CVE-2021-36000
Summary: Adobe Character Animator version 4.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted...
Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much about John Deere: Lock and Code S02E16
No one ever wants a group of hackers to say about their company: “We had the keys to the kingdom.”...
Scammers Use Fake DMCA Complaints, DDoS Threats to Deploy BazaLoader Malware
Threat actors responsible for the BazaLoader malware designed a brand-new bait to trick website owners into opening malicious files: fake...
Boston Public Library Affected by Cyberattack
The Boston Public Library (BPL) announced on 27th August that its network was compromised on Wednesday, resulting in a system-wide...
Fraudsters Pose as Europol Chief in an Attempt to Steal Victims PayPal Account Details
The federal police's Computer Crime Unit is looking into an identity fraud case concerning Catherine De Bolle, the executive head...
The FBI has Issued a Warning About the Hive Ransomware Gang
The Federal Bureau of Investigation (FBI) has issued a security alert regarding the Hive ransomware attacks, which provides technical data...
PEzor – Open-Source Shellcode And PE Packer
Read the blog posts here: https://iwantmore.pizza/posts/PEzor.html https://iwantmore.pizza/posts/PEzor2.html https://iwantmore.pizza/posts/PEzor3.html https://iwantmore.pizza/posts/PEzor4.html InstallationThe install.sh is designed to work on a Kali Linux distro....
MEAT – This Toolkit Aims To Help Forensicators Perform Different Kinds Of Acquisitions On iOS Devices
M.E.A.T. - Mobile Evidence Acquisition ToolkitMeet M.E.A.T! From Jack Farley - BlackStone Discovery This toolkit aims to help forensicators perform...
1 GB of data belonging to Puma available on Marketo
The name of the sportswear manufacturer Puma appeared on the dark web marketplace of stolen data Marketo, threat actors claim...
Security Affairs newsletter Round 329
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
DDoS attacks target the Philippine human rights alliance Karapatan
The Philippine human rights alliance Karapatan has suffered a massive and prolonged Distributed Denial of Service (DDoS) attack, Qurium organizations linked it...
Some Synology products impacted by recently disclosed OpenSSL flaws
Taiwan vendor Synology announced that recently disclosed vulnerabilities (CVE-2021-3711 and CVE-2021-3712) in the OpenSSL impact some of its products. Taiwanese company Synology...
EskyFun data leak, over 1 million Android gamers impacted
vpnMentor’s researchers reported that the Chinese mobile gaming company EskyFun suffered a data breach, over 1 million gamers impacted. vpnMentor’s researchers discovered...
Boffins show PIN bypass attack Mastercard and Maestro contactless payments
Boffins from the Swiss ETH Zurich university demonstrated PIN bypass attack on contactless cards from Mastercard and Maestro. A group...
CVE-2020-36478
Summary: An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). A NULL...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
CVE-2015-5237
Summary: protobuf allows remote authenticated attackers to cause a heap-based buffer overflow. Reference Links(if available): https://github.com/google/protobuf/issues/760 https://bugzilla.redhat.com/show_bug.cgi?id=1256426 http://www.openwall.com/lists/oss-security/2015/08/27/2 https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E...
CVE-2019-15544
Summary: An issue was discovered in the protobuf crate before 2.6.0 for Rust. Attackers can exhaust all memory via Vec::reserve...
CVE-2016-10081
Summary: /usr/bin/shutter in Shutter through 0.93.1 allows user-assisted remote attackers to execute arbitrary commands via a crafted image name that...
CVE-2019-20326
Summary: A heap-based buffer overflow in _cairo_image_surface_create_from_jpeg() in extensions/cairo_io/cairo-image-surface-jpeg.c in GNOME gThumb before 3.8.3 and Linux Mint Pix before 2.4.5...
CVE-2020-2501 – QNAP / Surveillance Station – Out-of-bounds write
Summary: CVE-2020-2501 is an out-of-bounds write vulnerability impacting multiple versions of QNAP Surveillance Station. An exploit was observed in open...
Microsoft Issues an Advisory on ProxyShell Vulnerabilities
Microsoft this week published guidance about three vulnerabilities referred to collectively as ProxyShell days after security researchers at the U.S....
Cisco Published Two Critical and Six High-Severity Patches for Nexus Gear
The American multinational technology conglomerate corporation Cisco Systems, based in San Jose, California - has published six security patches for...
F5 Security Patched Severe Vulnerabilities in its BIG-IP Networking Device
F5 Security has patched over a dozen critical-severity vulnerabilities in its BIG-IP networking device, including one which was classified as...
