CVE-2021-21157
Summary: Use after free in Web Sockets in Google Chrome on Linux prior to 88.0.4324.182 allowed a remote attacker to...
CVE-2021-1227
Summary: A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a...
CVE-2020-8032
Summary: A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to...
Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange 0-day
Starting February 27, 2021, Rapid7 has observed a notable increase in the exploitation of Microsoft Exchange through existing detections in...
Ryuk ransomware develops worm-like capability
The French government’s computer emergency readiness team, that’s part of the National Cybersecurity Agency of France, or ANSSI, has discovered...
Remote Working Susceptible to Data Risks, 83% of Organizations at Suffer Email Breaches
As per the report by Egress, 95% of cybersecurity experts believe company and client data in e-mails is at risk....
Data Analytics Agency Polecat Held To Ransom After Server Exposed 30TB Of Records
On October 29, 2020, the Wizcase CyberResearch Team which was lead by Ata Hakcil has discovered that the server ‘Elasticsearch’...
Data of 21 Million VPN Users Leaked Online
Security experts from Cybernews have discovered a massive data breach which is directly linked to the millions of VPN user....
Google Voice Disruption Caused by Expired TLS Certificates
Google has affirmed that a Google Voice malfunction that had impacted the majority of telephone service users this month was...
Database of 21 million users of popular VPN services leaked
The database contains email addresses, passwords and usernames of Russian users. This information can be used by hackers to obtain...
Fake-Sms – A Simple Command Line Tool Using Which You Can Skip Phone Number Based SMS Verification By Using A Temporary Phone Number That Acts Like A Proxy
A simple command line tool using which you can skip phone number based SMS verification by using a temporary phone...
OWASP ASST (Automated Software Security Toolkit) – A Novel Open Source Web Security Scanner
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner. Note: AWSS is the older name...
French multinational dairy Lactalis hit by a cyber attack
French multinational dairy products corporation Lactalis discloses cyberattack, but claimed that had no evidence of a data breach. France-based dairy...
Alleged China-linked APT41 group targets Indian critical infrastructures
Recorded Future researchers uncovered a campaign conducted by Chinese APT41 group targeting critical infrastructure in India. Security researchers at Recorded...
Distributor of Asian food JFC International hit by Ransomware
JFC International, a major wholesaler and distributor of Asian food products in the United States, was hit by ransomware. JFC...
Gootkit delivery platform Gootloader used to deliver additional payloads
The Javascript-based infection framework for the Gootkit RAT was enhanced to deliver a wider variety of malware, including ransomware. Experts...
Oxfam – 1,834,006 breached accounts
In January 2021, Oxfam Australia was the victim of a data breach which exposed 1.8M unique email addresses of supporters...
Ticketcounter – 1,921,722 breached accounts
In August 2020, the Dutch ticketing service Ticketcounter inadvertently published a database backup to a publicly accessible location where it...
Defending online anonymity and speech with Eva Galperin: Lock and Code S02E03
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we...
Tether says it is a Victim of a 500 BTC Ransom
Only days after the conclusion of its long-running fight with the Office of the Attorney General of New York, Tether...
Microsoft Lures Populate Half of Credential-Swiping Phishing Emails
According to the sources nearly half of the emails, phishing attacks in the year 2020 aimed to swipe credentials...
Russian Hackers Sabotaging Critical U.S Infrastructure
Among every state-sponsored hacking group that has attacked the U.S power grid, and went beyond to compromise American Electric Utilities,...
US Senate’s Selection Committe Raises Some Serious Concerns Regarding SolarWinds Attack
The US Senate’s select committee has blamed Russia for the massive intelligence operation that infiltrated SolarWinds, a Texas-based software company,...
Nation States Are Using Cyber Crime Groups to Carry Attacks: States Blackberry Threat Report 2021
Nation-states are employing cybercriminals for hacking activities to perpetrate assaults in order to conceal their own presence. An e-security report...
