Pegasus Project – how governments use Pegasus spyware against journalists
Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s...
Experts show how to bypass Windows Hello feature to login on Windows 10 PCs
Security researchers demonstrated how to bypass the Windows Hello facial recognition that is used in Windows 10 as a login...
CVE-2021-34329
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter...
CVE-2021-34330
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll...
CVE-2021-34331
Summary: A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll...
CVE-2021-30547
Summary: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform...
CVE-2021-35469
Summary: The Lexmark Printer Software G2, G3 and G4 Installation Packages have a local escalation of privilege vulnerability due to...
Workflow Automation Tool: n8n cloud
What is n8n?n8n (pronounced n-eight-n) helps you to interconnect every app with an API in the world with each other...
Short Édition – 505,466 breached accounts
In June 2021, the French publishing house of short literature Short Édition suffered a data breach that exposed 505k records....
“Seven or eight” zero-days: The failed race to fix Kaseya VSA, with Victor Gevers, Lock and Code S02E13
Kaseya VSA included at least “seven or eight” privately known zero-day vulnerabilities before it suffered a widespread ransomware attack that...
THORChain Suffers $7.6 Million Loss in Latest DeFi Exploit
Popular cross-chain liquidity exchange THORChain got compromised in a new DeFi hack where $7.6 million were stolen, suffering a second...
Telegram’s Encryption Protocol Detected with Vulnerabilities
A multinational computer team claimed on Friday that the popular encrypted chat app Telegram is detected with four cryptographic vulnerabilities...
Facebook says Iranian Hackers Targeted U.S. Military Personnel
On Thursday, Facebook announced that it had shut down approximately 200 accounts operated by a group of hackers in Iran...
ARTIF – An Advanced Real Time Threat Intelligence Framework To Identify Threats And Malicious Web Traffic On The Basis Of IP Reputation And Historical Data.
ARTIF is a new advanced real time threat intelligence framework built that adds another abstraction layer on the top of...
DNSStager – Hide Your Payload In DNS
DNSStager is an open-source project based on Python used to hide and transfer your payload using DNS. DNSStager will create...
Chinese government issues new vulnerability disclosure regulations
Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government. The...
Instagram implements ‘Security Checkup’ to help users recover compromised accounts
Instagram introduced a new security feature dubbed “Security Checkup” to help users to recover their accounts that have been compromised....
HelloKitty ransomware gang targets vulnerable SonicWall devices
BleepingComputer became aware that the recent wave of attacks targeting vulnerable SonicWall devices was carried out by HelloKitty ransomware operators....
Security Affairs newsletter Round 323
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
CVE-2021-30553
Summary: Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit...
CVE-2021-30554
Summary: Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap...
CVE-2021-30555
Summary: Use after free in Sharing in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to...
CVE-2021-30556
Summary: Use after free in WebAudio in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap...
CVE-2021-30557
Summary: Use after free in TabGroups in Google Chrome prior to 91.0.4472.114 allowed an attacker who convinced a user to...
