Researcher’s audacious hack demonstrates new type of supply-chain attack
Often the most brilliant ideas are the most simple. The hard part is being the first one to come up...
Researchers Spotted Two Android Spyware Linked to Confucius
Researchers at cybersecurity firm Lookout have published information on two recently discovered Android spyware families utilized by an advanced persistent...
Russian expert predicts end of WhatsApp – Users switching to Telegram
Over the past weeks, WhatsApp messenger has started losing millions of users. They migrate to Telegram. In mid-January, almost 25...
The Central Bank conducted remote anti-hacker exercises for the first time
The Central Bank of the Russian Federation summed up the results of the cyber exercises held in November-December 2020, designed...
Cyber-Surveillance Operation Resumed by Iran After a Long Break
Iran, one of the resourceful countries in Western Asia in terms of weapons and cyber intelligence has resumed its cyberespionage...
Comcast Data Breach Compromised with 1.5 Billion Data Records
American cable and Internet giant Comcast was struck by a data breach few days back. An unprotected developer database with...
XSSTRON – Electron JS Browser To Find XSS Vulnerabilities Automatically
Powerful Chromium Browser to find XSS Vulnerabilites automatically while browsing web, it can detect many case scenarios with support for...
PatrowlHears – PatrowlHears – Vulnerability Intelligence Center / Exploits
PatrOwl provides scalable, free and open-source solutions for orchestrating Security Operations and providing Threat Intelligence feeds. PatrowlHears is an advanced...
CVE-2021-22652: Advantech iView Missing Authentication RCE (FIXED)
Advantech iView versions prior to 5.7.03.6112 suffer from an instance of "CWE-306: Missing Authentication For Critical Function." This vulnerability (CVE-2021-22652)...
Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks
A total of eight criminals have been arrested on 9 February as a result of an international police operation into...
SAP addresses a critical flaw in SAP Commerce Product
SAP released seven new security notes on February 2021 Security Patch Day, including a Hot News note for a critical issue affecting...
Anti-malware firm Emsisoft accidentally exposes internal DB
Antivirus firm Emsisoft discloses a data breach, a third-party had access to a publicly exposed database containing technical logs. The...
CVE-2020-14409
Summary: SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c...
CVE-2019-20838
Summary: libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or...
CVE-2020-17419
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction...
CVE-2021-22299
Summary: There is a local privilege escalation vulnerability in some Huawei products. A local, authenticated attacker could craft specific commands...
CVE-2020-17418
Summary: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction...
What Google learned from 1 billion evil email scams
Google and researchers at Stanford University have released an in-depth study analysing 5 months of phishing / malware mails sent...
Big Patch Tuesday: Microsoft and Adobe fix in-the-wild exploits
Traditionally the second Tuesday of the month is Microsoft’s “patch Tuesday”. This is the day when they roll out all...
Hacker Attacked a Water Plant in Florida
A hacker penetrated computer networks at Oldsmar, Florida, water treatment plant, remotely delivering a 100-fold boost in a chemical that...
Threat Actors Attacked Israeli Tech Giant Ness Digital Engineering for Ransom
Ness Digital Engineering Company, an Israeli-based U.S. IT provider was targeted via ransomware cyberattack affecting computer networks in India, United...
Russian experts spoke about the most common fraud schemes on the Internet
One of the trends of the last year, continuing in 2021, was the exploitation of the COVID-19 theme. Denis Legezo,...
PyPI and GitLab Witness Spam Attacks
The GitLab, a source code hosting website, and the Python Package Index (PyPI) portal both are flooded with advertisements for...
Tokyo Gas Discloses Data Breach Impacting Anime-style Dating Simulation Game
Recently a cyber attack has been reported by Tokyo Gas, the game’s developer and also known as a Japanese...
