SonicWall releases second firmware updates for SMA 100 vulnerability
Security provider SonicWall released a new firmware update for an SMA-100 zero-day vulnerability that was exploited in attacks. SonicWall has...
Silver Sparrow, a new malware infects Mac systems using Apple M1 chip
Experts warn of new malware, dubbed Silver Sparrow, that is infecting Mac systems using the latest Apple M1 chip across...
Privacy bug in the Brave browser exposes Tor addresses to user’s DNS provider
A privacy bug in the Brave Browser caused the leak of the Tor onion URL addresses visited in the Tor...
New Masslogger Trojan variant exfiltrates user credentials
MassLogger Windows credential stealer infamous is back and it has been upgraded to steal credentials from Outlook, Chrome, and instant messenger...
CVE-2020-25681
Summary: A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets...
CVE-2020-25682
Summary: A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract...
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
CVE-2021-21148
Summary: Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap...
CVE-2021-21148
Summary: Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap...
CVE-2021-21148
Summary: Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap...
North Korean hackers charged with $1.3 billion of cyberheists
The US Department of Justice recently unsealed indictments detailing North Korea’s involvement in several global cyberattack campaigns against institutions in...
The data of 110 thousand customers was stolen from the Lithuanian car rental service
It became known that on the night of February 15-16 in Lithuania, the data of about 110 thousand customers of...
Personal Information of Nearly 1,30,000 Singtel Users’ Stolen in a Data Breach
Singapore’s leading telecom company Singtel confirmed the exploitation of a third-party file-sharing system Accellion which led to a massive data...
“LinkedIn Private Shared Document” Shared Via Phishing Email by Hackers
LinkedIn seems to have become a popular destination for phishing attacks and users have been attacked with phishing emails in...
Masslogger Campaigns Exfiltrates Clients Credentials
Assailants are continually reinventing approaches to monetize their tools. Cisco Talos as of late found an intriguing campaign affecting Windows...
SSRFuzz – A Tool To Find Server Side Request Forgery Vulnerabilities, With CRLF Chaining Capabilities
SSRFuzz is a tool to find Server Side Request Forgery vulnerabilities, with CRLF chaining capabilities Why?I wanted to write a...
Galer – A Fast Tool To Fetch URLs From HTML Attributes By Crawl-In
A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet, which is possible to...
Experts spotted the first malware tailored for Apple M1 Chip, it is just the beginning
Apple launched its M1 chip and cybercriminals developed a malware sample specifically for it, the latest generation of Macs are...
Hackers steal credit card data abusing Google’s Apps Script
Hackers abuse Google Apps Script to steal credit cards, bypass CSP Attackers are abusing Google’s Apps Script business application development...
Credential stuffing attack hit RIPE NCC: Members have to enable 2FA
RIPE NCC has disclosed a failed credential stuffing attack against its infrastructure, it asking its members to enable 2FA for...
SolarWinds hackers had access to components used by Azure, Intune, and Exchange
Microsoft announced that SolarWinds hackers could have had access to repositories containing some components used by Azure, Intune, and Exchange....
WatchDog botnet targets Windows and Linux servers in cryptomining campaign
PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency....
CVE-2021-21450
Summary: SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PSD file received from untrusted...
CVE-2021-21449
Summary: SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted...
