6 out of 11 EU agencies running Solarwinds Orion software were hacked
SolarWinds supply chain attack also impacted six European Union institutions, European Commissioner for Budget and Administration confirmed. European Commissioner for...
Critical RCE can allow attackers to compromise Juniper Networks devices
Cybersecurity provider Juniper Networks addressed a critical vulnerability that could be exploited by attackers to remotely hijack or disrupt vulnerable...
CVE-2020-36120
Summary: Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS). Reference...
CVE-2021-28473
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28475, CVE-2021-28477. Reference Links(if...
CVE-2021-28473
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28475, CVE-2021-28477. Reference Links(if...
CVE-2021-28475
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28477. Reference Links(if...
CVE-2021-28477
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28457, CVE-2021-28469, CVE-2021-28473, CVE-2021-28475. Reference Links(if...
CVE-2019-6836
Summary: A CWE-863: Incorrect Authorization vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server...
Shady scam bots trick Omegle users into nonconsensual video sex recordings
14-year old Michael (not his real name) from Scandinavia first visited Omegle, the video online chat that has become hugely...
Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) have...
Deepfakes were going to change everything. And then they didn’t
For much of 2020, the most visible conversation about the US election and tech was related to deepfakes (images or...
U.S. Agencies Warns of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities
The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Bureau of Investigation (FBI) jointly...
ParkMobile Data Breach: 21Million User Data Exposed
Due to a data breach, the account details of 21 million customers of ParkMobile, a prominent mobile parking app in...
643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo
The issue of data fraud has been on a rapid rise, as of late, and evidently so as data breaches...
University of Hertfordshire Hit by Cyberattack
The University of Hertfordshire has become the most recent victim of a spate of digital assaults against academic institutions after...
IRTriage – Incident Response Triage – Windows Evidence Collection For Forensic Analysis
Scripted collection of system information valuable to a Forensic Analyst. IRTriage will automatically "Run As ADMINISTRATOR" in all Windows versions...
PentestBro – Combines Subdomain Scans, Whois, Port Scanning, Banner Grabbing And Web Enumeration Into One Tool
Experimental tool for Windows. PentestBro combines subdomain scans, whois, port scanning, banner grabbing and web enumeration into one tool. Uses...
Russia-linked APT SVR actively targets these 5 flaws
The US government warned that Russian cyber espionage group SVR is exploiting five known vulnerabilities in enterprise infrastructure products. The...
Mirai code re-use in Gafgyt
Uptycs’ threat research team recently detected several variants of the Linux-based botnet malware family, “Gafgyt,”some of them re-used Mirai code. ...
Lazarus BTC Changer. Back in action with JS sniffers redesigned to steal crypto
Group-IB observed the North Korea-linked Lazarus APT group stealing cryptocurrency using a never-before-seen tool. In the last five years, JavaScript...
US Gov sanctions Russia and expels 10 diplomats over SolarWinds hack
The U.S. and UK attributed with “high confidence” the recently disclosed supply chain attack on SolarWinds to Russia’s Foreign Intelligence...
Chrome users, here’s how to opt out of the Google FLoC trial
Two weeks after Google launched a trial to replace run-of-the-mill online user tracking with new-fangled online user tracking, several companies...
“Huge upsurge” in DDoS attacks during pandemic
Researchers at Netscout have released a report analyzing the malicious internet traffic of 2020 and comparing it to the years...
Malwarebytes releases SMB Cybersecurity Trust & Confidence Report 2021
What can we say about 2020 that hasn’t already been said? Beliefs were shaken. Values were questioned. Truths were tested....
