CVE-2020-27844
Summary: A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide...
CVE-2018-20311
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
CVE-2018-20316
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can...
CVE-2020-4762
Summary: IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user...
CVE-2020-29491
Summary: Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
Malspam campaign spoofs email chains to install IcedID info-stealer
In a new phishing campaign, the offending emails arrive in inboxes with attached, password-protected zip archives containing Word documents. (Photo...
“I have full control of your device”: Sextortion scam rears its ugly head in time for 2021
Malwarebytes recently received a report about a fresh spate of Bitcoin sextortion scam campaigns doing the rounds. Bitcoin sextortion scams...
Funke Media Group suffers nationwide ransomware attack in Germany
On December 22, Germany’s third largest publisher fell victim to a cyberattack that affected systems in offices all around the...
Security Expert listed the largest data leaks of Russian residents in 2020
Founder of DLBI data leak intelligence service Ashot Hovhannisyan spoke about the most large-scale database leaks in the Russian Federation...
Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers
Recently, Marijuana Business Daily has disclosed a data breach at Aurora Cannabis. The security incident compromised the credential information...
Researcher Exposes Telegram’s Location Bug, Company Say It’s a Feature
An expert who observed that messaging platform Telegram's "People Nearby" feature revealed risk of accurate user location, is now informed...
Cisco Talos Researchers Discovered Multiple Susceptibilities in SoftMaker Office TextMaker
Cisco Talos researchers exposed multiple vulnerabilities in SoftMaker Office TextMaker that can be exploited by cyber attackers. These vulnerabilities in...
NSA Issues Guidelines for Eliminating Obsolete TLS Protocols
The National Security Agency is a US-based agency on which America highly relies on to collect and process foreign signals,...
UhOh365 – A Script That Can See If An Email Address Is Valid In Office365 (User/Email Enumeration)
A script that can see if an email address is valid in Office365. This does not perform any login attempts,...
Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is...
How COVID-19 Reinforced the Need for Mobile Device Management
How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable...
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack
An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack....
US Govt kicked off ‘Hack the Army 3.0’ bug bounty program
The U.S. government is going to launch the ‘Hack the Army 3.0’ bug bounty program in collaboration with the HackerOne...
SolarWinds hackers had access to roughly 3% of US DOJ O365 mailboxes
The US DoJ revealed that threat actors behind the SolarWinds attack have gained access to roughly 3% of the department’s...
WhatsApp will share your data with Facebook and its companies
WhatsApp is notifying users that starting February 8, 2021, they will be obliged to share their data with Facebook, leaving...
Google fixed a critical Remote Code Execution flaw in Android
Google released an Android security update that addressed tens of flaws, including a critical Android remote code execution vulnerability. Google...
CVE-2016-20003
Summary: The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's...
