RansomEXX Trojan attacks Linux systems
We recently discovered a new file-encrypting Trojan built as an ELF executable and intended to encrypt data on machines controlled...
GWTMap – Tool to help map the attack surface of Google Web Toolkit
GWTMap is a tool to help map the attack surface of Google Web Toolkit (GWT) based applications. The purpose of...
secuvera-SA-2020-01: Broken Object Level Authorization Vulnerability in OvulaRing-Webapplication
Posted by Tobias Glemser on Nov 06secuvera-SA-2020-01: Broken Object Level Authorization Vulnerability in OvulaRing-Webapplication Affected Products OvulaRing Webapp Version 4.2.2...
Advisory: ES2020-02 – Asterisk crash due to INVITE flood over TCP
Posted by Sandro Gauci on Nov 06# Asterisk crash due to INVITE flood over TCP - Fixed versions: 13.37.1, 16.14.1,...
APPLE-SA-2020-11-05-7 tvOS 14.2
Posted by Apple Product Security via Fulldisclosure on Nov 06APPLE-SA-2020-11-05-7 tvOS 14.2 tvOS 14.2 is now available and address the...
APPLE-SA-2020-11-05-1 iOS 14.2 and iPadOS 14.2
Posted by Apple Product Security via Fulldisclosure on Nov 06APPLE-SA-2020-11-05-1 iOS 14.2 and iPadOS 14.2 iOS 14.2 and iPadOS 14.2...
APPLE-SA-2020-11-05-2 iOS 12.4.9
Posted by Apple Product Security via Fulldisclosure on Nov 06APPLE-SA-2020-11-05-2 iOS 12.4.9 iOS 12.4.9 is now available and address the...
Tempomail – Generate A Custom Email Address In 1 Second And Receive Emails
tempomail is a standalone binary that allows you to create a temporary email address in 1 Second and receive emails....
QBot malspam campaign preys on Americans anticipation for election news
An intense presidential election and a grueling week of vote counting has left many Americans distracted from their work, anxious...
Prop 24 passes in California, will change data privacy law
First-day returns in California showed voters firmly approving to change their state’s current data privacy law—which already guarantees certain privacy...
Google Chrome Receives Second Patch for Serious Zero-Day Bug in Two Weeks
Google has recently introduced a fix for another zero-day bug in its Chrome browser and has also released a new...
The Russian Duma has introduced a bill to strengthen control over foreign e-wallets
The document obliges citizens to report to the Federal Tax Service on the movement of funds in their foreign electronic...
Latest in CyberSecurity today : Maze Ransomware call it quits
The operators of the infamous Maze Ransomware has said a bitter (for some a very sweet) goodbye. Maze Ransomware incepted...
Attacks on industrial enterprises using RMS and TeamViewer: new data
Download full report (PDF) Executive Summary In summer 2019, Kaspersky ICS CERT identified a new wave of phishing emails containing...
Kraken – Cross-platform Yara Scanner Written In Go
Kraken is a simple cross-platform Yara scanner that can be built for Windows, Mac, FreeBSD and Linux. It is primarily...
SwiftyInsta – Instagram Unofficial Private API Swift
Instagram offers two kinds of APIs to developers. The Instagram API Platform (extremely limited in functionality and close to being...
AST-2020-002: Outbound INVITE loop on challenge with different nonce.
Posted by Asterisk Security Team on Nov 05 Asterisk Project Security Advisory â AST-2020-002 Product Asterisk Summary Outbound INVITE loop...
AST-2020-001: Remote crash in res_pjsip_session
Posted by Asterisk Security Team on Nov 05 Asterisk Project Security Advisory - AST-2020-001 Product Asterisk Summary Remote crash in...
Git LFS (git-lfs) – Remote Code Execution (RCE) exploit CVE-2020-27955 – Clone to Pwn
Posted by Dawid Golunski on Nov 05/* Go PoC exploit for git-lfs - Remote Code Execution (RCE) vulnerability CVE-2020-27955 git-lfs-RCE-exploit-CVE-2020-27955.go...
tCell by Rapid7 Now Available for the European Region
Today, we are excited to announce tCell by Rapid7, our next-gen WAF and RASP solution, is now available in the...
James – 1,541,284 breached accounts
In June 2020, 14 previously undisclosed data breaches appeared for sale including the Brazilian delivery service, "James". The breach occurred...
Wongnai – 3,924,454 breached accounts
In October 2020, 17 previously undisclosed data breaches appeared for sale including the Thai restaurant, hotel and attraction finding service,...
QBot Trojan delivered via malspam campaign exploiting US election uncertainties
This blog post was authored by Jérôme Segura and Hossein Jazi. The 2020 US elections have been the subject of...
The transition of critical IT infrastructure to Russian domestic software and equipment is postponed
The necessary Russian developments are still in short supply. Owners of critical information infrastructure still find the transition difficult to...
