CVE-2017-13750
Summary: There is a reachable assertion abort in the function jpc_dec_process_siz() in jpc/jpc_dec.c:1296 in JasPer 2.0.12 that will lead to...
CVE-2017-13751
Summary: There is a reachable assertion abort in the function calcstepsizes() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to...
CVE-2017-13752
Summary: There is a reachable assertion abort in the function jpc_dequantize() in jpc/jpc_dec.c in JasPer 2.0.12 that will lead to...
CVE-2020-27828
Summary: There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an...
CVE-2020-35965
Summary: decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform...
Bonobos – 2,811,929 breached accounts
In August 2020, the clothing store Bonobos suffered a data breach that exposed almost 70GB of data containing 2.8 million...
Perl.com, the Official Site for Perl Programming Language Hijacked
The domain Perl.com was made in 1994 and was the official site for the Perl programming language, it is enlisted...
Sberbank is the most targeted organization in Europe by hackers, says Herman Gref
At the moment, Sberbank is more often than other institutions in Europe is subjected to hacker attacks, but successfully repels...
Trickbot- A Banking Trojan Returns With Latest Phishing Campaigns and Attacks
Trickbot, a banking malware has resurged again with new phishing campaigns and attacks after the collaboration of cybersecurity and technology...
Ghost Accounts used by Nefilim Ransomware Actors
Recently we are witnessing that the Ransomware operators are teaming up to exchange software and infrastructure to further accelerate the...
Rocke Group’s Pro Ocean Crypto-jacking Malware now Comes with Worm Feature
The Rocke Group's used cloud-targeted malware for carrying out crypto-jacking attacks for Monero that was documented in 2019 by Unit...
PSC – E2E Encryption For Multi-Hop Tty Sessions Or Portshells + TCP/UDP Port Forward
DNS lookup and SSH session forwarded across an UART connection to a Pi PSC allows to e2e encrypt shell sessions,...
SSRF-King – SSRF Plugin For Burp Automates SSRF Detection In All Of The Request
SSRF plugin for burp that Automates SSRF Detection in all of the RequestUpcoming Features ChecklistIt will soon have a user...
Victims of FonixCrypter ransomware could decrypt their files for free
FonixCrypter ransomware operators shut down their operations, released the master decryption key for free, and deleted malware’s source code. Good...
Domain for programming website Perl.com hijacked
Threat actors took over the domain name perl.com and pointed it to an IP address associated with malware campaigns. Attackers...
Experts addressed flaws in Popup Builder WordPress plugin
Multiple issues in WordPress ‘Popup Builder’ Plugin could be exploited by hackers to perform various malicious actions on affected websites....
CVE-2020-35679
Summary: smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory...
CVE-2020-35680
Summary: smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer...
CVE-2021-25126
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
CVE-2021-25125
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
CVE-2021-25124
Summary: The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10...
Cleaning up after Emotet: the law enforcement file
This blog post was authored by Hasherezade and Jérôme Segura Emotet has been the most wanted malware for several years....
RDP abused for DDoS attacks
We have talked about RDP many times before. It has been a popular target for brute force attacks for a...
Open Source Software Vulnerabilities Leads to RCE
Various vulnerabilities in open source video platforms YouPHPTube and AVideo could be utilized to accomplish remote code execution (RCE) on...
