CVE-2020-19752
Summary: The find_color_or_error function in gifsicle 1.92 contains a NULL pointer dereference. Reference Links(if available): https://github.com/kohler/gifsicle/issues/140 CVSS Score (if available)...
CVE-2021-38706
Summary: messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL...
CVE-2021-40524
Summary: In Pure-FTPd 1.0.49, an incorrect max_filesize quota mechanism in the server allows attackers to upload files of unbounded size,...
CVE-2021-24006
Summary: An improper access control vulnerability in FortiManager versions 6.4.0 to 6.4.3 may allow an authenticated attacker with a restricted...
That’s the way the cookie banner crumbles?
Elizabeth Denham, current head of the Information Commissioner’s Office (ICO), the UK’s data protection watchdog and the organization tasked to...
Facebook puts on Ray-Bans, struts into the privacy minefield of smart glasses
Facebook, neck-deep in virtual / augmented reality with the Oculus headset, continues to move things up a gear. It’s announced...
Gamers beware: The risks of Real Money Trading (RMT) explained
Any game with an online component can be at risk from a practice known as Real Money Trading (RMT), where...
The Future Comes With Promising Edge Technology, Say Experts
The huge amount of data continuously collected via billions of sensors and devices that comprise the IoT can pose a...
Beware of New Advance Fee Fraud Scheme Targeting Cryptocurrency Users
Researchers at Proofpoint have detected a new series of email fraud campaigns trying to lure potential victims with the promise...
Ragnar Locker to Publish Victims Data if They Approach FBI
The ransomware gang Ragnar Locker implements a new strategy, which forces victims to pay the ransom and threatens to expose...
SEC: Stay Vigilant Against Cryptocurrency Related Frauds
The U.S. Securities and Exchange Commission has released a new alert that fresh illegal schemes are targeting digital assets. According to...
Hackers Steal Data of 40,000 Patients From a Kidney Hospital in Thailand
On Wednesday, Thirachai Chantharotsiri, director of Bhumirajanagarindra Kidney Institute Hospital lodged a complaint that the personal information of over 40,000...
Hooks, Filters, and Other Really, Really, Cool Things
In case you don’t check our commit history on our GitHub on a daily basis, Empire 4.1 and Starkiller 1.9 were released to...
WWWGrep – OWASP Foundation Web Respository
WWWGrep is a rapid search “grepping” mechanism that examines HTML elements by type and permits focused (single), multiple (file based...
EDD – Enumerate Domain Data
Enumerate Domain Data is designed to be similar to PowerView but in .NET. PowerView is essentially the ultimate domain enumeration...
Grayfly APT uses recently discovered Sidewalk backdoor
Security researchers from Broadcom’s Symantec linked a previously undocumented backdoor to the Chinese Grayfly operation. Experts from Broadcom’s Symantec linked...
Experts confirmed that the networks of the United Nations were hacked earlier this year
The United Nations this week confirmed that its computer networks were hit by a cyberattack earlier this year, as first...
International money launderer sentenced to more than 11 years
A Canadian man, who helped North Korean threat actors to launder stolen funds, plead guilty to laundering tens of millions...
A new botnet named Mēris is behind massive DDoS attack that hit Yandex
The massive DDoS attack that has been targeting the internet giant Yandex was powered b a completely new botnet tracked...
CVE-2021-29631
Summary: In FreeBSD 13.0-STABLE before n246941-20f96f215562, 12.2-STABLE before r370400, 11.4-STABLE before r370399, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE...
CVE-2021-35062
Summary: A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token...
CVE-2021-39373
Summary: Samsung Drive Manager 2.0.104 on Samsung H3 devices allows attackers to bypass intended access controls on disk management. WideCharToMultiByte,...
CVE-2021-29630
Summary: In FreeBSD 13.0-STABLE before n246938-0729ba2f49c9, 12.2-STABLE before r370383, 11.4-STABLE before r370381, 13.0-RELEASE before p4, 12.2-RELEASE before p10, and 11.4-RELEASE...
CVE-2021-39371
Summary: An XML external entity (XXE) injection in PyWPS before 4.4.5 allows an attacker to view files on the application...
