Experts found three new 15-year-old bugs in a Linux kernel module
Three 15-year-old flaws in Linux kernel could be exploited by local attackers with basic user privileges to gain root privileges on...
CVE-2018-16873
Summary: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when...
CVE-2018-16874
Summary: In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed...
CVE-2019-16276
Summary: Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling. Reference Links(if available): https://groups.google.com/forum/#!msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ https://github.com/golang/go/issues/34540 https://lists.fedoraproject.org/archives/list/[email protected]/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/ https://lists.fedoraproject.org/archives/list/[email protected]/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/ https://lists.fedoraproject.org/archives/list/[email protected]/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/...
CVE-2019-17596
Summary: Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid...
CVE-2021-22880
Summary: The PostgreSQL adapter in Active Record before 6.1.2.1, 6.0.3.5, 5.2.4.5 suffers from a regular expression denial of service (REDoS)...
Russian military-industrial complex announced a ban on the use of WhatsApp and Zoom for work
Business communication between defense industry employees in WhatsApp, Skype and Zoom has become stricter suppressed by the managementA source in...
Beverge Manufacturer Molson Coors Targeted in Cyber Attack
Brewing giant Molson Coors revealed on Thursday that it has experienced a ‘cybersecurity incident’ that has disrupted its operations and...
Cutwail Botnet-Led Dridex and Malicious PowerShell Related Attacks, Increase with new Scripts
IBM X-Force intelligence has observed an increase in the Cutwail botnet-led Dridex-related network attacks. Dridex is shipped via e-mail with...
HTTP Bridge – Send TCP Stream Packets Over Simple HTTP Request
I've wrote this program as a proof of concept to test the idea of be able to send tcp stream...
Gitls – Enumerate Git Repository URL From List Of URL / User / Org
Enumerate git repository URL from list of URL / User / Org. Friendly to pipeline This tool is available when...
The fire in the OVH datacenter also impacted APTs and cybercrime groups
The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT...
New variant for Mac Malware XCSSET compiled for M1 Chips
Kaspersky researchers spotted a new variant of the XCSSET Mac malware that compiled for devices running on Apple M1 chips....
10,000+ WeLeakInfo customer records leaked
An actor claimed to have registered one of the domains of WeLeakInfo, accessed details of 10000+ WeLeakInfo’ s customers, and...
CVE-2021-26864
Summary: Windows Virtual Registry Provider Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26864 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P...
CVE-2021-26863
Summary: Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-26875, CVE-2021-26900, CVE-2021-27077. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26863...
CVE-2021-26862
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26862 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:C/I:C/A:C v3: /...
CVE-2021-26861
Summary: Windows Graphics Component Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-26861 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3:...
Liker – 465,141 breached accounts
In March 2020, the self-proclaimed "kinder, smarter social network" Liker suffered a data breach, allegedly in retaliation for the Gab...
Ransomware is targeting vulnerable Microsoft Exchange servers
The Microsoft Exchange attacks using the ProxyLogon vulnerability, and previously associated with the dropping of malicious web shells, are taking...
150,000 Verkada security cameras hacked—to make a point
Hackers were able to gain access to camera feeds from Verkada, a tech company that specializes in video security and...
Several Americans Affected by Netgain Ransomware Attack
The number of Americans influenced by a cyber assault on a cloud facilitating and IT services provider has expanded by...
A Bug in iPhone Call Recording App Exposed Clients Data
A security vulnerability in a famous iPhone call recording application exposed thousands of users' recorded conversations. The flaw was found...
Ryuk Ransomware Hits Spain’s Employment Agency
The Spanish State Employment Service (SEPE) has been targeted by a ransomware attack which has resulted in hundreds of offices...
