CVE-2021-23988
Summary: Mozilla developers reported memory safety bugs present in Firefox 86. Some of these bugs showed evidence of memory corruption...
CVE-2021-31540
Summary: Wowza Streaming Engine through 4.8.5 (in a default installation) has incorrect file permissions of configuration files in the conf/...
CVE-2021-20088
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in mootools-more 1.6.0 allows a malicious user to inject properties...
CVE-2021-20087
Summary: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in jquery-deparam 0.5.1 allows a malicious user to inject properties...
Researchers sound the alarm after GitHub floats stricter policies
GitHub CEO Nat Friedman speaks at GitHub Universe 2020. GitHub on Thursday solicited the comments of the security research community...
Task Force delivers strategic plan to address global ransomware problem
The Ransomware Task Force (RTF), a think tank composed of more than 60 volunteer experts who represent organizations encompassing industries...
IoT riddled with BadAlloc vulnerabilities
The Cybersecurity and Infrastructure Security Agency (CISA) has published advisory ICSA-21-119-04 about vulnerabilities found in multiple real-time operating systems (RTOS)...
What is an IP address? Do I need one?
An IP address tells computers how to find a certain device within a computer network. An IP address is like...
Experts reported cyber attacks from the U.S. during the Navalny rallies in Russia
DDoS attacks were launched against official websites of the Ministry of Foreign Affairs, Ministry of Labor, Ministry of Economic Development,...
Lloyds Bank Warns Britons of Phishing Scam That Could Drain Their Bank Accounts
LLOYDS BANK has issued an urgent warning to Britons as many have been attacked by a highly dangerous scam text...
Data Breach at Digital Oceans Leaves Customer Billing Data Exposed
Digital Ocean, a cloud solutions provider, informs certain clients that the billing information they receive may indeed be breached as...
Stop Tweeting, Says Click Studios: Phishers Use Breach Notification Information to Create New Lures
Click Studios, an Australian password protection company, claims that only a small percentage of its 29,000 customers were impacted by...
Credit Scores of Americans were Exposed Through Experian API
According to a researcher, almost every American's credit score was leaked due to an API platform used by the Experian...
Vaf – Very Advanced (Web) Fuzzer
very advanced fuzzer compilingInstall nim from nim-lang.org Run nimble build A vaf.exe file will be created in your directory ready...
SniperPhish – The Web-Email Spear Phishing Toolkit
SniperPhish is a phishing toolkit for pentester or security professionals to enhance user awareness by simulating real-world phishing attacks. SniperPhish...
UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed
UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the...
Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization
UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a...
Microsoft warns of BadAlloc flaws in OT, IoT devices
Microsoft researchers are warning of major security vulnerabilities affecting OT and IoT devices and high-risks for businesses using them. Researchers...
Command injection flaw in PHP Composer allowed supply-chain attacks
A vulnerability in the PHP Composer could have allowed an attacker to execute arbitrary commands and backdoor every PHP package....
An alleged ransomware attack hit the Italian Banca di Credito Cooperativo causing chaos
Banca di Credito Cooperativo (BCC), one of the largest Italian cooperative credit banks was hit by a ransomware attack. Banca di...
ParkMobile – 20,949,825 breached accounts
In March 2021, the mobile parking app service ParkMobile suffered a data breach which exposed 21 million customers' personal data....
Signal app insists it’s so private it can’t provide subpoenaed call data
Signal—the private, end-to-end encrypted messaging app that surged in popularity in recent months—once again reminded criminal investigators that it could...
What is Smishing? The 101 guide
Smishing is a valuable tool in the scammer’s armoury. You’ve likely run into it, even if you didn’t know that...
City fined for tracking its citizens via their phones
The Dutch information watchdog—the Autoriteit Persoonsgegevens (AP)—has fined the city of Enschede for € 600,000 for tracking its citizens’ movements...
