Police Exam Database Exposes 500K Indian Citizens ’ PII
CloudSEK has discovered a post on a well-known database sharing forum advertising the PII of 500,000 Indian citizens. While the...
CVE-2020-36207
Summary: An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on...
CVE-2020-36206
Summary: An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and...
CVE-2020-28052
Summary: An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method...
CVE-2020-27274
Summary: Some parsing functions in the affected product do not check the return value of malloc and the thread handling...
CVE-2020-27295
Summary: The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on...
Credit card skimmer piggybacks on Magento 1 hacking spree
Back in the fall of 2020 threat actors started to massively exploit a vulnerability in the no-longer maintained Magento 1...
Mensa Website Hacked After Britain’s Smartest Folk Failed To Secure Passwords
The community of British Mensa, which is popularly known for its people with high IQs, they have failed to...
Medvedev mentions about the possible disconnection of Russia from the global network
Disconnecting Russia from the global network is possible, but the authorities have a plan of action in this case, said...
Hackers Attack Gaming Community Using Supply Chain Attacks
Researchers at ESET found that NoxPlayer's latest updated mechanism, which is an android emulator for macOS and Windows, was attacked...
Threat Actor Targets Outsourcing Firm Serco Via Babuk Ransomware
The outsourcing company responsible for NHS Test and Trace system in the UK confirmed this week that it was targeted...
FBI Warns Victims Against Scammers Threating with Jail Time
Recently the US FBI has noted an increase in phone calls that usually spoof the Bureau’s telephone number. The actors...
Uroboros – A GNU/Linux Monitoring And Profiling Tool Focused On Single Processes
Uroboros is a GNU/Linux monitoring tool focused on single processes. While utilities like top, ps and htop provide great overall...
BurpMetaFinder – Burp Suite Extension For Extracting Metadata From Files
Burp Suite extension for extracting metadata from files Currently supported documents: PDF DOCX PPTX XLSX The project created at Jetbrains...
Kobalos, a complex Linux malware targets high-performance computing clusters
ESET experts uncovered a previously undocumented piece of malware that had been observed targeting high-performance computing clusters (HPC). ESET analyzed...
Ransomware operators exploit VMWare ESXi flaws to encrypt disks of VMs
Ransomware operators are exploiting two VMWare ESXi vulnerabilities, CVE-2019-5544 and CVE-2020-3992, to encrypt virtual hard disks. Security experts are warning...
CISA: Many victims of SolarWinds hackers had no direct connection to SolarWinds
The U.S. CISA reveals that many of the victims of the SolarWinds hackers had no direct connection to SolarWinds. The...
Experts discovered a new Trickbot module used for lateral movement
Experts spotted a new Trickbot module that is used to scan local networks and make lateral movement inside the target...
Operation NightScout: supply chain attack on NoxPlayer Android emulator
Experts uncovered a new supply chain attack leveraging the update process of NoxPlayer, a free Android emulator for PCs and...
CVE-2020-6105
Summary: An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs...
CVE-2020-35459
Summary: An issue was discovered in ClusterLabs crmsh through 4.2.1. Local attackers able to call "crm history" (when "crm" is...
CVE-2021-3309
Summary: packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust...
CVE-2020-26278
Summary: Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and...
CVE-2021-3164
Summary: ChurchRota 2.6.4 is vulnerable to authenticated remote code execution. The user does not need to have file upload permission...
