Windows 10 Serious Flaw Could Corrupt HardDrive — If You Open A Folder
Microsoft to fix Windows 10 bug that can corrupt a hard drive just by opening a folder or just by looking at an icon. NTFS Hard Drive Corrupt A bizarre [...]
Microsoft Released Windows Update — 83 Security Flaws
Patch Tuesday of 2021 addressed 83 flaws spanning as many as 11 products and services. Microsoft Patch Tuesday — 2021 Patch Tuesday is an unofficial term used to refer to [...]
4 Zero-Day Infect Windows And Android devices
Attackers infect booby-trapped websites — who visited them. Zero-Day Exploit: A computer-software vulnerability that is unknown to those who should be interested in mitigating the vulnerability. Researchers from Google’s Project [...]
Data Breach On Networking Giant Ubiquiti
Ubiquiti, the Networking giant alerts customers to change passwords after a security breach. Data Breach — Ubiquiti Ubiquiti manufactures and sells wireless data communication and wired products for enterprises and [...]
Security Advisory – Fortinet FortiWeb Vulnerability
FortiWeb is vulnerable to a blind SQL injection FortiWeb — CVE-2020-29015 Summary: A blind SQL injection in the user interface of FortiWeb may allow an unauthenticated, remote attacker to execute [...]
Signal Fixes Verification Delays Caused By WhatsApp Mass Exodus
Encrypted messaging service in Signal — verification process delay affecting its new user, recovered. Encrypted Messaging Service: A cross-platform encrypted messaging service developed by the Signal Foundation and Signal Messenger. [...]
Exact Location Of Users Are Exposed — Telegram App Feature
Nearby Share feature can be exploited by adversaries to spoof GPS and get access to users' exact location. Telegram App: A messaging app with a focus on speed and security, [...]
NVIDIA Release High-Severity Graphics Driver Flaws
In first update of 2021, NVIDIA patched 16 CVEs across its graphics drivers and vGPU software. NVIDIA Graphics Driver On Thursday Nvidia, which makes gaming-friendly graphics processing units (GPUs), fixed [...]
The U.S. Department of Justice Email Server Breached — SolarWinds
SolarWinds Hackers accessed Office 365 mailboxes of the U.S. Justice Department’s. SolarWinds Attack Over 100 to 280 organizations installed a trojanized version of the SolarWinds Orion platform that infects internal systems [...]
Critical Android Security Update — Addressed 43 Bugs
Google's Android Security Update addressed 43 bugs affecting Android Handsets, including Samsung phones. Android Security Update: The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. However, Security [...]
Apache Security Vulnerability Advisory — Code Execution
Apache released patches for some of its products. Apache Tapestry — CVE-2020-17531 Description: Apache Tapestry is prone to a code execution vulnerability. The vulnerability caused due to unsafe deserialization in [...]
Aware! COVID-19 Vaccine Scams Appearing
Scammers targeting users to get personal details — Federal officials. COVID-19 Pandemic: Coronavirus disease, an infectious disease is identified as SARS-CoV-2. COVID-19 affects different people in different ways. However, Cyberattacks [...]
PayPal Phishing Campaign — Steals Sensitive Data
A text message from PayPal found as phishing campaign leading to identity theft of the users. PayPal Campaign The faster, safer way to send money, make an online payment, receive [...]
Backdoor Found In Zyxel Firewalls, VPN Products
More than 100,000 Zyxel firewalls, VPN gateways, and access point controllers contain a hardcoded admin-level backdoor account. Zyxel Firewalls — Backdoor: A backdoor — typically covert method of bypassing normal [...]
Officially Dead Tomorrow — Adobe Flash Player
Adobe Flash Player will no longer be supporting Flash Player after 31 December 2020. Adobe Flash Player: Software used for content created on the Adobe Flash platform, including viewing multimedia [...]
Security Vulnerability —Apache TomEE
Apache TomEE Security Bypass Vulnerability. Description: Apache TomEE is prone to a security bypass vulnerability. The vulnerability is caused due to a misconfiguring issue when configured with the embedded ActiveMQ [...]
Security Vulnerability — Cisco Secure Web Appliance
Cisco Secure Web Appliance Elevation of Privilege Vulnerability. Description: A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an [...]
Japan’s Kawasaki Disclosed Data Breach
Japanese Aerospace Firm Kawasaki — their data have been stolen following a security breach. Kawasaki Heavy Industries, Ltd. A Japanese public multinational corporation — primarily known as a manufacturer of [...]
Google Docs Bug — Hackers Can Access Your Private Documents
A bug that Google patched, could allow hackers to see your private documents. Google Docs Bug: Google Docs is an online word processor that lets you create and format documents and [...]
Attack Against App Offered By Vietnam Government
A complex Supply-Chain attack hit Vietnam Government Certification Authority (VGCA). Supply Chain Attack: A cyber-attack that seeks to damage an organization by targeting less-secure elements in the supply chain. Earlier today, a [...]
iCloud Issue Causing Sign-in, Access To Data Problems
Apple users face trouble in accessing data, setting up and signing in on the device. Apple iCloud Outage: Starting yesterday at 3:15 PM IST, Apple experienced an outage with its [...]
Fake Amazon Gift Cards Delivers Dridex malware
Attackers target online shoppers using fake Amazon gift cards that deliver the Dridex banking Trojan. Holiday Gifts as Malware: Online shoppers from the U.S and Western Europe, targeted with fake [...]
Security Vulnerability – Apache Pulsar Manager Security Bypass Vulnerability
Summary: A security bypass vulnerability found in Apache Pulsar. Vulnerability Identifier: CVE-2020-17520 The vulnerability is caused due to a flaw in the permission verification mechanism and rated with Base Score: 9.4 In [...]
North Korea-Linked Threat Actor Attacks Vaccine Research
Cyber-attacks against two separate entities related to COVID-19 research. Lazarus group A threat group, active since at least 2009 — attributed to the North Korean government. Notably, the group responsible [...]
FBI & Interpol Taken Down Joker’s Stash Carding Site
US FBI and Interpol have seized a small number of servers used by Joker's Stash. Joker's Stash Joker’s Stash, the carding site where the internet's largest marketplace for buying & [...]
SUNBURST Malware & SolarWinds Supply Chain Attack
Threat actors compromised the IT monitoring and management software of organizations including SolarWinds’s Orion, Intel, Cisco, Nvidia. Trojanized version of SolarWinds SolarWinds is a software company that primarily deals in systems management [...]
Security Advisory — Dell Wyse ThinOS
Security researchers discovered vulnerabilities in Dell Wyse Thin client devices. Dell Wyse Thin Clients Wyse has been developing thin clients since the 90s and was acquired by Dell in 2012. [...]
Al Jazeera Journalists Hacked Using Israeli Firm’s Spyware
iPhones of at least 36 Al Jazeera employees using a no-user-interaction zero-day vulnerability in the iOS iMessage app. Attack with Medium Confidence: Employees of Al Jazeera iPhones hacked — including, journalists, [...]
NVIDIA — Security Vulnerabilities Update
Recently, NVD published a list of Common Vulnerabilities and Exposures(CVE) and their impact metrics Security Update NVD, the U.S. government repository of standards based vulnerability management data represented using the [...]
28 Malicious Extensions Installed On Chrome or Edge
Researchers identified malware hidden in at least 28 third-party Google Chrome and Microsoft Edge extensions — affects 30 lakh users worldwide. Browser Malicious Extensions: 28 malicious extensions identified, 15 were [...]
Zero-Day Vulnerability Alert — HPE Systems
Hewlett Packard Enterprise Systems Insight Manager (SIM), AMF Deserialization of Untrusted Data, Remote Code Execution Vulnerability. Description: HPE Systems Insight Manager (SIM) software is prone to a remote code execution [...]
New Spyware Goontact Targeting Android, iPhone Users
A new malware strain with spying and surveillance capabilities currently available in both Android and iOS versions. Spyware Attack Spyware is a type of malicious software -- or malware -- installed [...]
Medical Details Exposed Online — As Stored Insecurely
45 million medical imaging files, personal data left discoverable on the open web, across 67 countries including the US, UK, France, and Germany. Unsecured Servers & Storage Devices: The analyst [...]
Google Services Restored After User’s Hit By Outage
Multiple Google services — Gmail, Docs, YouTube have gone down across the world. Services Restoring After an Outage: Many Google services, including Gmail, G Suite, and YouTube were unavailable across [...]
Weak PostgreSQL Databases Targeted By PgMiner
PgMiner botnet targets PostgreSQL databases to install a cryptocurrency miner. PgMiner Botnet: PostgreSQL, also known as Postgres, is one of the most-used open-source relational database management systems (RDBMS) for production [...]
Samsung December 2020 Update – Fixes Critical Bugs
Samsung's Android December security updates are rolling out to mobile devices to patch security vulnerabilities. High-Security Vulnerabilities — Android This week, Android had published their December 2020 Security Updates bulletin [...]
16k Webex Accounts Deleted By Former Cisco Engineer
Former Cisco Engineer's action lost 16k Webex accounts, as he accessed Cisco's AWS accounts and deleted 456 virtual machines, Sentenced to Prison: Sudhish Kasaba Ramesh, a former Cisco engineer, sentenced [...]
Glassdoor Resolved A Critical CSRF Vulnerability
A critical flaw resolved in Glassdoor which could be exploited to take over accounts. Critical Flaw in Glassdoor: Glassdoor, a website where current and former employees anonymously review companies. The [...]
Cyber-Attack In EU Agency — Incharge of COVID-19 Vaccine Approval
EMA, the EU regulatory body in charge of approving COVID-19 vaccines, became the victim of a cyber-attack today. Cyber-Attack On EU Agency: The EMA - European Medicines Agency, in a post today [...]
Vulnerability Affects Generic Electric Healthcare Devices
MDhex-Ray is a vulnerability that affects a long list of CT, X-Ray, and MRI imaging systems manufactured by GE Healthcare. MDhex-Ray Vulnerability: Earlier this week, CyberMDX discovered a vulnerability in the [...]
Microsoft December 2020 Patch Tuesday — 58 Security Fix
Nine critical bugs and 58 overall fixes mark the last scheduled security advisory of 2020. Patch for the Holidays Microsoft has addressed 58 CVEs (nine of them critical) for its [...]
Web Skimmer — Attack Using Social Media Buttons
Hackers found new way to attack e-commerce stores, online shoppers and steal credit card details. Steganography, Web Skimmer Attack Steganography — hiding information inside another format (i.e., text inside images, images [...]
Data Leak From Embraer — Ransomware Attack
The Brazilian aerospace conglomerate became the victim of a ransomware attack last month. Embraer — Aerospace company An aerospace company Embraer, focused on produces commercial, military, executive, and agricultural aircraft [...]
Ransomware Attack On Swiss Helicopter Maker
Kopter's data has been published on the LockBit gang's blog, hosted on the dark web. Kopter — Helicopter Maker: Primarily based in Switzerland, Kopter has been operating since 2009. A ransomware attack has hits [...]
Johnson & Johnson Targeted By Hackers — COVID-19 vaccine
Johnson & Johnson, are seeing cyber-attacks from nation-state threat actors "every single minute of every single day." J&J — COVID-19 vaccine: The world is in the midst of a COVID-19 [...]
Critical Oracle WebLogic Bug – PATCH NOW
Multiple botnets exploit through remote code execution vulnerability in Oracle WebLogic Server. Oracle WebLogic Server: Oracle WebLogic is a platform for developing, deploying, and running enterprise Java applications in any cloud environment [...]
MacOS Users Targeted With Updated Malware
New malware attacks designed to install a backdoor onto compromised MacOS systems. Updated Malware - APT32: Recently in a campaign, researchers discovered a new malware OceanLotus – also known as APT32, designed [...]
CentOS 7 — Vulnerability Update
The remote CentOS Linux host is missing one or more security updates. Description: The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced [...]
Hacker Sells C-level Executives Email Accounts
Access for Hundreds of C-level (like CEO, CFO, etc) executives is sold for $100 to $1500 per account, depending on the company size and executive role. Data Sold On Underground [...]
Brazilian COVID-19 Patients Personal Data Exposed Online
Over 16 million Brazilian COVID-19 patient's personal data exposed online, including Brazil President Jair Bolsonaro, seven ministers, and 17 provincial governors. COVID-19 — Patient's Data The personal and health information [...]
Microsoft Fixes Xbox Website Bug That Would’ve Compromised Users’ Email Address
The Xbox flaw allows hackers to compromise the user's real-time identity, If attackers had access to the email address. XBOX Bug Bounty Microsoft announced an official bug bounty program for the Xbox [...]
43 Chinese Apps Banned In India
Indian government has banned another 43 Chinese mobile applications. The Ministry of Electronics and Information Technology banned the Chinese mobile apps, including AliExpress under Section 69A of the Information Technology [...]
Baidu’s Android Apps Caught Leaking Sensitive User Data
Two popular Android apps from Chinese tech giant Baidu caught collecting sensitive user details. Baidu Android Apps: In October, Two popular Android apps from Chinese tech giant Baidu, one of [...]
VMware Unpatched Critical Flaw Affects Multiple Products
VMware has released temporary workarounds to address a critical vulnerability in its products that could be exploited by an attacker to take control of an affected system. VMware Security Advisory [...]
Google Disclosed High-Security Flaw In GitHub
Google Project Zero reported a high severity security flaw in GitHub. GitHub GitHub, Inc. is a subsidiary of Microsoft which provides hosting for software development and version control using Git. [...]
A Football Club Discloses Security Breach
A football club, Manchester United Plc can confirm that the club has experienced a cyber attack on its systems. Manchester United Football Club Manchester United Plc. operates as a professional [...]
Facebook Messenger Bug – Hackers Spy On Users Call
Facebook fixed a major security bug in Facebook messenger for Android application, which let hackers listen before you pick up the call. Facebook Messenger: Messenger application, A free all-in-one communication [...]
Cisco Webex Bug – Attackers Join Meetings As Ghost Users
IBM researchers discovered bugs that allow attackers to sneak in and join Webex meetings as ghost users, invisible to other participants. Cisco Webex Conferencing App: Besides Zoom, Cisco Webex is [...]
Cisco Security Manager – Vulnerability Update
Cisco has hurried out a patch after a day after proof-of-concept (PoC) exploit code was published for a critical flaw in Cisco Security Manager. Cisco Security Manager: CSM - Cisco [...]
Adult Sites Were Targeted Via Fake Java Update – Malsmoke
A fake Java update found on various porn sites actually downloads the well-known Zloader malware. Target On Adult Websites: The malsmoke operators ran successful exploit kit campaigns for several months [...]
Hackers Attacking COVID-19 Vaccine Makers – Microsoft Says
Microsoft says hackers from Russia and North Korea are attacking COVID-19 vaccine makers. However, the organizations in the target list are not specified. The COVID-19: Coronavirus disease, an infectious disease [...]
New Jupyter Malware Steals Browser Data, Opens Backdoor
A new malware, named Jupyter that steals information's from the user, and also the malware is used to create a backdoor on the infected device. Introduction to Jupyter Malware: An [...]
Intel November 2020 Update – Fixes 95 Vulnerability
Intel addressed 95 vulnerabilities on November 2020 Patch Tuesday, including critical ones affecting Intel Wireless Bluetooth products and Intel AMT. Vulnerability Update Highlights: A critical vulnerability was addressed by Intel on its recent security advisory [...]
Microsoft Teams ‘FakeUpdates’ – Users Under Attack
Microsoft warns that cybercriminals are using Cobalt Strike to infect entire networks beyond the infection point, according to a report. Ads On Microsoft Teams Update: Attackers are using fake Microsoft [...]
Windows 10, iOS, Chrome, Firefox, and Others Hacked – Tianfu Cup Hacking Competition
Multiple operating systems and browsers successfully exploited in minutes by Bug Bounty hunters at Tianfu Cup 2020, a Chinese Hacking competition Tianfu Cup 2020: The Tianfu Cup is China's biggest [...]
Android November Security Update Tracker
Android November security update/patch 2020 tracker for all major OEMs and carriers worldwide. Android OEM: OEM stands for “original equipment manufacturer”. In the smartphone industry, this term refers to companies [...]
VMware – Update On Critical Flaw CVE-2020-3992
An updated fix was issued by VMware for a critical-severity remote code execution flaw in its ESXi hypervisor products. ESXi Vulnerability: On Wednesday's VMware advisory, informed customers that it has [...]
GitHub’s Pristine Layout Vanished Off – They Missed To Renew The Certificate
GitHub site layout broken as the company failed to renew the SSL certificate. GitHub: Git and Hub is a website for developers and programmers to collaboratively work on code. The [...]
Google Chrome Multiple Vulnerabilities
Short Summary: Multiple vulnerabilities were found in Google Chrome with High severity. These vulnerabilities can be exploited by an attacker by persuading a victim to visit a specially crafted Web [...]
34 Million User Data From 17 Companies Was Found On Sale
Hacker is selling account databases containing a total of 34 million user records stolen from 17 companies. User Data was found on Sale! A recent report by Bleeping Computers, who [...]
Microsoft US Election Warning – Netlogon protocol Bug In Windows 10.
Microsoft warned Windows 10 users as they received a "small number of reports" from customers and others on a vulnerability affecting the Netlogon protocol (CVE-2020-1472). Netlogon Protocol: It is a Windows [...]
Oracle WebLogic Flaw Exploit Against Honeypots
Oracle fixed a vulnerability as attackers started targeting servers running on Oracle WebLogic instances, vulnerable to a critical flaw that allows attackers to take control of the system without authentication. [...]
21 Bogus Gaming Apps Found In Google Playstore
A team at Avast has uncovered another set of malicious apps in the Google Play Store. Adware? Adware, or advertising-supported software, is software that displays unwanted advertising on your computer device. [...]
Tik Tok With HackerOne Announced Public Bug Bounty Program
This week, the popular Chinese video-sharing social networking service TikTok has launched a public bug bounty program through the HackerOne platform. Bug Bounty Program: A bug bounty program is a deal offered [...]
Urgent Chrome Update To New Version
Google's web browser has a "zero-day" vulnerability actively exploited. The Mountain View firm has just released a new update for Chrome. It does not provide new functionality, but important security [...]
Trump’s Twitter Hack in 5 Attempts – Dutch Security Researcher
Donald Trump Twitter account was hacked by a Dutch security researcher, claims he has gained access to US President Donald Trump's Twitter account just days before the 2020 US election. A [...]
Popular Mobile Browsers Found With Multiple Address Bar Spoofing Vulnerabilities
Cyber Security researchers disclosed vulnerability details of multiple popular browsers about an Address Bar Spoofing vulnerability affecting mobile browsers leaving the door open for spear-phishing attacks and delivering malware. Address [...]
Hackers want to “make the world a better place” By Donating Charities In Cryptocurrency
Security experts were amazed for the first time, as a Hacking group is donating the stolen money to charities. According to a BBC report published Monday, members of the hacking [...]
Alert! Emotet Malware’s New “Windows Update” Attachment
Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via a malicious script, macro-enabled document files, or malicious link. Emotet emails may contain messages like a familiar [...]
Homeland Security Update – New Windows 10 Remote Hacking Threat
The Department of Homeland Security, Cybersecurity Agency, urges Windows 10 users to apply for security updates. On September 18, The U.S. Department of Homeland Security, Cybersecurity and Infrastructure Security Agency (CISA) [...]
Over 574K People Data from narendramodi.in was Found in Dark Web
A cyber security firm alleges that user and donor data of over five lakh people have been stolen from narendramodi.in, the personal website of Prime Minister Modi, and the details [...]
Zero-Click Vulnerability in Linux Bluetooth Stack
Google researchers warned on a new set of potential security vulnerabilities(allow escalation of privilege or information disclosure) in BlueZ may allow escalation of privilege or information disclosure. BlueZ is releasing [...]
London Council Faced a Serious Cyber Attack
A serious Cyber Attack hit on the London Council which is affecting many of its services and IT systems. The council said it is working closely with the National Cyber [...]
Microsoft Released Security Patch for 87 newly discovered Vulnerabilities
Microsoft released patches for 87 newly discovered vulnerabilities on its October 2020 Patch Tuesday. Of the 87 vulnerabilities fixed today, 12 are classified as Critical, and 74 are classified as Important, and one as [...]
Alert! Microsoft Warns of New Android Ransomware
Android users were alerted by Microsoft, as they found a new ransomware MalLocker.B, the ransomware triggers on an infected phone as soon as the victim presses the Home key. MalLocker has [...]
Vulnerabilities Found in Top AntiVirus Software
Cyber Security researchers disclosed details of vulnerabilities found in popular Anti-Virus solutions that could enable attackers to elevate their privileges, thereby helping malware sustain its foothold on the compromised systems. [...]
Ransomware Delete Volume Shadow Copies – Install the Vaccine To Monitor
What is Shadow Volume Copies? Shadow Copy is a technology included in Microsoft Windows that can create backup copies or snapshots of computer files or volumes, even when they are [...]
US Hospital Hit By SunCrypt Ransomware – HIPAA Data Leaked
University Hospital New Jersey in Newark, New Jersey - Paid a ransom of $670,000 demanded by the attacker to prevent from publishing the stolen data of about 240GB, including patient [...]
Alert! New Android Spyware can SPY Telegram and Threema Apps
Two-tailed Scorpion, a hacking group known for its cyberattacks in the Middle East had recently been found to pose itself as legitimate messaging applications such as Telegram and Threema to [...]
Disrupt on US Presidential Debate – Twitter removed 130 Iranian Accounts
Twitter removed some accounts based on the tip provided by the FBI. As there was an attempt to disrupt the public conversation during last night's first Presidential Debate for the [...]
Microsoft Resolved An outage of Office 365
Microsoft says a recent update has affected the processing of authentication requests, making cloud-based services inaccessible. Microsoft said people who were logged into an existing 365 session were still able to keep [...]
Joker – Play Store removes 17 Android Apps
Tech giants from Zscaler ThreatLabZ research team identified 17 apps and alerted Google as those Apps were infected with joker malware app and were reportedly stealing details like SMS, contact details [...]
Over 2000 Magento Online Stores were Hacked
Over 2,000 Magento stores were compromised over the weekend. The private information of thousands of customers has been hacked in the largest automated campaign to date. Dubbed “CardBleed”, it was [...]
“Zerologon” Exploit for Netlogon Remote Protocol
Vulnerability - CVE-2020-1472 Description: An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), [...]
Porn Sites redirecting to Exploit Kits – Malsmoke Group
A cybercrime group named Malsmoke has been targeting porn sites with malicious ads redirecting users to exploit kits. Over the past few months, a hacker group dubbed Malsmoke has been [...]
O365 Phishing Attack – Performs Real-Time Active Directory (AD) Authentication
Attackers got an eye on the Victims O365 credentials in real-time as they enter their credentials into the phishing page, by using Authentication API's. Authentication API: The processes of certifying [...]
Attackers targeted Data Center giant Equinix
Data center giant Equinix has been hit by a ransomware attack. Equinix, one of the world's largest providers of on-demand colocation data centers. Equinix has released a short statement published [...]
BLURtooth Vulnerability
BLURtooth, is referred to the vulnerability for the devices supporting Bluetooth BR/EDR(Bluetooth Basic Rate/ Enhanced Data Rate) and LE(Bluetooth in Low Energy) using Cross-Transport Key Derivation (CTKD) for pairing to [...]
Microsoft Patch Tuesday
Patch Tuesday:- The second Tuesday of each month is the one most commonly referred to as Patch Tuesday. That's when Microsoft releases security-related updates for Windows (desktop and server editions), Office, and related products. The [...]
Ransomware frozen Argentina’s Borders
Argentina's official immigration agency, Dirección Nacional de Migraciones, suffered a Netwalker ransomware attack that temporarily halted for 4 hours of the border crossing into and out of the country. Netwalker [...]
ProLock Ransomware
What is ProLock? Discovered by PeterM, ProLock is a rebranded version of PwndLocker ransomware. This ransomware encrypts files with the RSA-2048 algorithm, modifies filenames, and creates a ransom message. ProLock [...]
Another Twitter Account Hack – This time its India’s Prime Minister
On July, there was massive Twitter security breach of 130 high-profiles like US presidential hopeful Joe Biden, Tesla founder Elon Musk and Microsoft founder Bill Gates. This Time, India's Modi [...]
Norway’s Parliament Hit by Email Attack
Norway parliament's non-elected chief administrator - Marianne Andreassen said that "This has been a significant attack" The Norwegian parliament suffered a cyber attack during the past week and the e-mail [...]
VMware RabbitMQ – Security Update
VMware RabbitMQ Arbitrary Code Execution Vulnerability Short Summary:A code execution vulnerability was found in VMware RabbitMQ. The vulnerability is caused due to a Windows-specific binary planting security flaw. This vulnerability [...]
Magecart Credit-Card Skimmer
Magecart Group:- Magecart is a consortium of malicious hacker groups who target online shopping cart systems, usually the Magento system, to steal customer payment card information. This is known as [...]
Cisco IOS XR Software – Security Vulnerability
Short Summary Multiple vulnerabilities were found in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software. The vulnerabilities are caused due to insufficient queue management for [...]
Red Hat CloudForms – 2020:3574 – Security Advisory
Type/Severity Security Advisory: Critical Topic An update is now available for CloudForms Management Engine 5.10. Description A high severity vulnerability was found in all active versions of Red Hat CloudForms [...]
The new Red Dawn Template – Emotet
Emotet Trojan:- Emotet is a Trojan that is primarily spread through spam emails (malspam). The infection may arrive either via malicious script, macro-enabled document files, or malicious link. Emotet emails may contain familiar branding designed [...]
Power of Honesty Saved Tesla
Have you invested millions of dollars on your security devices? Better spend half for your employer's. The following realistic honesty will let you know why... All tesla rockets are not [...]
The Return of Qbot Trojan
What is a Malware? Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. A wide variety of malware types exist, including computer [...]
Fedora Security Patch Update
Name : chromium Product : Fedora 31 Version : 84.0.4147.89 Release : 1.fc31 URL : http://www.chromium.org/Home Summary : A WebKit (Blink) powered web browser Description : Chromium is an open-source [...]
Security Update – IBM Security Guardium
IBM Security Guardium Insights is affected by an Open Redirect vulnerability Summary IBM Security Guardium Insights has addressed the following vulnerability. Vulnerability Details CVEID: CVE-2020-4598 DESCRIPTION: IBM Security Guardium Insights [...]
Security Update – IBM Elastic Storager Server
A vulnerability has been identified in IBM Elastic Storager Server where an attacker can cause a denial of service (CVE-2020-4383) Summary A security vulnerability has been identified in all levels of [...]
Lazarus LinkedIn Job Offer- IOC’s Available To Protect
Lazarus Group who are known as APT38 enact themselves as a Job recruitment division for the US Defence Center. Now they are using LinkedIn and targeting the recipients profile by [...]
Get Social