CVE-2021-26960
Summary: A remote unauthenticated cross-site request forgery (csrf) vulnerability was discovered in Aruba AirWave Management Platform version(s): Prior to 8.2.12.0....
Travel Oklahoma – 637,279 breached accounts
In December 2020, the Oklahoma state Tourism and Recreation Department suffered a data breach. The incident exposed 637k email addresses...
iPhone app exposed other people’s call recordings
Video and audio are huge privacy concerns for people. If something goes wrong with tech it can have major ramifications....
OVH cloud datacenter destroyed by fire
A fire in one of the OVH datacenters has destroyed one datacenter and knocked two others offline. It took 100...
Kremlin concerned about the report of possible US cyber attacks
The New York Times previously reported that the United States plans to carry out cyber attacks on the internal systems...
Threat Actors Ruined the Launch of Wiliams New FW43B Car
Threat actors prevented the Williams Formula 1 team from giving fans a first look at their car’s latest version via...
University of the Highlands and Islands Deals with a Sudden Cyber Attack
A persistent 'cyber incident' occurred at the University of the Highlands and Islands, which disrupted its services and networks on...
A Massive Security Breach for the Silicon Valley Start-Up
Verkada, a Silicon Valley security start-up that gives cloud-based security camera services, has witnessed a massive security breach. Hackers accessed...
EU Banking Regulator Suffers Cyberattack in a Microsoft Email Breach
A significant EU financial regulator, the EU Banking Authority said that it suffered a cyberattack where its Microsoft email systems...
Ad blocker with miner included
Some time ago, we discovered a number of fake apps delivering a Monero cryptocurrency miner to user computers. They are...
InsightIDR’s NTA Capabilities Expanded to AWS
We’re excited to announce we have expanded the Network Traffic Analysis (NTA) capabilities in InsightIDR to support Amazon Web Services...
OVH data centers suffered a fire, many popular sites are offline
OVH, the largest hosting provider in Europe, has suffered a terrible fire that destroyed the data centers located in Strasbourg. OVH,...
A flaw in The Plus Addons for Elementor WordPress plugin allows sites takeover
Researchers from the Wordfence team found a critical vulnerability in The Plus Addons for Elementor WordPress plugin that could be...
Microsoft’s March Patch Tuesday fixes 14 Critical flaws
Microsoft’s March Patch Tuesday security updates address 89 vulnerabilities in its products, 14 are listed as Critical and 75 are...
Another French hospital hit by a ransomware attack
A ransomware attack hit the Oloron-Sainte-Marie hospital in southwest France, it is the third such attack in the last month....
Microsoft releases ProxyLogon patches for unsupported Microsoft Exchange versions
Microsoft released ProxyLogon security updates for Microsoft Exchange servers running vulnerable unsupported Cumulative Update versions. On March 2nd, Microsoft has...
CVE-2020-27917
Summary: A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur...
CVE-2020-27916
Summary: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS...
CVE-2020-27912
Summary: An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS...
CVE-2020-27927
Summary: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1,...
CVE-2020-27926
Summary: A use after free issue was addressed with improved memory management. This issue is fixed in iOS 14.2 and...
REvil ransomware’s calling, and it’s not good news
The REvil ransomware (AKA Sodinokibi, which operates as a Ransomware as a Service) is adopting some outreach techniques after initial...
TinyCheck: Stalkerware detection that doesn’t leave a trace
In 2019, when Malwarebytes helped found the Coalition Against Stalkerware, which brings together cybersecurity vendors and nonprofits to detect and...
Microsoft Exchange attacks cause panic as criminals go shell collecting
Only last week we posted a blog about multiple zero-day exploits being used to attack on-premises versions of Microsoft Exchange...
