Disaster planning with Lesley Carhart, and the slim chance of a critical infrastructure “big one”: Lock and Code S02E14
The 2021 attacks on two water treatment facilities in the US—combined with ransomware attacks on an oil and gas supplier...
Ransomware Attempt Volume Touching Over 300 Million, Sets Record
A new investigation report has been published by SonicWall network security organization in which it stated that ransomware attacks have...
Hacker Uses Credential Phishing to Gain Access Into PayPal Account
Analysts from Cofense Phishing Defense Center recently found a unique PayPal credential phishing attack. Phishing is a harmful technique that...
Exploit Code Released for a Critical Flaw in Linux Kernel eBPF on Ubuntu Machines
Cybersecurity researcher Manfred Paul revealed the details of the code for abusing a critical flaw in the Linux eBPF (Extended...
Russia’s APT29 is Actively Serving WellMess/WellMail Malware
A year ago, the United Kingdom, the USA, and Canada released a coordinated advisory, during the global pandemic, revealing a...
Evidence Indicates Russia’s SVR is Still Using ‘WellMess’ Malware, Despite US Warnings
President Joe Biden's appeal for Vladimir Putin to crack down on cyberattacks emanating from within Russia appears to have failed...
tsharkVM – Tshark + ELK Analytics Virtual Machine
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance...
CSIRT-Collect – PowerShell Script To Collect Memory And (Triage) Disk Forensics
A PowerShell script to collect memory and (triage) disk forensics for incident response investigations. The script leverages a network share,...
GhostEmperor, a new Chinese-speaking threat actor targets Southeast Asia
Kaspersky experts spotted a previously undocumented Chinese-speaking threat actor, tracked as GhostEmperor, that is targeting Microsoft Exchange flaws in attacks...
Security Affairs newsletter Round 325
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
Threat actors leaked data stolen from EA, including FIFA code
Threat actors that hacked Electronic Arts in June have leaked full data dump stolen from the company after the failure...
SolarWinds hackers breached 27 state attorneys’ offices
Microsoft Office 365 email accounts of employees at 27 US Attorneys’ offices were breached by the Russia-linked SVR group as part of...
CVE-2018-20346
Summary: SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3...
CVE-2018-20346
Summary: SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3...
CVE-2018-20346
Summary: SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3...
CVE-2018-20506
Summary: SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3...
CVE-2019-1543
Summary: ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that...
CVE-2021-3246
Summary: A heap buffer overflow vulnerability in msadpcm_decode_block of libsndfile 1.0.30 allows attackers to execute arbitrary code via a crafted...
CVE-2021-32761
Summary: Redis is an in-memory database that persists on disk. A vulnerability involving out-of-bounds read and integer overflow to buffer...
Seven-Fold Surge in Dark Web Ads Providing Corporate Network Access
In the latest study, researchers at Positive Technologies have documented the evolution of hacker-placed ads on the Dark Web from...
Bot that helps hackers write code
The Copilot service developed by Microsoft and GitHub specialists, designed to simplify the work of programmers, can be used by...
Wiper Malware Used in Attack Against Iranian Railway
The cyber-attack that crippled Iran's national railway system at the beginning of the month was caused by a disk-wiping malware...
Two Belarusian Arrested in Black Box ATM Attack
The Polish authorities have detained two individuals committing so-called ‘Black Box’ attacks, targeting ATMs, whereby criminal offenders attach electronic devices...
Following a Ransomware Cyberattack, D-BOX Stated it is Gradually Restarting Operations
After a ransomware cyberattack on its internal information-technology systems, D-BOX Technologies Inc. says it is progressively resuming operations, with restoration...
