Поступили новые сведения об уязвимости CVE-2021-31166, обнаруженной в системном драйвере Windows — HTTP.sys. Напомним, что с помощью бреши не прошедший аутентификацию злоумышленник может отправить специально созданные пакеты, эксплуатирующие дыру. По словам исследователя Джима Девриза, опасная….
Multiple cyber threat actors, including ransomware operators and nation state hackers, have been exploiting a recently patched Windows MSHTML vulnerability as part of initial access campaigns that deployed custom Cobalt Strike Beacon loaders, Microsoft Threat Intelligence Center (MSTIC) said in a new report detailing the attacks. The vulnerability in question is an improper input validation…
Executive Summary Informations Name CVE-2021-0605 First vendor Publication 2021-06-22 Vendor Cve Last vendor Modification 2021-06-22 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
BlackBerry this week informed customers that the QNX embedded operating system is affected by a BadAlloc vulnerability leading to arbitrary code execution or denial of service. Publicly disclosed in April, BadAlloc is a collection of 25 vulnerabilities impacting many Internet of Things (IoT) and operational technology (OT) devices. The flaws can allow malicious attackers to…
Here’s what you need to know: Video transcript Back transcript Justice Dept. Recovers Millions from Colonial Pipeline Hack The Justice Department said on Monday that it had recovered the majority of the ransom paid to the hackers who shut down the computer systems of the Colonial Pipeline last month. The Department of Justice, working with…
The report has led to raising suspicion whether last year’s massive power outage in Mumbai was a result of the online intrusion Washington: Amidst the tense border tension between India and China, a Chinese government-linked group of hackers targeted India’s critical power grid system through malware, a US company has said in its latest study,…
Amidst the pandemic overwhelming the capacity of many hospital systems, malicious hackers have been quick to target healthcare providers and medical agencies. These cyber-attacks have hit both the United States and Europe in recent months, serving as a reminder for organizations to closely review their information security posture during these times of uncertainty. Despite certain…
