CVE-2021-22901
Summary: curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS...
Audi – 2,743,539 breached accounts
In August 2019, Audio USA suffered a data breach after a vendor left data unsecured and exposed on the internet....
5 years for swatter who caused a man’s death for a Twitter handle
Doxing (or doxxing) is in the news again, for an absolutely shocking story that ended with a man’s death caused...
Millions of Windows machines affected by ancient printer vulnerability
A very serious security flaw in immensely popular printer drivers has been disclosed and it could affect many millions of...
Pegasus spyware has been here for years. We must stop ignoring it
On July 18, a group of 17 newspaper and media organizations—aided by Amnesty International’s Security Lab and the research group...
Swedish Crypto Scammer Jailed for 15 Years in Gold-Backed Fraud
A citizen of Sweden was sentenced to 15 years in prison for manipulating a cryptocurrency scam claiming to pay investors...
Cyber-Attack by Hackers Disrupt Iranian Railway System
On Saturday 10th of July, just after a cyber interruption in IRNA's computing devices, the official IRNA media outlet announced...
Safeguard Your Smartphones From Radio-based Attacks
Smartphones, unlike PCs, involve a range of radios – generally cellular, Wi-Fi, Bluetooth, and Near Field Communication (NFC) – that...
Pegasus: The Case of the Infamous Spyware
The case of the infamous spyware Pegasus has taken the world by storm, with news revealing its unlawful use infringing...
Pstf2 – Passive Security Tools Fingerprinting Framework
Have you ever wanted a simple, easy and stealth bypass for multiple classes of security products? pstf^2 (pronounced pstf-square) is...
Beanshooter – JMX Enumeration And Attacking Tool
Beanshooter is a command line tool written in Java, which helps to identify common vulnerabilities on JMX endpoints.IntroductionJMX stands for...
Group-IB helps Dutch police identify members of phishing developer gang Fraud Family
Researchers from threat intelligence firm Group-IB helps Dutch police identify members of phishing developer gang known as Fraud Family. Group-IB,...
CISA analyzed stealthy malware found on compromised Pulse Secure devices
U.S. CISA released an alert today about several stealth malware samples that were found on compromised Pulse Secure devices. The...
TicketClub Italy Database Offered in Dark Web
A database belonging to TicketClub Italy, a company providing coupons platform for offline purchases, is available for sale on darkweb...
Thousands of Humana customers have their medical data leaked online by threat actors
Experts found a DB containing sensitive health insurance data belonging to customers of US insurance giant Humana. An SQL database...
France ANSSI agency warns of APT31 campaign against French organizations
French cyber-security agency ANSSI warned of an ongoing cyberespionage campaign aimed at French organizations carried out by China-linked APT31 group....
CVE-2021-34521
Summary: Raw Image Extension Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34521 CVSS Score (if available) v2: / MEDIUM v3:...
CVE-2021-34522
Summary: Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34464. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34522 CVSS Score...
CVE-2021-34525
Summary: Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33746, CVE-2021-33754, CVE-2021-33780, CVE-2021-34494. Reference Links(if...
CVE-2021-34529
Summary: Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34528. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34529 https://www.zerodayinitiative.com/advisories/ZDI-21-827/...
Guntrader – 112,031 breached accounts
In July 2021, the United Kingdom based website Guntrader suffered a data breach that exposed 112k unique email addresses. Extensive...
The life and death of the ZeuS Trojan
Whether you’ve read up on Greek mythology or you’re simply a big fan of Marvel comics, the name “Zeus” should...
ID theft ghouls targeting Surfside victims is appalling, but no surprise
We’ve written at length about account compromise and identity theft, and how criminals will often hijack accounts belonging to dead...
HiveNightmare zero-day lets anyone be SYSTEM on Windows 10 and 11
Users with low privileges can access sensitive Registry database files on Windows 10 and Windows 11, leaving them vulnerable to...
