Ryuk ransomware operations already made over $150M
The Ryuk ransomware had a disruptive impact on multiple industries around the world, operators already earned more than $150 million....
North Korea-linked APT37 targets South with RokRat Trojan
Experts spotted the RokRat Trojan being used by North Korea-linked threat actors in attacks aimed at the South Korean government....
CVE-2018-20314
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can...
CVE-2018-20313
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can...
CVE-2018-20312
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can...
CVE-2020-27844
Summary: A flaw was found in openjpeg's src/lib/openjp2/t2.c in versions prior to 2.4.0. This flaw allows an attacker to provide...
CVE-2018-20311
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
CVE-2018-20316
Summary: Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can...
CVE-2020-4762
Summary: IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_2, 6.0.0.0 through 6.0.3.2, and 6.1.0.0 could allow an authenticated user...
CVE-2020-29491
Summary: Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially...
CVE-2019-20484
Summary: An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload...
Malspam campaign spoofs email chains to install IcedID info-stealer
In a new phishing campaign, the offending emails arrive in inboxes with attached, password-protected zip archives containing Word documents. (Photo...
“I have full control of your device”: Sextortion scam rears its ugly head in time for 2021
Malwarebytes recently received a report about a fresh spate of Bitcoin sextortion scam campaigns doing the rounds. Bitcoin sextortion scams...
Funke Media Group suffers nationwide ransomware attack in Germany
On December 22, Germany’s third largest publisher fell victim to a cyberattack that affected systems in offices all around the...
Security Expert listed the largest data leaks of Russian residents in 2020
Founder of DLBI data leak intelligence service Ashot Hovhannisyan spoke about the most large-scale database leaks in the Russian Federation...
Aurora Cannabis Breach Exposes Personal Data of Former, Current Workers
Recently, Marijuana Business Daily has disclosed a data breach at Aurora Cannabis. The security incident compromised the credential information...
Researcher Exposes Telegram’s Location Bug, Company Say It’s a Feature
An expert who observed that messaging platform Telegram's "People Nearby" feature revealed risk of accurate user location, is now informed...
Cisco Talos Researchers Discovered Multiple Susceptibilities in SoftMaker Office TextMaker
Cisco Talos researchers exposed multiple vulnerabilities in SoftMaker Office TextMaker that can be exploited by cyber attackers. These vulnerabilities in...
NSA Issues Guidelines for Eliminating Obsolete TLS Protocols
The National Security Agency is a US-based agency on which America highly relies on to collect and process foreign signals,...
UhOh365 – A Script That Can See If An Email Address Is Valid In Office365 (User/Email Enumeration)
A script that can see if an email address is valid in Office365. This does not perform any login attempts,...
Sarenka – OSINT Tool – Data From Services Like Shodan, Censys Etc. In One Place
SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is...
How COVID-19 Reinforced the Need for Mobile Device Management
How many of you got that call at the beginning of the pandemic to make your company’s workforce 100% capable...
Multiple flaws in Fortinet FortiWeb WAF could allow corporate networks to hack
An expert found multiple serious vulnerabilities in Fortinet’s FortiWeb web application firewall (WAF) that could expose corporate networks to hack....
