CVE-2021-39375
Summary: Philips Healthcare Tasy Electronic Medical Record (EMR) 3.06 allows SQL injection via the WAdvancedFilter/getDimensionItemsByCode FilterValue parameter. Reference Links(if available):...
CVE-2021-27556
Summary: The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code...
CVE-2021-39371
Summary: An XML external entity (XXE) injection in PyWPS before 4.5.0 allows an attacker to view files on the application...
FBI warns of ransomware threat to food and agriculture
The FBI has issued a Private Industry Notification (PIN) about cybercriminal actors targeting the food and agriculture sector with ransomware...
Watch what you send on anonymous SMS websites
It’s a good idea to try and keep certain things private. For example, people have been using anonymous email services...
UK Based Firms, Voip Unlimited, And Voipfone Under DDoS Attack
Users of Voipfone's UK business broadband and Voice-over-Internet-Protocol (VoIP) services have reported to ISPreview.co.uk that the supplier has been facing...
Vulnerabilities in bank chatbots allow hackers to steal money
Awillix specialists discovered vulnerabilities in bank chatbots that could allow fraudsters to transfer money without the knowledge of customers. Positive...
BrakTooth Vulnerability Puts Bluetooth Users At Risk, Flaws Left Unpatched
White Hat hackers revealed a set of vulnerabilities named as BrakTooth, which affects commercial bluetooth gadgets, raising suspicions about vendor's...
Parliamentary Panel Advises Indian Government to Ban VPN Services
Citing the growing threat in cyberspace, the Parliamentary Standing Committee on Home Affairs has advised the Indian government to block...
VIP72: 15-Year-Old Malware Proxy Network Goes ‘Dark’ Without Notice
A 15-year-old cybercrime anonymity service called VIP72, in the past, allowed a large number of cybercriminals to cover up their...
Applied YARA training Q&A
Introduction On August 31, 2021 we ran a joint webinar between VirusTotal and Kaspersky, with a focus on YARA rules...
CobaltStrikeParser – Python parser for CobaltStrike Beacon’s configuration
Python parser for CobaltStrike Beacon's configuration DescriptionUse parse_beacon_config.py for stageless beacons, memory dumps or C2 urls with metasploit compatibility mode...
MobileAudit – SAST and Malware Analysis for Android Mobile APKs
Django Web application for performing Static Analysis and detecting malware in Android APKsIn each of the scans, it would have...
LockBit 2.0 Ransomware Victim: pulmuonewildwood[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware add DDoS protection to victim blog
The ransomware group have added DDoS protection to the victim blog using Nginx-Lua-Anti-DDoS from the github repo located here: https://github.com/C0nw0nk/Nginx-Lua-Anti-DDoS/blob/master/lua/anti_ddos_challenge.lua...
PRIVATELOG, a new malware that leverages Common Log File System (CLFS) to avoid detection
Mandiant researchers spotted a new malware family, dubbed PRIVATELOG, that relies on the Common Log File System (CLFS) to evade...
FBI warns of ransomware attacks targeting the food and agriculture sector
FBI warns ransomware gangs are actively targeting organizations in the food and agriculture sector. The FBI Cyber Division issued a...
Attacks against SolarWinds Serv-U SW were possible due to the lack of ASLR mitigation
SolarWinds did not enable anti-exploit mitigation available since 2006 allowing threat actors to target SolarWinds Serv-U FTP software in July...
WhatsApp CVE-2020-1910 bug could have led to user data exposure
The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. A high-severity...
New BrakTooth flaws potentially impact millions of Bluetooth-enabled devices
Security flaws in commercial Bluetooth stacks dubbed BrakTooth can be exploited by threat actors to execute arbitrary code and crash...
BlackMatter Ransomware Victim: Solar Coca-Cola
BlackMatter Ransomware NOTE: The information on this page is automated and scraped directly from the BlackMatter Onion Dark Web Tor...
CVE-2021-3682
Summary: A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs...
CVE-2021-3713
Summary: An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior...
CVE-2021-3713
Summary: An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior...
