TeamsUserEnum – User Enumeration With Microsoft Teams API
Sometimes user enumeration could be sometimes useful during the reconnaissance of an assessment. This tool will determine if an email...
CVE-2020-28010
Summary: Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory...
CVE-2021-3518
Summary: There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file...
CVE-2019-17543
Summary: LZ4 before 1.9.2 has a heap-based buffer overflow in LZ4_write32 (related to LZ4_compress_destSize), affecting applications that call LZ4_compress_fast with...
CVE-2021-22884
Summary: Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When...
CVE-2021-22901
Summary: curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS...
Audi – 2,743,539 breached accounts
In August 2019, Audio USA suffered a data breach after a vendor left data unsecured and exposed on the internet....
5 years for swatter who caused a man’s death for a Twitter handle
Doxing (or doxxing) is in the news again, for an absolutely shocking story that ended with a man’s death caused...
Millions of Windows machines affected by ancient printer vulnerability
A very serious security flaw in immensely popular printer drivers has been disclosed and it could affect many millions of...
Pegasus spyware has been here for years. We must stop ignoring it
On July 18, a group of 17 newspaper and media organizations—aided by Amnesty International’s Security Lab and the research group...
Swedish Crypto Scammer Jailed for 15 Years in Gold-Backed Fraud
A citizen of Sweden was sentenced to 15 years in prison for manipulating a cryptocurrency scam claiming to pay investors...
Cyber-Attack by Hackers Disrupt Iranian Railway System
On Saturday 10th of July, just after a cyber interruption in IRNA's computing devices, the official IRNA media outlet announced...
Safeguard Your Smartphones From Radio-based Attacks
Smartphones, unlike PCs, involve a range of radios – generally cellular, Wi-Fi, Bluetooth, and Near Field Communication (NFC) – that...
Pegasus: The Case of the Infamous Spyware
The case of the infamous spyware Pegasus has taken the world by storm, with news revealing its unlawful use infringing...
Pstf2 – Passive Security Tools Fingerprinting Framework
Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 (pronounced pstf-square) is...
Beanshooter – JMX Enumeration And Attacking Tool
Beanshooter is a command line tool written in Java, which helps to identify common vulnerabilities on JMX endpoints.IntroductionJMX stands for...
Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB,...
CISA analyzed stealthy malware found on compromised Pulse Secure devices
U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The...
TicketClub Italy Database Offered in Dark Web
A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb...
Thousands of Humana customers have their medical data leaked online by threat actors
Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database...
France ANSSI agency warns of APT31 campaign against French organizations
French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group....
CVE-2021-34521
Summary: Raw Image Extension Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34521 CVSS Score (if available) v2: / MEDIUM v3:...
CVE-2021-34522
Summary: Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34464. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34522 CVSS Score...
CVE-2021-34525
Summary: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33746, CVE-2021-33754, CVE-2021-33780, CVE-2021-34494. Reference Links(if...
