Scheme flooding fingerprint technique may deanonymize Tor users
FingerprintJS experts devised a fingerprinting technique, named scheme flooding, that could allow identifying users across different desktop browsers, including the...
Darkside gang lost control of their servers and funds
The operators of the Darkside ransomware announced that they have lost control of their infrastructure and part of the funds...
CVE-2021-21231
Summary: Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap...
CVE-2021-21232
Summary: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit...
CVE-2021-21233
Summary: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially...
CVE-2021-29457
Summary: Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files....
CVE-2021-1079
Summary: NVIDIA GeForce Experience, all versions prior to 3.22, contains a vulnerability in GameStream plugins where log files are created...
Gamers level up with rewards for better security
There was a time when stolen gaming accounts were almost treated as a fact of life. Console hacks weren’t taken...
iPhone calendar spam attacks on the rise
Recently, we have seen an increasing number of reports from iPhone users about their calendars filling up with junk events....
The expert said that WhatsApp transfer users correspondence to Facebook
Facebook collects the data from users' devices, phones, correspondence and conversation content, photos, calls, movementsMessenger WhatsApp has long been sending...
GasBuddy Jumps to No. 1 on Apple Store After Colonial Pipeline Shutdown
Someone’s loss is someone else’s gain – this proverb perfectly fits in the scenario of GasBuddy. GasBuddy, a popular fueling...
Apple’s Find My Network: Can be Abused to Leak Secrets Via Passing Devices
Apple's Find My network, which is used to track iOS and macOS devices – as well as more recently AirTags...
FBI – CISA Published a Joint Advisory as Colonial Pipeline Suffers a Catastrophic Ransomware Attack
Following a catastrophic ransomware assault on a Colonial Pipeline, the FBI and the US Cybersecurity and Infrastructure Security Agency (CISA)...
RevengeRAT is Targeting the Aerospace and Travel Sectors with Spear-Phishing Emails
Microsoft has released a warning about a remote access tool (RAT) called RevengeRAT, which it claims has been used to...
Mubeng – An Incredibly Fast Proxy Checker And IP Rotator With Ease
An incredibly fast proxy checker & IP rotator with ease.FeaturesProxy IP rotator: Rotates your IP address for every specific request....
R77-Rootkit – Fileless Ring 3 Rootkit With Installer And Persistence That Hides Processes, Files, Network Connections, Etc…
Ring 3 rootkitr77 is a ring 3 Rootkit that hides following entities from all processes: Files, directories, junctions, named pipes,...
Magecart gang hides PHP-based web shells in favicons
Magecart cybercrime gang is using favicon to hide malicious PHP web shells used to maintain remote access to inject JavaScript...
Ireland’s Health Service Executive hit by ransomware attack
Ireland’s Health Service Executive service shut down its IT systems after they were hit with a “significant ransomware attack.” Another major...
Colonial Pipeline likely paid a $5M ransom to DarkSide
DarkSide demanded a $5 million ransom to Colonial Pipeline, which has quickly recovered operations, did it pay? The Colonial Pipeline...
Rapid7 says source code, credentials accessed as a result of Codecov supply-chain attack
Rapid7 disclosed that unauthorized third-party had access to source code and customer data as result of Codecov supply chain attack....
Security at Bay: Critical Infrastructure Under Attack
The recent Colonial Pipeline attack highlights the dangers that are facing Critical Infrastructure worldwide. The attack perpetrated by hackers on...
Please vote Security Affairs – 1 day left
Hi GuysI need your support. I became aware only not that we can nominate SecurityAffairs as Best Personal Blog. I...
CVE-2021-31165
Summary: Windows Container Manager Service Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31167, CVE-2021-31168, CVE-2021-31169, CVE-2021-31208. Reference...
CVE-2021-31170
Summary: Windows Graphics Component Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31188. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31170 https://www.zerodayinitiative.com/advisories/ZDI-21-578/...
