Two former NSA Officials appointed by Joe Biden for prominent cyber roles
President Joe Biden has appointed two former senior NSA officials for two prominent cyber roles in his administration. President Joe...
CVE-2021-27380
Summary: A vulnerability has been identified in Solid Edge SE2020 (All Versions < SE2020MP13), Solid Edge SE2021 (All Versions <...
CVE-2020-36313
Summary: An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after...
CVE-2017-7429
Summary: The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload...
CVE-2018-7686
Summary: Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. Reference Links(if available): https://www.netiq.com/documentation/edirectory-91/edirectory9111_releasenotes/data/edirectory9111_releasenotes.html CVSS...
CVE-2020-24136
Summary: Directory traversal in Wcms 0.3.2 allows an attacker to read arbitrary files on the server that is running an...
How ransomware gangs are connected, sharing resources and tactics
Many of us who read the news daily encounter a regular drum beat of ransomware stories that are both worrying...
How bitcoin payments unmasked a man who hired a Dark Web contract killer
An Italian citizen’s apparent attempt to hire a hitman on the Dark Web has been undone by clever analysis of...
Google Tricked Millions of Chrome Users in the Name of ‘Privacy’
Google revealed last month that it is rolling out the Federated Learning of Cohorts (FLoC) program, an important part of...
Iran Natanz Nuclear Facility Struck by a Blackout Labelled as an Act of “Nuclear Terrorism”
On Sunday 11th of April, just hours after newly developed centrifuges, which could enrich uranium faster were launched in Iran,...
Dwn – D(Ockerp)Wn – A Docker Pwn Tool Manager
dwn is a "docker-compose for hackers". Using a simple YAML "plan" format similar to docker-compose, image names, versions and volume...
SYNwall – A Zero-Configuration (IoT) Firewall
Zero config (IoT) firewall. SYNwall is a project built (for the time being) as a Linux Kernel Module, to implement...
Microsoft is open sourcing CyberBattleSim Enterprise Environment Simulator
Microsoft released as open-source the ‘CyberBattleSim Python-based toolkit which is an Enterprise Environment Simulator. Microsoft has recently announced the open-source...
LinkedIn confirmed that it was not a victim of a data breach
LinkedIn has formally denied that the recently disclosed data leak was caused by a security breach, data were obtained via...
Fitch Ratings: Cyberattacks could pose a material risk to water and sewer utilities
Fitch Ratings is warning that cyberattacks could pose a risk to water and sewer utilities potentially impacting their ability to...
CVE-2015-8698
Summary: CA Release Automation (formerly LISA Release Automation) 5.0.2 before 5.0.2-227, 5.5.1 before 5.5.1-1616, 5.5.2 before 5.5.2-434, and 6.1.0 before...
CVE-2021-30147
Summary: DMA Softlab Radius Manager 4.4.0 allows CSRF with impacts such as adding new manager accounts via admin.php. Reference Links(if...
CVE-2019-1910
Summary: A vulnerability in the implementation of the Intermediate System–to–Intermediate System (IS–IS) routing protocol functionality in Cisco IOS XR Software...
CVE-2020-6309
Summary: SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11),...
CVE-2016-9795
Summary: The casrvc program in CA Common Services, as used in CA Client Automation 12.8, 12.9, and 14.0; CA SystemEDGE...
Beating security fatigue with Troy Hunt, Chloé Messdaghi, and Tanya Janca: Lock and Code S02E06
This week on Lock and Code, we discuss the top security headlines generated right here on Labs. In addition, we...
Yanbian Gang Malware Continues With Large-Scale Distribution and C2
Fake banking apps laced with malware remain a crucial factor in the success of threat actors. For the Yanbian gang,...
Belden Says Health-Related Information Leaked in Cyberattack
Belden has uncovered that extra information was accessed and copied during their November 2020 cyberattack related to employees' medical care...
Cybercriminals Used Facebook Ads to Lure Users into Installing the Fake Clubhouse App
Audio-only app Clubhouse gained huge success over the last few months and now attackers are misusing the reputation and fame...
