A PayPal text message phishing campaign is underway that attempts to steal your account credentials and other sensitive information that can be used for identity theft purposes.
Russian hackers staged their attacks from servers inside the U.S. — sometimes using computers in the same town or city as the victims, cybersecurity company FireEye revealed to the New York Times.
In a recent report, Octoverse revealed that almost a fifth (around 17%) of all software bugs in GitHub were intentionally placed as backdoors by cybercriminals.
During a routine Dark web monitoring, the Research team at Cyble found multiple posts where threat actors are offering for sale alleged data leaks related to Chinese citizens.
This PowerShell script is also used by threat actors to download a legitimate image file from image hosting service Imgur and decode an embedded Cobalt Strike script to target Windows systems.
Fileless malware is a bit of a misnomer. While traditional malware contains the bulk of its malicious code within an executable file saved to the victim’s storage drive, fileless malware’s malicious actions reside solely in memory.
The extent and impact of the SolarWinds hack became even more apparent – and terrifying – over the holiday break. On New Year’s Eve, SolarWinds confirmed that it has identified malware that exploited the flaws introduced to Orion products.
So much remains unknown about what is now being called the Sunburst hack, the cyberattack against U.S. government agencies and corporations. U.S. officials widely believe that Russian state-sponsored hackers are responsible.
Security researchers have warned gaming companies to improve their cybersecurity posture after discovering 500,000 breached employee credentials and a million compromised internal accounts on the dark web.
Ubuntu Security Notice 4668-3 - USN-4668-1 fixed vulnerabilities in python-apt. The update caused a regression when using certain APIs with a file handle. This update fixes the problem. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause show more ... python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.
Ubuntu Security Notice 4674-1 - It was discovered that Dovecot incorrectly handled certain imap hibernation commands. A remote authenticated attacker could possibly use this issue to access other users' email. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. Innokentii Sennovskiy show more ... discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
BACKDOOR.WIN32.BNLITE malware suffers from a remote heap corruption vulnerability.
Phorplex malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.
sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database show more ... management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
tcpdump allows you to dump the traffic on a network. It can be used to print out the headers and/or contents of packets on a network interface that matches a given expression. You can use this tool to track down network problems, to detect many attacks, or to monitor the network activities.
Libpcap is a portable packet capture library which is used in many packet sniffers, including tcpdump.
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
Ubuntu Security Notice 4673-1 - Li Fei discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
TROJAN.WIN32.JORIK.DMSPAMMER.SZ malware suffers from a remote memory corruption vulnerability.
HEUR.RISKTOOL.WIN32.BITMINER.GEN malware suffers from a null pointer vulnerability.
CRUD Operation Software version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Rock RMS suffers from arbitrary file upload, account takeover, and personal information disclosure vulnerabilities. Various versions are affected.
Backdoor.Win32.Zombam.j malware suffers from a remote stack buffer overflow vulnerability.
Red Hat Security Advisory 2021-0003-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a buffer overflow vulnerability.
BACKDOOR.WIN32.REMOTEMANIPULATOR malware suffers from an insecure permissions vulnerability.
BACKDOOR.WIN32.ADVERBOT malware suffers from a remote stack corruption vulnerability.
Resumes Management and Job Application Website version 1.0 suffers from multiple persistent cross site scripting vulnerabilities.
Trojan:Win32/Alyak.B malware suffers from a remote stack corruption vulnerability.
Email-Worm.Win32.Zhelatin.ago malware suffers from a remote stack buffer overflow vulnerability.
Trojan.Win32.Bayrob.cgau malware suffers from an insecure permissions vulnerability that can allow for privilege escalation.
Whitepaper called A Hands-On Introduction to Insecure Deserialization.
Knockpy version 4.1.1 suffers from a CSV injection vulnerability.
Curfew e-Pass Management version 1.0 suffers from a persistent cross site scripting vulnerability.
Trojan.Win32.Barjac malware suffers from a remote stack buffer overflow vulnerability.
A British court has rejected the U.S. government's request to extradite Wikileaks founder Julian Assange to the country on charges pertaining to illegally obtaining and sharing classified material related to national security. In a hearing at Westminster Magistrates' Court today, Judge Vanessa Baraitser denied the extradition on the grounds that Assange is a suicide risk and extradition to the
