CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now!
SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that...
CVE-2021-39253
Summary: A crafted NTFS image can cause an out-of-bounds read in ntfs_runlists_merge_i in NTFS-3G < 2021.8.22. Reference Links(if available): https://github.com/tuxera/ntfs-3g/security/advisories/GHSA-q759-8j5v-q5jp...
CVE-2021-39254
Summary: A crafted NTFS image can cause an integer overflow in memmove, leading to a heap-based buffer overflow in the...
CVE-2021-3673
Summary: A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can...
CVE-2021-22148
Summary: Elastic Enterprise Search App Search versions before 7.14.0 was vulnerable to an issue where API keys were not bound...
CVE-2021-22149
Summary: Elastic Enterprise Search App Search versions before 7.14.0 are vulnerable to an issue where API keys were missing authorization...
Beware! Uber scam lures victims with alert from a real Uber number
This morning Malwarebytes Labs received a scam masquerading as a security alert from Uber. The alert was pretty convincing and...
SonicWall warns users to patch critical vulnerability “as soon as possible”
SonicWall has issued a security notice about its SMA 100 series of appliances. The vulnerability could potentially allow a remote...
Parents and teachers believe digital surveillance of kids outweighs risks
Schools in the US have been using surveillance software to keep an eye on their students, and such software has...
Employees in Retail Industry Most Frequently Targeted by Malicious Emails, New Study Reveals
A new study from security firm Tessian highlights the sophisticated techniques employed by threat actors to evade detection and trick...
Remotely Exploitable Zero-Day Vulnerability In MacOS Allows Code Execution
A zero-day security flaw in the macOS Finder system in Apple might enable remote attackers to deceive users to perform...
Marcus & Millichap Hit With Potential BlackMatter Ransomware
Marcus & Millichap, a publicly-traded real estate investment corporation became the victim of a recent cyberattack that may have been...
Bi. Zone: most of the leaks and hacks in Russian companies are related to old forgotten software
About 60% of information leaks and 85% of hacks in corporate computer networks are related to unaccounted-for digital assets.According to...
Haklistgen – Turns Any Junk Text Into A Usable Wordlist For Brute-Forcing
Turns any junk text into a usable wordlist for brute-forcing.Installationgo install github.com/hakluke/haklistgen@latest Usage ExamplesScrape all words out of an HTTP...
Reconky – A Great Content Discovery Bash Script For Bug Bounty Hunters Which Automate Lot Of Task And Organized It
Reconky is a script written in bash to automate the task of recon and information gathering.This Bash Script allows you...
Researcher released PoC exploit code for 3 iOS zero-day issues
Researcher release PoC exploit code for three iOS zero-day flaws after Apple delayed addressing them and did not credit him....
Cisco addresses 3 critical vulnerabilities in IOS XE Software
Cisco fixed three critical flaws impacting IOS XE operating system powering some of its devices, such as routers and wireless...
3.8 billion Clubhouse and Facebook user records allegedly scraped and merged, put for sale online
A user on a popular hacker forum is selling a database that purportedly contains 3.8 billion Clubhouse and Facebook user...
New FamousSparrow APT group used ProxyLogon exploits in its attacks
Researchers spotted a new cyberespionage group, dubbed FamousSparrow, that used ProxyLogon exploits to target hotels worldwide. Researchers from ESET discovered a...
Apple addresses a new zero-day exploited to deploy the NSO Pegasus spyware
Apple has addressed three zero-day vulnerabilities exploited by threat actors in attacks in the wild to take over iPhones and...
A bug in Microsoft Exchange Autodiscover feature leaks +372K of domain credentials
A flaw in the Microsoft Exchange Autodiscover feature can be exploited to harvest Windows domain and app credentials. Security researchers...
CVE-2019-10172
Summary: A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but...
CVE-2019-10172
Summary: A flaw was found in org.codehaus.jackson:jackson-mapper-asl:1.9.x libraries. XML external entity vulnerabilities similar CVE-2016-3720 also affects codehaus jackson-mapper-asl libraries but...
CVE-2021-39123
Summary: Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to impact the application's availability via...
