Why More Teams are Shifting Security Analytics to the Cloud This Year
As the threat landscape continues to evolve in size and complexity, so does the security skills and resource gap, leaving...
Centreon says that recently disclosed campaigns only targeted obsolete versions of its open-source software
French software firm Centreon announced this week that the recently disclosed supply chain attack did not impact its paid customers....
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware
Latin American Javali trojan weaponizing Avira antivirus legitimate injector to implant malware In the last few years, many banking trojans...
Telegram flaw could have allowed access to users secret chats
Experts at Shielder disclosed a flaw in the Telegram app that could have exposed users’ secret messages, photos, and videos to...
CVE-2020-13585
Summary: An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed...
CVE-2020-13583
Summary: A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can...
CVE-2020-24838
Summary: An integer overflow has been found in the the latest version of Issuer. The total issuedCount can be zero...
CVE-2020-13581
Summary: In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser...
CVE-2020-27250
Summary: In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser...
CityBee – 110,156 breached accounts
In February 2021, the Lithuanian car-sharing service CityBee announced they'd suffered a data breach that exposed 110k customers' personal information....
RDP, the ransomware problem that won’t go away
The year 2020 will certainly be remembered as one of the most difficult and tragic years humankind has faced in...
Egregor ransomware hit by arrests
In a collaboration between French and Ukranian law enforcement, arrests have been made that might put a dent in one...
Extortion, precision malware, and ruthless scams. Read the State of Malware 2021 report
Last year, threat actors took advantage of the COVID-19 public health crisis in a way previously considered unimaginable, not only...
Threat Actors Targeting British Users in a Facebook Phishing Campaign
After targeting the German users in the ongoing Facebook phishing campaign threat actors have shifted their focus onto the British...
Palo Alto Next Generation Firewall Detected With Four Vulnerabilities
Details of a series of bugs in Palo Alto Firewall Software, which the network provider addressed last September, were revealed...
DDoS attacks in Q4 2020
News overview Cybercriminals are constantly on the lookout for means and methods to make attacks more destructive. In Q4 2020, Citrix...
Monitor Google Cloud Platform (GCP) Data With InsightIDR
InsightIDR was built in the cloud to support dynamic and rapidly changing environments—including remote workers, hybrid cloud and on-premises architectures,...
Hackers abusing the Ngrok platform phishing attacks
Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at...
Popular SHAREit app is affected by severe flaws yet to be fixed
Multiple vulnerabilities in the popular file-sharing app SHAREit have yet, to be addressed, experts from Trend Micro warned. SHAREit is...
A new Bluetooth overlay skimmer block chip-based transactions
Experts discovered a new Bluetooth overlay skimmer that interferes with the ability of the terminal to read chip-based cards, forcing...
VMware fixes command injection issue in vSphere Replication
VMware released security patches for a potentially serious vulnerability affecting the vSphere Replication product. VMware has recently released security patches...
France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers
French agency ANSSI attributes a series of attacks targeting Centreon servers to the Russia-linked Sandworm APT group. The French security...
CVE-2020-11858
Summary: Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility...
CVE-2020-8639
Summary: An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading...
