Freshly Disclosed Vulnerability CVE-2021-20090 Bypass Authentication On Millions Of Routers
CVE-2021-20090 is a path traversal vulnerability that leads to an authentication bypass. When exploited, the attacker can take over control of the affected device.
Bijay Pokharel,
August 7, 2021
2 min read
Taiwanese Motherboard Manufacturer GIGABYTE Hit By RansomEXX Ransomware
Gigabyte, a Taiwanese manufacturer and distributor of computer hardware has been hit by the RansomEXX ransomware gang.
Bijay Pokharel,
August 7, 2021
1 min read
CISA Launches New Initiative To Combat Ransomware
The Cybersecurity and Infrastructure Security Agency (CISA) has officially unveiled the Joint Cyber Defense Collaborative (JCDC), a new effort to combat ransomware attacks by expanding info sharing between the public and private sectors, with Amazon, Google and Microsoft all signing onto the initiative.
Bijay Pokharel,
August 6, 2021
1 min read
Ransomware Attacks Hit Record 300 Million In 1st Half Of 2021: SonicWall
A new report from SonicWall found that attempted ransomware attacks skyrocketed in the first half of 2021, with 304.7 million attempted attacks seen by the company.
Bijay Pokharel,
August 1, 2021
1 min read
Multiple Vulnerabilities Patched In WordPress Download Manager
The Wordfence Threat Intelligence Team found two separate vulnerabilities, including a sensitive information disclosure as well as a file upload vulnerability which could have resulted in Remote Code Execution in some configurations on WordPress Download Manager, a WordPress plugin installed on over 100,000 sites.
Bijay Pokharel,
August 1, 2021
2 min read
NSA Issues Guidance On Securing Wireless Devices In Public Settings
the Cybersecurity Information Sheet, “Securing Wireless Devices in Public Settings” today to help National Security System (NSS), Department of Defense (DoD), and Defense Industrial Base (DIB) teleworkers identify potential threats and minimize risks to their wireless devices and data.
Bijay Pokharel,
July 30, 2021
1 min read
No More Ransom Saves Nearly €1 Billion In Ransomware Payments In 5 Years
The No More Ransom project celebrates its fifth anniversary after helping over six million ransomware victims recover their files and saving them almost €1 billion in ransomware payments.
Bijay Pokharel,
July 27, 2021
1 min read
Clubhouse Denied Data Breach Exposing Users Phone Number
The company also said that it continues to invest in industry-leading security practices as privacy and security are of the utmost importance to Clubhouse.
Bijay Pokharel,
July 25, 2021
1 min read
Nearly 4 Million Phone Number Of Clubhouse Users Allegedly Leaked On Hackers Forum
Nearly four million phone numbers of Clubhouse users have been allegedly leaked and are 'up for sale' on the Dark Web.
Bijay Pokharel,
July 24, 2021
1 min read
Kaseya Obtains Universal Decryptor For REvil Ransomware Victims
it's unclear how Kaseya got the decryptor, but the company said it was obtained from a “trusted third party.” Cybersecurity company Emsisoft verified the decryptor and confirmed that it works properly, Kaseya said.
Bijay Pokharel,
July 23, 2021
1 min read
What Is Pegasus And How Does It Hack Phones?
Pegasus is a remote access tool (RAT) with spyware capabilities. It is developed by the Israeli cyberarms firm NSO Group that can infiltrate Android devices and certain versions of Apple's iOS.
Bijay Pokharel,
July 23, 2021
3 min read
What Is Zero-Day Vulnerability ?
A zero-day vulnerability is a vulnerability in a system or device that has been disclosed but is not yet patched.
Bijay Pokharel,
July 23, 2021
1 min read
Chinese Hackers Breached Over A Dozen US Pipeline Operators
The U.S. Government identified and tracked 23 U.S. natural gas pipeline operators targeted from 2011 to 2013 in this spearphishing and intrusion campaign. Of the known targeted entities, 13 were confirmed compromises, 3 were near misses, and 7 had an unknown depth of intrusion.
Bijay Pokharel,
July 22, 2021
1 min read
Microsoft Seized 17 Domains Used To Scam Office 365 Users
Microsoft's Digital Crimes Unit (DCU) has seized 17 malicious domains used by scammers in a business email compromise (BEC) campaign targeting the company's customers.
Bijay Pokharel,
July 20, 2021
1 min read
Critical SQL Injection Vulnerability Patched In WooCommerce
A critical SQL injection vulnerability was discovered in WooCommerce, the most popular e-Commerce plugin used by over 5 million WordPress sites.
Bijay Pokharel,
July 18, 2021
1 min read
Moldova’s Court of Accounts Suffers Cyberattack, Public Databases And Audits Destroyed
Moldova's "Court of Accounts" has suffered a cyberattack resulting in the agency's public databases and audits being destroyed.
Bijay Pokharel,
July 17, 2021
1 min read
US State Department Offering $10 Million Rewards For State-Backed Hackers
The U.S. Department of State’s Rewards for Justice (RFJ) program is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates...
Bijay Pokharel,
July 17, 2021
1 min read
SonicWall Issued ‘Urgent Security Notice’ About Ransomware Targeting EOL SMA 100 VPN Appliances
SonicWall has issued an "urgent security notice" warning customers of ransomware attacks targeting unpatched end-of-life (EoL) Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products.
Bijay Pokharel,
July 16, 2021
1 min read
Chinese Hackers Behind SolarWinds Attack: Microsoft
Tech giant Microsoft has revealed that themassive SolarWinds cyber attack was operated by a group of hackers from China.
Bijay Pokharel,
July 15, 2021
1 min read
Kaseya Patches VSA Vulnerabilities Used In REvil Ransomware Attack
Kaseya has released a security update for the VSA zero-day vulnerabilities used by the REvil ransomware gang to attack MSPs and their customers.
Bijay Pokharel,
July 12, 2021
2 min read
Recent Posts
Subscribe
Cybersecurity Newsletter
You have Successfully Subscribed!
Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox. You are also consenting to our Privacy Policy and Terms of Use.