WFH – Windows Feature Hunter
Windows Feature Hunter (WFH) is a proof of concept python script that uses Frida, a dynamic instrumentation toolkit, to assist...
Insurance firm CNA discloses data breach after March ransomware attack
Insurance giant CNA notifies customers of a data breach after the Phoenix CryptoLocker ransomware attack suffered in March. US insurance...
Hackers use a new technique in malspam attacks to disable Macro security warnings in weaponized docs
Threat actors have devised a new trick to disable macro security warning that leverage non-malicious docs in malspam attacks. Most...
Microsoft says that the emergency patch recently released correctly fix the PrintNightmare flaw
Microsoft confirmed that the emergency security updates (KB5005010) correctly address the PrintNightmare Print Spooler vulnerability (CVE-2021-34527). Microsoft says that the...
Cisco fixes High Severity issue in BPA and WSA
Cisco addresses high severity privilege escalation vulnerabilities in Business Process Automation (BPA) and Web Security Appliance (WSA) that expose users...
Multiple Sage X3 vulnerabilities expose systems to hack
Rapid7 researchers discovered security vulnerabilities in the Sage X3 ERP product that could allow to take control of vulnerable systems. Researchers from...
Morgan Stanley discloses data breach after the hack of a third-party vendor
The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server...
CVE-2021-26690
Summary: Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by mod_session can cause a NULL...
CVE-2021-31618
Summary: Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured...
CVE-2021-26038
Summary: An issue was discovered in Joomla! 2.5.0 through 3.9.27. Install action in com_installer lack the required hardcoded ACL checks...
CVE-2021-3606
Summary: OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration...
CVE-2021-3613
Summary: OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file...
Year-long spear-phishing campaign targets global energy industry
Working oil pumps are seen against a sunset sky. Intezer uncovered a year-long spear-phishing campaign against energy companies. (Getty Images)An...
Malspam banks on Kaseya ransomware attack
The Malwarebytes Threat Intelligence Team recently found a malicious spam campaign making the rounds and banking on the ransomware attack...
Kaseya update delayed for security reasons
Software vendor Kaseya has been caught in the chaos of a supply-chain compromise by the REvil ransomware gang since Friday....
Presidential Press Secretary Said Moscow Not Involved in The Cyber Attacks on the Republican National Committee of US
On Wednesday, the press secretary of the President of the Russian Federation Dmitry Peskov told reporters that the cyber attack...
Chinese Hackers Target Indian SBI Users Via Phishing
Recently Indian officials have reported that China-based cybercriminals are targeting customers of the Indian National Bank State Bank of India...
Trump’s Social Media Website GETTR Hacked
An attacker leaked non-public information from GETTR, a social media platform made by former president Donald Trump's team in July...
SonicWall Patches Critical CVE-2021-20026 Vulnerability in NSM Product
A researcher at Positive Technologies has provided details about the CVE-2021-20026 command injection flaw that exploits SonicWall’s Network Security Manager...
Experts explained how and where confidential company data leaks
Despite the development of security tools, the number of leaks of confidential information of companies and individuals is not decreasing....
Ipa-Medit – Memory Search And Patch Tool For Resigned Ipa Without Jailbreak
Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security...
Cariddi – Take A List Of Domains, Crawl Urls And Scan For Endpoints, Secrets, Api Keys, File Extensions, Tokens And More…
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more...PreviewInstallationYou need...
Tor Browser 10.5 is out, it includes a new anti-censorship feature
The Tor Project has released Tor Browser 10.5 which enhances an anti-censorship feature and warns of V2 onion URL deprecation....
Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits
A threat actor has deposited 26.99 Bitcoins on one of the cybercrime forums, he aims at purchasing zero-day exploits from other forum members. A...
