CVE-2020-4928
Summary: IBM Cloud Pak System 2.3 could allow a local privileged attacker to upload arbitrary files. By intercepting the request...
A week in security (December 28 – January 3)
First off we would like to wish all our readers a happy and secure 2021! Last week on Malwarebytes Labs...
Hack The Box Walkthrough Guide to: ID Exposed
CHALLENGE DESCRIPTIONWe are looking for Sara Medson Cruz's last location, where she left a message. We need to find out...
Check Point: What to expect from hackers in 2021
The pandemic has made its own adjustments in all areas of modern life. The attackers changed the targets of their...
Learn how to Hide your WhatsApp Profile Picture and Why ?
The latest statistics of the messaging app usage have shown that WhatsApp has 2.0 billion users worldwide, which doesn't...
Japanese Games Publisher Koei Tecmo Suffers Cyber Attack, 65,000 Users Account Compromised
The Japanese games' publisher Koei Tecmo was targeted by hackers who compromised the company's English language website and stole confidential...
Virtual Website Neopets Exposes Sensitive Data
Neopets is an online platform where kids can take care of "virtual pets." The website has revealed many sensitive user...
Appliance Giant Whirlpool Smacked by Nefilim Attack
As Ransomware attacks become the new normal, people are increasingly falling prey to such attacks in cyberspace as well...
EvtMute – Apply A Filter To The Events Being Reported By Windows Event Logging
This is a tool that allows you to offensively use YARA to apply a filter to the events being reported...
XSS-Scanner – XSS Scanner That Detects Cross-Site Scripting Vulnerabilities In Website By Injecting Malicious Scripts
Cross-Site Scripting (XSS) is one of the most well known web application vulnerabilities. It even has a dedicated chapter in...
Shifting Security Right: How Cloud-Based SecOps Can Speed Processes While Maintaining Integrity
When it comes to offloading security controls to the cloud, it may seem counterintuitive to the notion of “securing” things....
CVE-2020-26217
Summary: XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary...
British Court rejects the US’s request to extradite Julian Assange
A British court has rejected the request of the US government to extradite Wikileaks founder Julian Assange to the country....
New alleged MuddyWater attack downloads a PowerShell script from GitHub
Security expert spotted a new piece of malware that leverages weaponized Word documents to download a PowerShell script from GitHub. Security...
MOSINT – OSINT Tool For Emails
MOSINT is an OSINT Tool for emails. It helps you gather information about the target email. Features:Verification Service { Check...
Over 200 million records of Chinese Citizens for Sale on the Darkweb
During a routine Dark web monitoring, the Research team at Cyble found threat actors selling 200 million+ Records of Chinese...
Top data breaches of 2020 – Security Affairs
Data from major cyber security firms revealed that tens of billion records have been exposed in data breaches exposed in 2020....
Security Affairs newsletter Round 295
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
NCA arrested 21 customers of the WeLeakInfo service
NCA arrested 21 people in the UK as part of an operation targeting customers of WeLeakInfo service that advertised stolen...
COVID-19 themed attacks December 19, 2020– January 02, 2021
This post includes the details of the COVID-19 themed attacks launched from December 19, 2020– January 02, 2021. 25 December,...
Ticketmaster will pay $10 Million fine over hacking a competitor
Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The...
Urlhunter – A Recon Tool That Allows Searching On URLs That Are Exposed Via Shortener Services
urlhunter is a recon tool that allows searching on URLs that are exposed via shortener services such as bit.ly...
Ticketmaster Fined $10 Million by Department of Justice for Unlawful Business
Ticketmaster had to pay €7.3 Million ($10M) fine compensation for intervening in a rival company's computer systems, says the US...
Russians ‘InfoWarrior’ Hackers New Game Changer for the Geopolitical Agenda ?
The worse cyber attack of the year 2020 on SolarWinds which was allegedly carried out by Russian state-backed threat actors...
