Microsoft warns of a new unpatched Windows Print Spooler RCE zero-day
Microsoft is warning of another zero-day Windows print spooler vulnerability, tracked as CVE-2021-36958, that could allow local attackers to gain...
Threat actors behind the Poly Network hack are returning stolen funds
The threat actor who hacked Poly Network cross-chain protocol stealing $611 million worth of cryptocurrency assets returns the stolen funds....
Accenture has been hit by a LockBit 2.0 ransomware attack
Global consulting giant Accenture has allegedly been hit by a ransomware attack carried out by LockBit 2.0 ransomware operators. IT...
UNC215, an alleged China-linked APT group targets Israel orgs
China-linked threat actors UNC215 targeted Israeli organizations in a long-running campaign and used false flags to trick victims into believing...
CVE-2021-38202
Summary: fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read...
CVE-2021-38201
Summary: net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access)...
CVE-2021-1610
Summary: Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN...
CVE-2021-32772
Summary: Poddycast is a podcast app made with Electron. Prior to version 0.8.1, an attacker can create a podcast or...
CVE-2018-8172
Summary: A remote code execution vulnerability exists in Visual Studio software when the software does not check the source markup...
Twitter says it out loud: Removing anonymity will not stop online abuse
An investigation by Twitter into racist tweets levied against three Black players on the English football team following the national...
If a QR code leads you to a Bitcoin ATM at a gas station, it’s a scam
Rogue QR code antics have been back in the news recently. They’re not exactly a mainstay of fakery, but they...
Thief pulls off colossal, $600m crypto-robbery …and gives the money back
The largest crypto-robbery in history is rapidly turning into the most bizarre as well. Let’s start at the beginning… In...
PrintNightmare and RDP RCE among major issues tackled by Patch Tuesday
The sheer number of patches (44 security vulnerabilities) should be enough to scare us, but unfortunately we have gotten used...
Cinobi Banking Malware Targets Japanese Cryptocurrency Exchange Users via Malvertising Campaign
Researchers at Trend Micro discovered a new social engineering-based malvertising campaign targeting Japanese users with a malicious application disguised as...
Android Malware ‘FlyTrap’ Hacks Facebook Accounts
A new Android trojan has been discovered to breach the Facebook accounts of over 10,000 people in at least 144...
IISpy: Installs Backdoor on Microsoft’s Web Server Software
Cybersecurity investigators have detected malware that could deploy backdoor Internet Information Services (IIS) on Microsoft's Web server software. Labeled IISpy,...
FBI Told Congress That Ransomware Payments Shouldn’t be Prohibited
After meeting with the business sector and cybersecurity experts, the Biden administration backed away from the concept of barring ransomware...
Wsh – Web Shell Generator And Command Line Interface
wsh (pronounced woosh) is a web shell generator and command line interface. This started off as just an http client...
Jarm – Active Transport Layer Security (TLS) server fingerprinting tool
Please read the initial JARM blog post for more information. JARM is an active Transport Layer Security (TLS) server fingerprinting...
Adobe fixes critical flaws in Magento, patch it immediately
Adobe security updates for August 2021 have addressed critical vulnerabilities in Magento and important bugs in Adobe Connect. Adobe security...
Microsoft patch Tuesday security updates fix PrintNightmare flaws
Microsoft released patch Tuesday security updates for August that address 120 CVEs in Microsoft products including a zero-day actively exploited...
$611 million stolen in Poly Network cross-chain hack
The cross-chain protocol Poly Network has been hacked, threat actors stole $611 million making this hack the largest DeFi hack to...
CVE-2021-21866
Summary: A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17....
CVE-2020-13962
Summary: Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue,...
