Business Email Compromise (BEC) , Fraud Management & Cybercrime , Fraud Risk Management Company Says West African Group Used Homoglyph Techniques to Trick Victims Doug Olenick (DougOlenick) • July 21, 2021 Microsoft has announced the takedown of 17 domains that a threat group operating out of West Africa used to host fake Microsoft…
Executive Summary Informations Name CVE-2021-2340 First vendor Publication 2021-07-21 Vendor Cve Last vendor Modification 2021-07-21 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA impact SubScore NA Temporal Score NA Exploitabality Sub Score NA Calculate full CVSS 3.0 Vectors scores Security-Database Scoring CVSS v2 Cvss…
China is a leader in cyberwarfare research along with the United States and Russia, but Beijing denies accusations that Chinese hackers steal trade secrets and technology. China on Tuesday rejected an accusation by Washington and its Western allies that Beijing is to blame for a hack of the Microsoft Exchange email system and complained Chinese…
The Biden administration has confirmed that ‘state-sponsored Chinese actors’ compromised 13 US pipeline companies as part of a ‘spearphishing and intrusion campaign’ from 2011 to 2013. The coordinated cyber attack targeted 23 pipeline companies in total, according to a report coauthored by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). Just three of…
Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Fraud Risk Management Hackers Accessed System Containing PII Prajeet Nair (@prajeetspeaks) • July 20, 2021 Campbell Conroy & O’Neil, a Boston-based law firm that serves Fortune 500 firms, including Apple and Pfizer, is continuing its investigation of a ransomware attack in…
Details have emerged about a high severity security vulnerability affecting a software driver used in HP, Xerox, and Samsung printers that has remained undetected since 2005. Tracked as CVE-2021-3438 (CVSS score: 8.8), the issue concerns a buffer overflow in a print driver installer package named “SSPORT.SYS” that can enable remote privilege and arbitrary code execution….
Encryption & Key Management , Governance & Risk Management , Patch Management MTProto Has Since Been Patched Akshaya Asokan (asokan_akshaya) • July 20, 2021 Security researchers identified flaws in messaging app Telegram’s cryptographic protocol, MTProto, that enabled intruders to access encrypted chats and alter the messages. Those flaws have since been patched in…
The people responsible for the riots sparked by the jailing of former South African President Jacob Zuma failed in their insurrection because the ground for them was not fertile, the country’s transport minister has said. While the government’s slow response to what was happening gave them a “field day”, they could not achieve what they…
On Tuesday, Amnesty International stated that French President Emmanual Macron was included on a list of 14 current or former heads of state who were potentially targeted for hacking through a product called Pegasus made by the Israeli spyware firm NSO Group. The organization called the incident an unprecedented revelation that should shock world leaders….
Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please check back soon to view the completed vulnerability summary Informations Name CVE-2021-2329 First vendor Publication 2021-07-21 Vendor Cve Last vendor Modification 2021-07-21 Security-Database Scoring CVSS v3 Cvss vector : N/A Overall CVSS Score NA Base Score NA Environmental Score NA…
