CVE-2021-3156
Summary: Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line...
Microsoft: web shell attacks have doubled over the past year
Microsoft’s Detection and Response and 365 Defender teams are sounding the alarm that the number of observed attacks using web...
Who is to blame for the malicious Barcode Scanner that got on the Google Play store?
In our last blog, Barcode Scanner app on Google Play infects 10 million users with one update, we wrote about...
Malvertising campaign on PornHub and other top adult brands exposes users to tech support scams
Threat actors involved in tech support scams have been running a browser locker campaign from November 2020 until February 2021...
Nude photo theft offers lessons in selfie security
Two former college graduates are in a lot of trouble after breaking into other students’ accounts and stealing sensitive personal...
CEO of Koo App Denies the Allegations of Data Breach by French Hacker
Koo, a home-grown microblogging platform has come under the scanner after a French ethical hacker known by the moniker Elliot...
RiskSense Report Affirms Surge in Vulnerabilities Associated with Ransomware
In recent years, the threat from Ransomware has grown enormously. The ransomware attacks have started to threaten more web applications,...
Diceware-Password-Generator – Python Implementation Of The Diceware Password Generating Algorithm
Please Note - This Program Do Not Store Passwords In Any Form And All The Passwords Are Generated Locally Inside...
BaphoDashBoard – Dashboard For Manage And Generate The Baphomet Ransomware
With this proyect we will be able to handle the data of the victims we obtain with Baphomet Ransomware. BaphoDashBoard...
TIM’s Red Team Research (RTR) discovered a critical zero-day vulnerability in IBM InfoSphere Information Server
Researchers at TIM’s Red Team Research discovered a zero-day vulnerability in IBM InfoSphere Information Server. Today, TIM’s Red Team Research...
Microsoft warns of the rise of web shell attacks
Researchers from Microsoft are warning that the number of monthly web shell attacks has doubled since last year. Microsoft reported...
The “P” in Telegram stands for Privacy
Security expert Dhiraj Mishra analyzed the popular instant messaging app Telegram and identified some failures in terms of handling the...
Lampion trojan disseminated in Portugal using COVID-19 template
The fresh release of the Latin American Lampion trojan was updated with a new C2 address. Lampion trojan disseminated in...
Avaddon ransomware decryptor released, but operators quickly reacted
An expert released a free decryption tool for the Avaddon ransomware, but operators quickly updated malware code to make it...
Experts spotted two Android spyware used by Indian APT Confucius
Lookout researchers provided details about two Android spyware families employed by an APT group tracked as Confucius. Researchers at mobile...
CVE-2021-0333
Summary: In onCreate of BluetoothPermissionActivity.java, there is a possible permissions bypass due to a tapjacking overlay that obscures the phonebook...
CVE-2021-21122
Summary: Use after free in Blink in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap...
CVE-2020-35942
Summary: A Cross-Site Request Forgery (CSRF) issue in the NextGEN Gallery plugin before 3.5.0 for WordPress allows File Upload and...
CVE-2021-0330
Summary: In add_user_ce and remove_user_ce of storaged.cpp, there is a possible use-after-free due to improper locking. This could lead to...
CVE-2021-25903
Summary: An issue was discovered in the cache crate through 2021-01-01 for Rust. A raw pointer is dereferenced. Reference Links(if...
Researcher’s audacious hack demonstrates new type of supply-chain attack
Often the most brilliant ideas are the most simple. The hard part is being the first one to come up...
Researchers Spotted Two Android Spyware Linked to Confucius
Researchers at cybersecurity firm Lookout have published information on two recently discovered Android spyware families utilized by an advanced persistent...
Russian expert predicts end of WhatsApp – Users switching to Telegram
Over the past weeks, WhatsApp messenger has started losing millions of users. They migrate to Telegram. In mid-January, almost 25...
The Central Bank conducted remote anti-hacker exercises for the first time
The Central Bank of the Russian Federation summed up the results of the cyber exercises held in November-December 2020, designed...
