CVE-2018-14576
Summary: The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the...
CVE-2019-12264
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4 assignment by the...
CVE-2019-12259
Summary: Wind River VxWorks 6.6, 6.7, 6.8, 6.9 and vx7 has an array index error in the IGMPv3 client component....
CVE-2019-12263
Summary: Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There...
CVE-2019-12258
Summary: Wind River VxWorks 6.6 through vx7 has Session Fixation in the TCP component. This is a IPNET security vulnerability:...
CVE-2021-39608 – flatCore / flatCore CMS – Unrestricted file upload
Summary: CVE-2021-39608 is an unrestricted file upload vulnerability impacting FlatCore-CMS version 2.0.7. An exploit was observed in open source and...
A week in security (August 30 – September 5)
Last week on Malwarebytes Labs ProxyToken: another nail-biter from Microsoft ExchangeMacs turn on apps signed by Symantec, treat them as...
Ransomware Attacks Increased Exponentially in 2021
The growing threat of ransomware has been highlighted by NCC Group's Research Intelligence and Fusion Team (RIFT) analysis. Between January-March...
This NPM Package with Millions of Weekly Downloads Patched a RCE Flaw
A critical remote code execution (RCE) flaw has been fixed in the popular NPM package "pac-resolver." Developer Tim Perry discovered the...
Hackers Exploit Camera Vulnerabilities To Spy On Parents
Various zero day vulnerabilities in home baby monitor could be compromised that lets threat actors hack into camera feed and...
Mozi Botnet Creators Arrested by Chinese Law Enforcement Authorities
Cybersecurity researchers from the Chinese information security firm Netlab Qihoo 360 reported that at the beginning of this year the...
More than 60,000 Parked Domains Were Vulnerable to AWS Hijacking
MarkMonitor, a domain registrar, had left over 60,000 parked domains susceptible to domain hijacking.MarkMonitor, now part of Clarivate, is a...
LockBit 2.0 Ransomware Victim: cheadlelaw[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: soenen-golfkarton[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: remedios[.]lawyer
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: hpe-konstanz[.]de
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Marketo Auction Site Victim: Virginia Defense Force
marketocloud_logo NOTE: The information on this page is automated and scraped directly from the marketocloud Blog page and reposted here...
Marketo Auction Site Victim: Otto Instrument
marketocloud_logo NOTE: The information on this page is automated and scraped directly from the marketocloud Blog page and reposted here...
Marketo Auction Site Victim: Sandhills Center
marketocloud_logo NOTE: The information on this page is automated and scraped directly from the marketocloud Blog page and reposted here...
US-CERT Bulletin (SB21-249):Vulnerability Summary for the Week of August 30, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
packetsifterTool – A Tool To Aid Analysts In Sifting Through A Packet Capture (Pcap) To Find Noteworthy Traffic
PacketSifter is a tool to perform batch processing of PCAP data to uncover potential IOCs.Simply initializePacketSifter with your desired integrations...
Nettacker – Automated Penetration Testing Framework
OWASP Nettacker project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services,...
Netgear addresses severe security flaws in 20 of its products
Netgear has released security updates to address high-severity vulnerabilities affecting several of its smart switches used by businesses. Netgear has...
Malware found pre-installed in cheap push-button mobile phones sold in Russia
Security researcher ValdikSS found malware preinstalled in four low-budget push-button mobile phones available for sale on Russian e-stores. A Russian...
