CVE-2020-36223
Summary: A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control...
CVE-2020-36222
Summary: A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation,...
CVE-2020-36221
Summary: An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing,...
Operation LadyBird: International Law Enforcement Agencies Crackdown Emotet
European and US law agencies earlier this week directed a brilliant crackdown on Emotet. Emotet is a botnet of corrupted...
Webdev Tutorials Site ‘SitePoint’ has Disclosed a Data Breach
The website Sitepoint, which provides access to online study and information on web development content tutorials and books, reported...
SolarWinds CEO: “SolarWinds Orion Development Program was Exploited by the Hackers”
Sudhakar Ramakrishna, CEO of SolarWinds confirmed that ‘suspicious activity’ was spotted in its Office 365 environment which permitted threat actors...
Malicious Operations Hide Under The Google Chrome Sync Feature
Lately, the threat actors have detected a technique where they can use the sync feature of Google Chrome to transmit...
Microsoft Office Phishing Attack Hosted on Google Firebase
A phishing campaign set on stealing Microsoft login credentials is utilizing Google Firebase to bypass email security efforts in Microsoft...
COM-Code-Helper – Two IDAPython Scripts Help You To Reconstruct Microsoft COM (Component Object Model) Code
Two IDAPython Scripts help you to reconstruct Microsoft COM (Component Object Model) Code Especially malware reversers will find this useful,...
Creepy – A Geolocation OSINT Tool. Offers Geolocation Information Gathering Through Social Networking Platforms
This project is currently not maintained. I haven't put any work on it since 2016 and with the current state...
The number of ICS flaws in 2020 was 24,72% higher compared to 2019
The number of vulnerabilities discovered in industrial control system (ICS) products surged in 2020, security firm Claroty reports. According to...
Security Affairs newsletter Round 300
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Web developers SitePoint discloses a data breach
The website, and publisher of books, courses and articles for web developers, SitePoint discloses a data breach that impacted 1M...
Experts found critical flaws in Realtek Wi-Fi Module
Critical flaws in the Realtek RTL8195A Wi-Fi module could have been exploited to gain root access and take over devices’...
CVE-2020-28030
Summary: In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. This was addressed in epan/dissectors/packet-gquic.c by correcting the implementation...
CVE-2020-9428
Summary: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was...
CVE-2020-9430
Summary: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This...
CVE-2020-9431
Summary: In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory....
CVE-2021-3272
Summary: jp2_decode in jp2/jp2_dec.c in libjasper in JasPer 2.0.24 has a heap-based buffer over-read when there is an invalid relationship...
Spotify Suffers Second Credential-Stuffing Cyberattack in 3 Months
Spotify, which has become a very popular online streaming music platform, is suffering from a second cyber credential attack...
Security Researchers Received More Than $6.7 MIllion by Google as Bug Bounty Rewards
Security experts from 62 nations were paid more than $6.7 million (nearly Rs. 49 crore) by Google for identifying susceptibilities...
Financial Conduct Authority of UK Hit by 2,40,000 Spam Mails, Some Contain Malware
Financial Regulator of UK was spammed by almost a quarter of a million (240,000) malicious emails in the Q4 of...
Cerber Ransomware Returns: Targeting Healthcare Industry
Cerber, a type of ransomware that once was the most popular choice for cybercriminals, has returned and is used for...
ExecuteAssembly – Load/Inject .NET Assemblies
ExecuteAssembly is an alternative of CS execute-assembly, built with C/C++ and it can be used to Load/Inject .NET assemblies by;...
