It’s been a long, long time since humanity has had a year like this one. I don’t think I’ve ever known a year with such a high concentration of black swans of various types and forms. And I don’t mean the kind with feathers. I’m talking about unexpected events with far-reaching show more ...
The Iran-affiliated APT Charming Kitten is back with a new approach, impersonating Persian-speaking journalists via WhatsApp and LinkedIn, in order to con victims into opening malicious links.
Security researchers have discovered and tracked a vast ad fraud botnet that used dozens of Android apps pretending to offer users free items to keep the application installed for at least two weeks.
Github users have identified the wallets where the scammer has transferred stolen Bitcoin. Every user is advised to check the signature of every new version they install of any wallet client.
Hackers are scanning the Internet for vulnerable network-attached storage (NAS) devices running multiple QNAP firmware versions vulnerable to an RCE vulnerability addressed by the vendor 3 years ago.
Mozilla's findings show that most users have unique web browsing habits that allow online advertisers to create accurate profiles.
A man charged for BEC scheme that allegedly defrauded victims out of $2 million over the course of at least six years is set to face a judge in U.S. court in the Southern District of New York.
Companies are losing money to criminals who are launching Business Email Compromise (BEC) attacks as a more remunerative line of business than retail-accounts phishing, APWG reveals.
One of Iran's state-sponsored hacking groups has been spotted selling access to compromised corporate networks on an underground hacking forum, cyber-security firm Crowdstrike said in a report today.
A global phishing campaign that purports to offer information about personal protective equipment for use during the COVID-19 pandemic is infecting victims' devices with the AgentTesla malware.
The Indian Computer Emergency Response Team (CERT-In) is advising users to immediately update their Mozilla Firefox browser as several vulnerabilities have been found. C
A critical remote-code-execution vulnerability affecting past versions of the Slack desktop app was disclosed on Friday after the software maker fixed its app.
The recording helps attackers determine the time lapse between the audible clicks to identify the distance between the key ridges. This information can be processed to create several likely keys.
Hackers have stepped up efforts to knock Trump campaign and business websites offline ahead of the U.S. election, according to emails seen by Reuters.
The China-based APT group known as CactusPete has re-appeared with a new campaign aimed at military and financial targets in Eastern Europe.
A new trojan malware family has been identified by researchers that targets cryptocurrency. ESET named the threat KryptoCibule, and it primarily targets users in the Czech Republic and Slovakia.
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks.
The most imitated websites that financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research.
The Norwegian parliament has been hit by a cyber attack, and the e-mail accounts of several elected members were hacked, the national assembly said in a statement on Tuesday.
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database show more ...
moziloCMS version 2.0 suffers from a persistent cross site scripting vulnerability.
Mara CMS version 7.5 suffers from a remote code execution vulnerability.
This paper explains how the Nos-Santos-Izquierdo Field (NSIF) works, focusing in the similarities between the RSA problem, factorization, and the calculation decimal expansions.
Kamailio version 5.4.0 is vulnerable to header smuggling via a bypass of remove_hf.
Red Hat Security Advisory 2020-3598-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2020-3592-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux.
Rebar3 versions 3.0.0-beta.3 through 3.13.2 suffer from a command injection vulnerability.
Sagemcom F@ST 5280 routers using firmware version 1.150.61, and possibly others, have an insecure deserialization vulnerability that allows any authenticated user to perform a privilege escalation to any other user. By making a request with valid sess_id, nonce, and ha1 values inside of the serialized session cookie, show more ...
As of 2020/09/01, all versions of Bagisto appear to leak database and email server credentials in the document root.
Red Hat Security Advisory 2020-3588-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a buffer overflow vulnerability.
Red Hat Security Advisory 2020-3587-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat Fuse 6.3 and Red show more ...
Ubuntu Security Notice 4481-1 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.
Ubuntu Security Notice 4471-2 - USN-4471-1 fixed a vulnerability in Net-SNMP. The updated introduced a regression making nsExtendCacheTime not settable. This update fixes the problem adding the cacheTime feature flag. Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.
Ubuntu Security Notice 4480-1 - It was discovered that OpenStack Keystone incorrectly handled EC2 credentials. An authenticated attacker with a limited scope could possibly create EC2 credentials with escalated permissions. It was discovered that OpenStack Keystone incorrectly handled the list of roles provided with show more ...
Ubuntu Security Notice 4479-1 - It was discovered that Django, when used with Python 3.7 or higher, incorrectly handled directory permissions. A local attacker could possibly use this issue to obtain sensitive information, or escalate permissions.
Red Hat Security Advisory 2020-3586-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include information leakage and out of bounds read vulnerabilities.
Ubuntu Security Notice 4478-1 - It was discovered that Python-RSA incorrectly handled certain ciphertexts. An attacker could possibly use this issue to obtain sensitive information.
This archive contains all of the 128 exploits added to Packet Storm in August, 2020.
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.
Starting today, the lifespan of new TLS certificates will be limited to 398 days, a little over a year, from the previous maximum certificate lifetime of 27 months (825 days). In a move that's meant to boost security, Apple, Google, and Mozilla are set to reject publicly rooted digital certificates in their respective web browsers that expire more than 13 months (or 398 days) from their
Cisco has warned of an active zero-day vulnerability in its router software that's being exploited in the wild and could allow a remote, authenticated attacker to carry out memory exhaustion attacks on an affected device. "An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device," Cisco said in an advisory posted over the weekend. "A successful
Whoops! Apple accidentally approved malware posing as an update for Adobe Flash Player, allowing it to run unhindered on macOS.
Running a security blog means that I’m always interested in receiving tips about data breaches, vulnerabilities, malware attacks, and the like. But I do explain that I’m not available to help troubleshoot PC problems or provide technical support – there simply aren’t enough hours in the day, and it doesn’t show more ...
