CVE-2020-26664
Summary: A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via...
CVE-2021-27188
Summary: The Sovremennye Delovye Tekhnologii FX Aggregator terminal client 1 allows attackers to cause a denial of service (access suspended...
Second malware strain primed to attack Apple’s new M1 chip identified
Along with the Pirrit Mac adware identified earlier this week, researchers from Red Canary identified Thursday a different malware strain...
Cybersecurity in Cyberpunk 2077: the good, the bad, and the cringeworthy
What game caused some players to experience seizures, allows you to have unauthorized sex with Keanu Reeves, features a lead...
Romance scams: FTC reveals $304 million of heartache
In 2020, reported losses to the FTC for romance scams went up by 50% from 2019, totalling $304 million. And...
Ukrainian police arrested members of a well-known cyber ransomware group
Members of the Egregor group, which provides the service using the Ransomware-as-a-Service (RaaS) model, have been arrested by the Ukrainian...
Cybercriminal Gang Clop Attacked an International Law Firm Jones Day For Ransom
Jones Day, a U.S.-based international law firm has suffered a major ransomware attack, and the allegedly stolen files from Jones...
Data of 14 Million Amazon and eBay Accounts Leaked on Hacking Websites
An anonymous user offered 14 million data from Amazon and eBay accounts on a prominent hacking website for dissemination. The...
WireBug – A Toolset For Voice-over-IP Penetration Testing
WireBug is a tool set for Voice-over-IP penetration testing. It is designed as a wizard which makes it easy to...
Ghidra_Kernelcache – A Ghidra Framework For iOS Kernelcache Reverse Engineering
This framework is the end product of my experience in reverse engineering iOS kernelcache,I do manually look for vulnerabilities in...
Securing Your Web App, One Robot at a Time
Modern web apps are two things: complex, and under persistent attack. Any publicly accessible web application can receive up to...
The OpenSSL Project addressed three vulnerabilities
The OpenSSL Project addressed three vulnerabilities, including two denial-of-service (DoS) issues and a bug in the SSLv2 rollback protection. The...
US DoJ charges three members of the North Korea-linked Lazarus APT group
The US DOJ charged three members of the North Korea-linked Lazarus Advanced Persistent Threat (APT) group. The U.S. Justice Department...
ScamClub malvertising gang abused WebKit zero-day to redirect to online gift card scams
Malvertising gang ScamClub has exploited an unpatched zero-day vulnerability in WebKit-based browsers in a campaign aimed at realizing online gift...
CVE-2021-22857
Summary: The CGE page with download function contains a Directory Traversal vulnerability. Attackers can use this loophole to download system...
CVE-2021-22856
Summary: The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in...
CVE-2020-36003
Summary: The id parameter in detail.php of Online Book Store v1.0 is vulnerable to union-based blind SQL injection, which leads...
CVE-2020-7848
Summary: The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi?logout=1 script. To exploit this...
CVE-2020-13949
Summary: In Apache Thrift 0.9.3 to 0.13.0, malicious RPC clients could send short messages which would result in a large...
Clubhouse under scrutiny for sending data to Chinese servers
The audio-chat app Clubhouse is the latest rage in the social media landscape. What makes it so popular and, now...
Yandex sysadmin caught selling access to email accounts
Yandex, a European multinational technology firm best known for being the most-used search engine in Russia, has revealed it had...
Lithuanian Police Investigate Leak of 110,000 User Records of CityBee
Police in Lithuania is investigating after the personal information of 110,000 individuals was leaked to an online hacker site. The...
UK Cryptocurrency Exchange EXMO Suffers a ‘Massive’ DDoS Assault
Cryptocurrency exchange EXMO, a British company was targeted in a distributed denial-of-service (DDoS) attack. As a precautionary measure company has...
The press secretary of the Russian president denied Russia’s connection with the hackers who attacked France
As the press secretary of the President of the Russian Federation noted, the report of the French special services "contains...
