary: Git is an open-source distributed revision control system. In affected versions of Git a specially crafted repository that contains...
CVE-2016-4971
Summary: GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to...
Spectre attacks come back from the dead
Spectre is the name for a whole class of vulnerabilities discovered in January 2018 that affected huge numbers of modern...
Raychat App Suffered a Data Breach of 150 Million Users
Around 7:20 a.m. on Monday, May 3, 2021, the database was first made public on a prominent Russian hacker website....
Philippines Solicitor-General’s Office Breached Data Was Public
UK cybersecurity organization TurgenSec has reported over 345,000 important credential files were leaked from the Filipino solicitor-general office including information...
Ransomware Hackers Target Popular Cloud Service Provider ‘Swiss Cloud’
Swiss Cloud, a Switzerland-based cloud hosting provider, suffered a ransomware attack that seriously impacted its server infrastructure. The incident took...
UNICC and Group-IB Shut Down 134 Scam Websites In a Major Crackdown
Cybersecurity agency Group-IB and UNICC carried out a joint venture where they took down 134 websites handled by hacking group...
Tesla Car Hacked Remotely by Drone Via Zero-Click Exploit
Two researchers have shown how a Tesla and probably other cars can be remotely hacked without the involvement of the...
Pystinger – Bypass Firewall For Traffic Forwarding Using Webshell
Pystinger implements SOCK4 proxy and port mapping through webshell. It can be directly used by metasploit-framework, viper, cobalt strike for...
LibAFL – Advanced Fuzzing Library – Slot Your Fuzzer Together In Rust! Scales Across Cores And Machines. For Windows, Android, MacOS, Linux, No_Std, …
Advanced Fuzzing Library - Slot your own fuzzers together and extend their features using Rust. LibAFL is written and maintained...
Hundreds of millions Of Dell PCs affected by CVE-2021-21551 flaws
American multinational computer technology giant Dell addresses a 12-year-old driver flaw, tracked as CVE-2021-21551, impacting millions of computers. Hundreds of...
Project Signal: a second Iranian State-Sponsored Ransomware Operation
Iran-linked ATP group carried out a ransomware operation through a contracting company based in the country, Flashpoint researchers warn. Researchers...
Apple addresses three zero-day flaws in its WebKit browser engine
Apple has released security updates to patch three zero-days in the WebKit, the Apple’s browser engine, and fixed a zero-day...
Expert released PoC exploit for Microsoft Exchange flaw
Security researcher released technical details and a PoC code for a high-severity vulnerability in Microsoft Exchange Server reported by the...
Pulse Secure fixes zero-day in Pulse Connect Secure (PCS) SSL VPN actively exploited
Pulse Secure has fixed a zero-day flaw in the Pulse Connect Secure (PCS) SSL VPN appliance that threat actors are...
CVE-2020-27897
Summary: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.1,...
