Maze ransomware gang announces retirement
On November 1, the cybercriminals behind Maze ransomware announced their retirement. Is this a reason to go all out and celebrate? We're afraid not.
The threat actors behind Maze...
Technical Advisory: SQL Injection and Reflected Cross-Site Scripting (XSS) Vulnerabilities in Oracle Communications Diameter...
Vendor: Oracle
Vendor URL: https://www.oracle.com/
Versions affected: 8.0.0.0-8.4.0.5
Systems Affected: Oracle Communications Diameter Signaling Router
CVE Identifier: CVE-2020-14787 (XSS), CVE-2020-14788 (SQL Injection)
Advisory URL: https://www.oracle.com/security-alerts/cpuoct2020.html
Risk: Medium – 6.1 (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) (SQL injection)
Risk: Medium - 5.4...
$1B of Bitcoin from Silk Road wallet moves for first time since 2015
An anonymous crypto user has just moved 69,370 Bitcoin from an address associated with the Silk Road darknet market that more recently has become a popular hacking target. According...
Oracle Issues Out-of-Band Update for Remote-Access Vulnerability
Enterprise VulnerabilitiesFrom DHS/US-CERT's National Vulnerability Database
CVE-2020-26211PUBLISHED: 2020-11-03
In BookStack before version 0.30.4, a user with permissions to edit a page could insert JavaScript code through the use of `javascript:` URIs...
Securing the 2020 Election: ‘We’re Not Out of the Woods Yet’
Election Day brought instances of misinformation, robocalls, and technical glitches, but officials are more worried about coming days and weeks.Election Day in the US followed an unprecedented season of...
Folksam leak shares data of 1 million Swedes with tech giants
Sweden’s largest insurer, Folksam, accidentally leaked private data on about one million of its customers to a handful of the world’s largest technology companies, it said on Tuesday.Folksam, which...
APT Groups Finding Success with Mix of Old and New Tools
The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds.
Advanced persistent threat (APT) groups continue to use the...
Oracle Solaris Zero-Day Attack Revealed
A threat actor is compromising telecommunications companies and targeted financial and professional consulting industries using an Oracle flaw.
A previously known threat group, called UNC1945, has been compromising telecommunications companies...
New Kimsuky Module Makes North Korean Spyware More Powerful
By: Ravie Lakshmanan
A week after the US government issued an advisory about a "global intelligence gathering mission" operated by North Korean state-sponsored hackers, new findings have emerged about the...
How to stay safe online during Black Friday and Cyber Monday sales
Black Friday always falls on the fourth Friday in November, which is the day after the American Thanksgiving holiday. But Black Friday, as we know it, is officially dead...
