Cisco fixes AnyConnect Client VPN zero-day disclosed in November
Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code....
Biden signed executive order to improve the Nation’s Cybersecurity
President Joe Biden signed an ambitious executive order to dramatically improve the security of the US government networks. President Biden signed...
US CISA and FBI publish joint alert on DarkSide ransomware
FBI and DHS’s CISA have published a joint alert on DarkSide ransomware activity after the disruptive attack on Colonial Pipeline....
How Companies Need to Treat User Data and Manage Their Partners
After the introduction of CCPA and GDPR, much more attention is given to third-party risks, and the privacy terms and...
Microsoft Patch Tuesday for May 2021 fix 4 critical flaws
Microsoft Patch Tuesday for May 2021 security updates addressed 55 vulnerabilities, four are rated as Critical. Microsoft Patch Tuesday for...
CVE-2021-22209
Summary: An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating...
CVE-2020-36126
Summary: Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by incorrect access control that can lead to remote privilege escalation....
CVE-2021-20986
Summary: A Denial of Service vulnerability was found in Hilscher PROFINET IO Device V3 in versions prior to V3.14.0.7. This...
CVE-2021-31776
Summary: Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the...
CVE-2020-36128
Summary: Pax Technology PAXSTORE v7.0.8_20200511171508 and lower is affected by a token spoofing vulnerability. Each payment terminal has a session...
WedMeGood – 1,306,723 breached accounts
In January 2021, the Indian wedding planning platform WedMeGood suffered a data breach that exposed 1.3 million customers. The breach...
FragAttack: New Wi-Fi vulnerabilities that affect… basically everything
A new set of vulnerabilities with an aggressive name and their own website almost always bodes ill. The name FragAttack...
Threat spotlight: DarkSide, the ransomware used in the Colonial Pipeline attack
Late last week, the business network systems of Colonial Pipeline, the biggest supplier of fuels on the East Coast of...
Get patching! Wormable Windows flaw headlines Patch Tuesday
It looks like patching a wormable Remote Code Execution (RCE) bug in the HTTP stack of Windows 10 and Windows...
Russian researchers developed methodology to predict cyber risks
Scientists from St. Petersburg Polytechnic University have developed a methodology for assessing cyber risks in smart city systems. The developed...
Thousands of Cryptocurrency Users Targeted by Tor Network Exit Nodes
Cybersecurity researchers have said a threat actor has been adding malicious servers into the Tor network to intercept traffic heading...
Three Affiliated Tribes—The Mandan, Hidatsa & Arikara Suffers Ransomware Attack
On the 28th of April Three Affiliated Tribes – the Mandan, Hidatsa, and Arikara nation – informed their workers that...
US and Australia Warn of Rise in Avaddon Ransomware Attacks
The Federal Bureau of Investigation (FBI) and the Australian Cyber Security Centre (ACSC) have issued an alert about an ongoing...
Ransomware world in 2021: who, how and why
As the world marks the second Anti-Ransomware Day, there’s no way to deny it: ransomware has become the buzzword in...
ByeIntegrity-UAC – Bypass UAC By Hijacking A DLL Located In The Native Image Cache
Bypass User Account Control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level. RequirementsAdministrator account...
APSoft-Web-Scanner-v2 – Powerful Dork Searcher And Vulnerability Scanner For Windows Platform
APSoft Webscanner Version 2new version of APSoft Webscanner Version 1Software picturesWhat can i do with this ?with this software, you...
FragAttacks vulnerabilities expose all WiFi devices to hack
Security researcher discovered a series of flaws, collectively tracked as FragAttacks, that impact the WiFi devices sold for the past...
Maybe don’t call Saul? Over 30,000 VoIP devices identifiable worldwide, some with suspected vulnerabilities
Thousands of public-facing devices can be accessed anywhere in the world, from the US to Russia, from London to Johannesburg....
TeaBot Android banking Trojan targets banks in Europe
Malware researchers from Cleafy warn of a new Android banking trojan dubbed TeaBot (aka Anatsa) that is targeting banks in...
