ThreatChat ThreatHistory Video Feed

S3 Ep28.5: Hacking back – is attack an acceptable form of defence? [Podcast]

S3 Ep28: Pwn2Own hacks, dark web hitmen and COVID-19 privacy [Podcast]

FBI hacks into hundreds of infected US servers (and disinfects them)

IoT bug report claims “at least 100M devices” may be impacted

Apple and Google block official UK COVID-19 app update

Naked Security Live – How to spot “government” scammers

Pwn2Own 2021: Zoom, Teams, Exchange, Chrome and Edge “fully owned”

Italian charged with hiring “dark web hitman” to murder his ex-girlfriend

S3 Ep27: Census scammers, beg bounties and data breach fines [Podcast]

Too slow! Booking.com fined for not reporting data breach fast enough

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

iOS Kids Game Morphs into Underground Crypto Casino

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

Mandiant Front Lines: How to Tackle Exchange Exploits

BazarLoader Malware Abuses Slack, BaseCamp Clouds

Biden Races to Shore Up Power Grid Against Hacks

Gafgyt Botnet Lifts DDoS Tricks from Mirai

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Security Bug Allows Attackers to Brick Kubernetes Clusters

Man Arrested for AWS Bomb Plot

623K Payment Cards Stolen from Cybercrime Forum

A Post-Data Privacy World and Data-Rights Management

Breaking Down Joe Biden's $10B Cybersecurity 'Down Payment'

CISOs Prep For COVID-19 Exposure Notification in the Workplace

From Triton to Stuxnet: Preparing for OT Incident Response

How the Pandemic is Reshaping the Bug Bounty Landscape

305 CVEs and Counting: Bug-Hunting Stories From a Security Engineer

COVID-Related Threats, PowerShell Attacks Lead Malware Surge

80% of Global Enterprises Report Firmware Cyberattacks

Employee Lockdown Stress May Spark Cybersecurity Risk

Cybersecurity Bug-Hunting Sparks Enterprise Confidence

TrickBot Takes Over, After Cops Kneecap Emotet

Podcast: Microsoft Exchange Server Attack Onslaught Continues

Podcast: Ransomware Attacks Exploded in Q4 2020

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

Emotet's Takedown: Have We Seen the Last of the Malware?

A Look Ahead at 2021: SolarWinds Fallout and Shifting CISO Budgets

Simplifying Proactive Defense With Threat Playbooks

Cyber Monday is Every Monday: Securing the 'New Normal'

National Surveillance Camera Rollout Roils Privacy Activists

Malware Gangs Partner Up in Double-Punch Security Threat

How Email Attacks are Evolving in 2021

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Cybercriminals Step Up Their Game Ahead of U.S. Elections

A Cyber 'Vigilante' is Sabotaging Emotet's Return

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

Pandemic Drives Greater Need for Endpoint Security

High-Level Admin of FIN7 Cybercrime Group Sentenced ...

Security Gaps in IoT Access Control Threaten ...

How the Biden Administration Can Make Digital ...

Software Developer Arrested in Computer Sabotage Case

Google Brings 37 Security Fixes to Chrome 90

US Formally Attributes SolarWinds Attack to Russian ...

Pandemic Pushes Bot Operators to Redirect Efforts

6 Tips for Managing Operational Risk in a Downturn

How to Create an Incident Response Plan From the ...

Nation-State Attacks Force a New Paradigm: Patching ...

Malicious PowerShell Use, Attacks on Office 365 ...

404 - Page Not Found: An unexpected error has occurred

CISA Urges Caution for Security Researchers ...

FBI Operation Remotely Removes Web Shells From ...

The CISO Life Is Half as Good

Bolstering Our Nation's Defenses Against ...

Dependency Problems Increase for Open Source Components

DNS Vulnerabilities Expose Millions of ...

Dark Reading | Security | Protect The Business

NSA: Top 5 vulnerabilities actively abused by Russian govt hackers

NSA: Top 5 vulnerabilities actively abused by Russian govt hackers

Windows Terminal released with new settings UI and more

Celsius email system breach leads to phishing attack on customers

Celsius email system breach leads to phishing attack on customers

US government confirms Russian SVR behind the SolarWinds hack

US government confirms Russian SVR behind the SolarWinds hack

Major BGP leak disrupts thousands of networks globally

Major BGP leak disrupts thousands of networks globally

The Week in Ransomware - April 16th 2021 - The Houston Rockets

The Week in Ransomware - April 16th 2021 - The Houston Rockets

Microsoft Edge's update server is down - shows error code 7

Mandatory Windows 10 update causing DNS and shared folder issues

Instagram Android app is crashing for some, here's what to do

Popular Codecov code coverage tool hacked to steal dev credentials

Popular Codecov code coverage tool hacked to steal dev credentials

Amex cards removed from Google Pay due to expired certificate

HackBoss malware poses as hacker tools on Telegram to steal digital coins

HackBoss malware poses as hacker tools on Telegram to steal digital coins

Mozilla drops Firefox support on Amazon Fire TV

Mozilla drops Firefox support on Amazon Fire TV

Popular NFT marketplace Rarible targeted by scammers and malware

Microsoft Edge's new Kids Mode is now rolling out to everyone

Google Chrome 90 released with HTTPS as the default protocol

Microsoft moves Windows 10 21H1 to the Release preview channel

SAP fixes critical bugs in Business Client, Commerce, and NetWeaver

SAP fixes critical bugs in Business Client, Commerce, and NetWeaver

Second Google Chrome zero-day exploit dropped on twitter this week

Second Google Chrome zero-day exploit dropped on twitter this week

US Indicts SecondEye Operators

US Issues Russian SVR Warning

Keyfactor to Merge with PrimeKey

Mass Monitoring of Remote Workers Drives Shadow IT Risk

Google to Delay Publishing Vulnerability Details for 30 Days

Suspected Trickbot Actors Target Slack and BaseCamp Users

US Imprisons “Sadistic” Sextortionist

Ransomware: To Pay or Not to Pay?

Sanctions Escalate US–Russia Tensions

Making a Success of Your MSSP Journey

Securing Remote Employee Devices with Unified Endpoint Management

Security Certification: Gain Competitive Advantage as the Low Risk Option

The Vulnerability Landscape: Security Trends from 2020

Pharma Drama: Interactive Crisis Simulation of an Insider Threat

Security Mythbusting: Dismantling the Top Five API Myths

SOC for the Future: Transforming Security Operations' Speed and Stamina for Recovery

Securing the #COVID19 Vaccine & Supply Chain

Avoiding Fallout from the Ransomware Epidemic

Mitigating Ransomware Attacks in 2021

PKI in Today's Cybersecurity Landscape: What, Why and How

Staying Secure During Rapid Transformation: The Importance of DevSecOps

Uni of Hertfordshire Suffers Cyber-Attack That Takes Down its Entire IT Network

How to Secure Data in Your Organization

Zero Trust in 2021: How to Seamlessly Protect Your Remote and In-Office Users

Extended Threat Detection and Response: Critical Steps and a Critical System

Arrest Made Over California City Data Breach

European Data Protection Tsars Approve EU-UK Data Flows

Man Gets 10 Years for Multimillion-Dollar Medicare Fraud Scheme

Global Attacker Dwell Time Drops to Just 24 Days

CISOs Must Focus on People and Technologies Amid Rising Attacks

New Jersey School Districts Investigate Cyber-Attacks

Aviation Industry Lacks Cohesive Cybersecurity Approach

Will the CodeCov breach become the next big software supply chain hack?

Google won’t reveal technical details on patches for 30 days

Cyber nonprofits ask billionaire philanthropists to show them some love

Hack The Box to expand in America, add functions to 'hacking experiences'

What to do when a bug bounty request sounds more like extortion

Should NSA monitor your networks? Director Nakasone says no

Cybersecurity’s reputation rose in the pandemic’s first months

Health care organizations funnel dollars into security amid pandemic

Businesses shift resources to address risks tied to disgruntled employees

Listen: ORPEA Group's Mauro Israel on putting in the work

Listen: Children's Minnesota's Paul Hypki on reducing risk

Jason Witty: ‘We have to adapt to new ways of thinking’

Why enterprises are increasing cybersecurity budgets for 2021

Build and maintain a security culture, up, across, and down the organization

Public utilities in the U.S. need to lock down critical infrastructure facilities

Cyberspace: An endless highway without a patrol

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

US takes sweeping action against Russia for years of hacking

DoJ's Microsoft Exchange mitigation brings results, few nagging worries

Led by cloud, cyber funding dollars flowed like water in 2020

No more snack attacks: Mondelez rolls out new security training program

'Digital exhaust' may be the solution for tracking consumer IoT devices

Reddit takes bug bounty program public

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period

Facebook faces mass legal action over data leak

Security Bug Allows Attackers to Brick Kubernetes Clusters

US government strikes back at Kremlin for SolarWinds hack campaign

Ubuntu Security Notice USN-4917-1

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Ubuntu Security Notice USN-4916-1

glFTPd 2.11a Denial Of Service

Ubuntu Security Notice USN-4915-1

Linux/x86 execve(/bin/sh) Shellcode

Linux/x64 execve(/bin/sh) Shellcode

nfstream 6.2.6

Nagios XI Remote Code Execution

Backdoor.Win32.Zombam.h Buffer Overflow

Red Hat Security Advisory 2021-1213-01

Red Hat Security Advisory 2021-1214-01

Red Hat Security Advisory 2021-1206-01

Ubuntu Security Notice USN-4913-1

Red Hat Security Advisory 2021-1202-01

Red Hat Security Advisory 2021-1203-01

Ubuntu Security Notice USN-4914-1

Red Hat Security Advisory 2021-1201-01

Red Hat Security Advisory 2021-1200-01

Red Hat Security Advisory 2021-1199-01

htmly 2.8.0 Cross Site Scripting

Horde Groupware Webmail 5.2.22 Cross Site Scripting

Tileserver-gl 3.0.0 Cross Site Scripting

Swinburne University confirms over 5,000 individuals affected in data breach

US imposes sanctions on Russia over cyber-attacks

Meet the Ransomware Gang Behind One of the Biggest Supply Chain Hacks Ever

Google releases Chrome 90 with HTTPS by default and security fixes

Is it still possible to run malware in a browser using JavaScript and Rowhammer? Yes, yes it is (slowly) • The Register

FBI deletes web shells from hundreds of compromised Microsoft Exchange servers before alerting admins • The Register

Facebook will not notify more than 530m users exposed in 2019 breach | Facebook

Reddit takes bug bounty program public

100,000 Google Sites Used to Install SolarMarker RAT

Lance Ulanoff – Medium

Rungutan — How to load test APIs using Client Certificates | by Marius Mitrofan | Rungutan | Apr, 2021 | Medium

What to Stream This Weekend. This weekend is all about teen… | by PCMag | PC Magazine | Apr, 2021 | Medium

The Many Faces of Malware: A Tour of Real-World Samples | by PCMag | PC Magazine | Apr, 2021 | Medium

Adobe Report: Emoji Done Right Can Change the World for the Better | by PCMag | PC Magazine | Apr, 2021 | Medium

Security Built on a Foundation of Trust | by Intel Author | Intel Tech | Apr, 2021 | Medium

Intel Author – Medium

The Many Faces of Malware: A Tour of Real-World Samples | by PCMag | PC Magazine | Apr, 2021 | Medium

Ethereum Foundation announces Berlin Hardfork | by Lukas Wiesflecker | Coinmonks | Mar, 2021 | Medium

React Authentication: How to Store JWT in a Cookie | by Ryan Chenkie | Medium

Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies | by Alex Birsan | Medium

How Russia Used SolarWinds To Hack Microsoft, Intel, Pentagon, Other Networks : NPR

Full Page Reload

Online Scams And Dangers Your Age Group Is Prone To - YouTube

Friday Squid Blogging: Blobs of Squid Eggs Found Near Norway - Schneier on Security

Detailed Audit of Voatz' Voting App Confirms Security Flaws

Cybersecurity Experts to Follow on Twitter - Schneier on Security

NSA Discloses Vulnerabilities in Microsoft Exchange - Schneier on Security

Twitch

Airstrike Attack - FDE bypass and EoP on domain joined Windows workstations (CVE-2021-28316) | Shenanigans Labs

Why your favorite rapper is FAKE and BROKE. - YouTube

COVID-19 Cyber Attacks - WebARX Security

An introduction to making security pins and challenge locks - YouTube

Speakeasy JS – Reverse-engineering Notion's API (Travis Fischer) - YouTube

266. DIY homemade Mortice lock tension tool made from 3 Euro cores & key - Union 5 Lever picked open - YouTube

Meet the Ransomware Gang Behind One of the Biggest Supply Chain Hacks Ever

Abus XP10 and an answer to the most commonly asked question tattoo artists get! - YouTube

Account protections - A Google Perspective

Giveaway Winner and Speedlocks Tournament Update! - YouTube

Hacked Exchange Server Hosts Monero Miner Targeting Other Exchange Servers

ROBUR Safe Deposit Lock picked and gutted. - YouTube

Google rolls out Chrome 90, which defaults to HTTPS instead of HTTP | Engadget

[12] Speed Picking Challenge #SpeedSloth - YouTube

The Mechanics of The APT Attack on Microsoft Exchange, Now Available for Validation

Learn Wireshark in 10 minutes Part 4 Wireshark Tutorial(Decrypt TLS Traffic) - YouTube

NoNameCon 2021 :: pretalx

Mitigating CVE-2021-20291: DoS affecting CRI-O and Podman

Web Application Penetration Testing: Steps, Methods, and Tools

American Lock 700 series padlock picked and gutted - YouTube

DLL Injection (and more!) via Application Shimming (Persistence & Defence Evasion) - YouTube

Backdoored developer tool that stole credentials escaped notice for 3 months | Ars Technica

Account protections - A Google Perspective

#speedsloth / Switching to glide - YouTube

Allow arbitrary URLs, expect arbitrary code execution | Positive Security

GitHub - stealth/crash: crypted admin shell: SSH-like strong crypto remote admin shell for Linux, BSD, Android, Solaris and OSX

Maslow's Pyramid (The True Story)◢◣Plus A Better Dynamic Hierarchy of Needs - YouTube

Google exploring using location info to slow coronavirus spread

DNI’s Annual Threat Assessment - Schneier on Security

The U.S. wants smartphone location data to fight coronavirus. Privacy advocates are worried.

virusbtn: The call for papers for VB2021 localhost - VB's 2nd carbon neutral, budget neutral conference - is open until 21 April and we want to hear from you! We believe it's a great opportunity for you to share your research with security experts around the globe https://t.co/KY30gRzRwS https://t.co/DKLOXXrlz5

virusbtn: Avast's Romana Tesařová analyses HackBoss, a cryptocurrency-stealing malware distributed through Telegram https://t.co/lktd9O3wzT https://t.co/pVeUR8Rw9D

virusbtn: Sophos researcher @threatresearch looks at recent tricks used by BazarLoader. https://t.co/9ZwY5AGut5 https://t.co/2Pw0vDI1Kw

virusbtn: Bromium's Patrick Schläpfer writes about the Purple Fox exploit kit and its quick adoption of the CVE-2021-26411 exploit https://t.co/EbZDNqNbyV https://t.co/s1CfqpL9KJ

virusbtn: CISA and the Department of Defense Cyber National Mission Force (CNMF) have analysed additional SolarWinds-related malware variants. https://t.co/jjJanAuwv6

MITREattack: Help? This work is only valuable if they can get good visibility into what real defenders are seeing, so they need your contributions to make this reporting possible. https://t.co/IZDdtbi2qH

MITREattack: The last 2 years we've been running a pilot to collect "sightings" of ATT&CK techniques, hoping to better understand adversary in-the-wild behavior. We’re now one step closer as @MITREengenuity Center for Threat-Informed Defense takes that work on. https://t.co/AYGQuumzVi https://t.co/7xUrkY13vj

MITREattack: @commandline_be We release on a biannual schedule. Our last major release was in October, I'd suggest taking another look after our next release in 13 days.

MITREattack: @badtakeblake @voodoodahl1 Do you have a suggestion for a Tactic on that one?

TalosSecurity: We've followed #LodaRAT for a few years now. And in this week's episode of Talos Takes, we track its development into a full-blown trojan that targets Android devices across the world. Listen now in your favorite podcatcher or over on our podcasts page https://t.co/AH3SVx4hfZ https://t.co/29OB0pDcWb

TalosSecurity: The Threat Source newsletter has everything from #Microsoft #PatchTuesday, to #Android malware reverse-engineering and so much more. Check out this week's edition https://t.co/BAMQv5y3Sm https://t.co/FnHY8iCcgV

TalosSecurity: The #NSA today disclosed 5 vulnerabilities Russian Foreign Intelligence Services (SVR) is exploiting. Here's a breakdown of these exploits and a list of #Snort rules that can keep you protected. Anyone using one of these affected products should patch asap https://t.co/mfrOhpp11Q https://t.co/M27oj1dRQD

TalosSecurity: You don't want to miss our free webinar series on #Snort3. Sign up for the first session today and find out how to make your upgrade to Snort 3 as smooth as possible and use it to make your network more secure https://t.co/5nkzuU7gqn https://t.co/V2HCTBISnc

MBThreatIntel: Tech support scam #browlock targeting 🇯🇵. Source: adult malvertising jpfftapr[.]fun/150421jp-8554 Phone: 050[-]5534[-]8554 https://t.co/51Yy8hhcHl

MBThreatIntel: @NeePscambaiting yes, macros FTW

MBThreatIntel: Malspam pushing PPT exploits is not as common, but here's one. 565a8a815f2a794eadc0f0d27ebb729ee6f7c94dbdf706bf6615220944468e26 https://t.co/SCZGKWFQtt

MBThreatIntel: #SpelevoEK dropping #Zloader. Payload: f049bc2e1d492fd242d906e01612d4fda6de1272685d1ca4aabc37d742fa9588 C2s: yuidskadjna[.]com odjdnhsaj[.]com https://t.co/mmi59jXcsN

MBThreatIntel: ℹ️ Report from CISA on #SUNSHUTTLE is out. ➡️ Detections already in @Malwarebytes https://t.co/6fr9GMSGZn https://t.co/OtwnNYefqn

anyrun_app: TOP10 last week's threats by uploads ⬆️ #NjRAT 504 (315) ⬆️ #FormBook 187 (161) ⬆️ #NanoCore 101 (97) ⬆️ #AgentTesla 101 (69) ⬇️ #AsyncRAT 83 (113) ⬆️ #DCrat 79 (78) ⬆️ #Orcus 72 (69) ⬇️ #Remcos 65 (72) ⬇️ #Emotet 50 (85) ⬇️ #Quasar 49 (53) https://t.co/98nRpXOxWw

abuse_ch: Could someone please spot the fire hydrants? #failed 🤦‍♂️ https://t.co/WXoiJSzXoS

QuoIntelligence: This Weekly focuses on #Microsoft's April #PatchTuesday Tuesday and Israel's reported #cyberattack on Iran's nuclear facility. Read more: https://t.co/hRcOsbscvF

QuoIntelligence: We created a handy overview explaining the #facebook #dataleak on a timeline and looking at potential future implications. How does your organization prevent #brandabuse? Find more details on our blog! https://t.co/II4cSc679y

JAMESWT_MHT: @malwrhunterteam @VK_Intel @bryceabdo Mentioned #CobaltStrike Sample https://t.co/zGV6fjnNRr

cyb3rops: @lordx64 you could e.g. answer, "we've seen much more intrusions in 2017 in which they've used CobaltStrike than intrusions in which Mimikatz was used" Would this be the final truth? I guess someone else would have a yet another view and opinion.

cyb3rops: @lordx64 It is always a subjective view, isn't it? It always depends on what you see. Otherwise we would need flawless statistics, which we cannot get. Next time, I'll try to add "from what I see" to the beginning of the tweet, if there are still chars left.

cyb3rops: @lordx64 I think, Twitter is somehow overloaded this morning. I also had problems with other tweets.

cyb3rops: @frennkie @campuscodi @_fel1x I'm concerned about credentials or keys that could have been stolen from the environments, e.g. Access to FTP servers, GitHub API keys or Auth tokens, etc.

cyb3rops: @lordx64 "dominating" ☝️ not "used since"

inj3ct0r: #0daytoday #TikTok reset account password #Exploit #0day https://t.co/rxSN3eMMOb TOR link: https://t.co/qhVhSo1Ocn

inj3ct0r: #0daytoday #Linux/x64 - execve(/bin/sh) #Shellcode (21 bytes) (2) https://t.co/EeyCVKGWm8

inj3ct0r: #0daytoday #Linux/x86 - execve(/bin/sh) #Shellcode (17 bytes) https://t.co/TffEdVM5d5

inj3ct0r: #0daytoday #GetSimple CMS My SMTP Contact Plugin 1.1.1 - #CSRF to Remote Code Execution #Exploit #RCE https://t.co/UT7KlL1qbG

inj3ct0r: #0daytoday #Nagios XI 5.8.0 Remote Code Execution #Exploit #RCE #CVE-2020-35578 https://t.co/xFUwWrNhBz

malwrhunterteam: What a long list, right? 😂 Anyway, not remember seeing .NET ransomware using rstrtmgr before... @demonslay335 https://t.co/ocYUfU9ue4

malwrhunterteam: WTF? 😂 cc @DanielGallagher @zseano https://t.co/sRvkXKOYSR

blackorbird: 🥲APT29 - SolarWinds https://t.co/KB5u83k3kb https://t.co/KiBZfJqMlv https://t.co/bIxwM5UGQc

blackorbird: @vxunderground oh,thanks bro

blackorbird: A Cyber operation against Russia 1.Use Sberbank of Russia for a bait. 2.Use information about famous Russian athletes to obfuscate. 3.Stop attacking when the victim is in Ukraine. ref: https://t.co/8uNcbo4ToS translate: https://t.co/PqwMN8OJgS https://t.co/eVdsft7pKG

blackorbird: 2021 APT&CyberCrime Trends https://t.co/9ILapTebxx ref: https://t.co/PSNoNeRiBI https://t.co/YeglrBchIa

blackorbird: #Bitter #APT Desktop Window Manager 0day CVE-2021-28310 https://t.co/nP8JlhuTLX https://t.co/0aNaQTPhvS

malware_traffic: 2021-04-16 (Friday) - #TA551 (#Shathak) German-template Word docs again today, and I finally have a #pcap of infection traffic, some malware samples, and IOCs to share - Info available at: https://t.co/JCZ08bJeLy https://t.co/UtfaqtncFk

malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email examples, #pcap from an infection, the associated malware and some IOCs available at: https://t.co/YDqOEuyrW4 https://t.co/q24UHHThfG

malware_traffic: @JRoosen @rotarydrone Yes, Valak is a different malware family. #TA551 used it for a few months in 2020, where it often sent #IcedID as follow-up malware. https://t.co/o5yYRsCq3N

malware_traffic: Of note, there's TCP traffic to 185.92.73[.]147 port 8080 that started almost 50 minutes after the initial infection. It continued several hours throughout the infection run using different TCP streams, all to the same IP address.

malware_traffic: Per @netresec's request, I've sanitized and posted traffic related to the #IcedID (#Bokbot) infection I originally posted about through @Unit42_Intel on Monday 2021-04-12 - Two #pcap files from the infection are available at: https://t.co/i6Rdu9r7ye https://t.co/eNuspjrO8A

James_inthe_box: @KorbenD_Intel @JAMESWT_MHT @malwrhunterteam @Arkbird_SOLG @Bank_Security Betting #remcos ;)

James_inthe_box: @beethzydyaz #RealThinClient c2: http://MDKNOVOESMTUVMDQVMJAYMQ[.]DDNSKING[.]COM/$rdgate https://t.co/xLTT0WA9te

James_inthe_box: @GossiTheDog Where to?

pmelson: @NerdPyle https://t.co/hoGPU0K8Bw

pmelson: @NerdPyle Wood you beleaf that this is my first plant pun battle? https://t.co/7ZQbdFNqVk

pmelson: @NerdPyle Shoot

pmelson: @r0wdy_ https://t.co/6UtisFvzVd

pmelson: @AffableKraut I guess I didn’t realize there were different server ports for the different engine versions? I thought all of the engines (so also Q3 and games like Wolfenstein, JK2/JA) all had the same server port number.

demonslay335: In-dev #wiper pretending to be #ransomware with extension ".id-1E192D2A.[xmmh@tutanota.com].combo13" - if it worked, it would just overwrite files with Random.NextBytes(), so #donotpay. Sample: https://t.co/28SAIhmRih https://t.co/srCOFclTM3

demonslay335: @VessOnSecurity Well that's even dumber, lol. I must just be using/assuming it wrong then... just noticed the Hex View that I've ignored up til now lol. 😅

demonslay335: @unjovengranaino IDA (Free/Pro) + x64dbg are my tools of choice for native disassembly. dnSpy if it is .NET. And other misc small tools depending on what I'm after (e.g. I use my CryptoTester _extensively_).

demonslay335: @VessOnSecurity So it would try to link it to a memory address of 0xD0? The "h" suffix (which is also dumb IMO...) isn't good enough?

hackerfantastic: Crypto isn't only thing go moon, UFO sightings doubled over the last year, new US Navy footage leaks to investigative journalists ahead of US disclosure report in 12 weeks time https://t.co/gdg352uMQP

hackerfantastic: @mkolsek beats living like I'm Amish.... ;)

hackerfantastic: @ryanaraine nice, those SS7 firewalls might not be such a wise purchase anymore then? >:)

Cyb3rWard0g: @LeahLease Aww thank you @LeahLease ! She is a beautiful and very sweet girl! 😍 https://t.co/jgcUNNrz4U

Cyb3rWard0g: @ScoubiMtl She is a baby great dane 😊 #dogdad https://t.co/HqfucktnTE

Cyb3rWard0g: The real @Cyb3rWard0g 🐶😂😍 Getting ready for the weekend! #dogdad https://t.co/17R5xcTP31

Cyb3rWard0g: @sixdub Welcome to the #MSTIC Family! 🍻🍻 Looking forward to collaborating with you Justin! 🎉🎉

VK_Intel: ⭐️ Watch for 2 more novel techniques:🛡️ 1⃣Hunting for a local IT admin with access to EDR software and extracting administrator credentials for EDR from a popular KeePass pwd manager via KeeThief.ps1 2⃣Deploying portable Notepad++ version to run PowerShell scripts on the host https://t.co/cR7snmDjyi

VK_Intel: [Emerging Blog] 🔥🆕Adversary Dossier: #Ryuk #Ransomware Anatomy of Attack in 2021 #DFIR 🔑: 1⃣Victim Value I. Network Recon Stage II. 'ZoomInfo' & Revenue Lookup 2⃣ #CobaltStrike as Golden Standard 3⃣Roadblocks: Endpoint Detection Response Bypass ↘️ https://t.co/iJhmGBPhop https://t.co/m6Md64o5n6

VK_Intel: 📌Upcoming Blog: 🔒#Ryuk #Ransomware Anatomy of The Attack 2021 EDITION 👹- tomorrow via https://t.co/p3c6AQP9Mo Nnewer and existing Tactics, Techniques and Procedures (TTPs) of the Ryuk ransomware that Advintel has witnessed throughout their investigations. https://t.co/cSoY42BFsc

securitydoggo: Anyone see and can talk about post exploitation activity with the #codecov fun? Trying to find something to spring off of, beyond the C2 IP. #infosec

DrunkBinary: @hacks4pancakes @chrissistrunk Those whisky's can't offer you the same variety. https://t.co/4MsO3wIz0h

Arkbird_SOLG: @c3rb3ru5d3d53c Yep GoldMax implant (Microsoft name)👍 https://t.co/05MoIVJHaw

Arkbird_SOLG: @KorbenD_Intel @James_inthe_box @JAMESWT_MHT @malwrhunterteam @Bank_Security Random loader based on Powersploit + random payloads looks like Aggah https://t.co/5PkJkmusys

Arkbird_SOLG: @CORE561 Yep, I do it too, unfortunately, there is too much work for so little time available, I do as best for cover all the aspects

Arkbird_SOLG: @CORE561 Congrats😉, have fun now !

Arkbird_SOLG: @SBousseaden Yep, possible, have the timestamp removed and the only date is from the maldoc that recently created ( 2021-04-01). Unable to be able to decide if it was an old sample of Maildrop, I used the conditional, thanks for the information. https://t.co/YoTy1MCcr2 https://t.co/3NoU6pkBzC

KorbenD_Intel: @James_inthe_box @JAMESWT_MHT @malwrhunterteam @Arkbird_SOLG @Bank_Security You get one guess what "Server.jpg" is 😀 https://t.co/oyyY9xoi4H

KorbenD_Intel: @securitydoggo welcome back!

KorbenD_Intel: Active Cobalt Strike servers: shopdsld-invoce[.]com,/ky.js 185.25.51[.]10 fastpighostmerch[.]com,/html 213.252.247[.]132 fastpic-domain[.]com,/logo.js 185.25.51[.]67,/na.js https://t.co/ndFnHQsJuq

KorbenD_Intel: @MsftSecIntel @msftsecresponse @msftsecurity @WindowsUpdate this link is broken https://t.co/w2FQDzywOj

ShadowChasing1: thx @_re_fox

ShadowChasing1: Another One: ITW:0b335fdb06d8f8dc6e19f13cb2801b38 filename:Call-for-Proposal-DGSP-COAS-Chair-Excellance. zip C2: hxxps://iiieyehealth.com/fonts/times/files/Call-for-Proposal-DGSP-COAS-Chair-Excellance/css hxxps://iiieyehealth.com/fonts/times/files/css/ hxxp://161.97.142.96/htt_p https://t.co/jgFcZb6GV4 https://t.co/cOWtVeG1RU

ShadowChasing1: #Gamaredon #APT group? ITW:17d8bf5d25178a331f5eaf5c4714047c filename:dkr.rar

ShadowChasing1: Same C2 but it is older ITW:8f7c5c3532c000c99c28dc55b8a93565 filename:armamento 001.doc https://t.co/hplM8f1TjN

ShadowChasing1: thanks @SBousseaden @fr0s7_

ItsReallyNick: ICYMI: #FIN7's sys admin sentenced to 10 years https://t.co/Pf7XpV4Mwl Updated 💰 impact: "U.S. prosecutors said in their sentencing memorandum for Hladyr that a “conservative estimate” of the losses caused by the group is between $3 billion to $5.7 billion." ...Hladyr sk8r!

ItsReallyNick: @sixdub 🥳 Thrilled to finally work together with you. Let’s get after it!!

ItsReallyNick: @GossiTheDog I’ll miss your pace & passion. Unfortunate we didn’t collab more but I’ll just ... DM here like always? Keep sharing activity & analysis as you see it 🍻

cyberwar_15: #북한 #탈륨 #Northkorea #Thallium #Cyberwar 0821884168a644f3c27176a52763acc9 6a614ca002c5b3a4d7023faffc0546e1 d7b717134358bbeefc5796b5912369f0 bce51419fae8acbeff3149ca53f8baad 49a04c85555b35f998b1787b325526e6 https://t.co/1GPPeuXPdd

DeadlyLynn: @ShadowChasing1 https://t.co/i0PmOHZOYr

58_158_177_102: @reservoir むしろ王道がよい?

58_158_177_102: @reservoir いたってオーソドックス

58_158_177_102: @reservoir 品切れ続出のときの最終選択肢

58_158_177_102: 西の海に戻ってきた。まあまあ歩いたし、高低差ある道のりだった https://t.co/haxAFL4lFP

issuemakerslab: North Korea's RGB-D5 launched a spear-phishing attack on a professor of Dankook University.

issuemakerslab: North Korea's RGB-D5 launched spear-phishing attacks on professors at Kyungnam University. https://t.co/7maYcmycAZ

issuemakerslab: North Korea's RGB-D5 launched spear-phishing attacks on professors at Chinju National University of Education. https://t.co/SJR9acfUPt

issuemakerslab: North Korea's RGB-D5 launched spear-phishing attacks on professors at Seoul National University. https://t.co/n7uoB1NmfF

IntezerLabs: Not all applications are born cloud-native. Secure your cloud non-native workloads with a runtime CWPP https://t.co/mYrgH38yzV https://t.co/ePDFsCHQUH

IntezerLabs: Containers are subject to attacks from Doki and Kaiji. Learn about the different ways containers can be hacked and your best defense against each https://t.co/RTyARymVAT https://t.co/SfXLFfaCnO

IntezerLabs: Learn how you can streamline the investigation of any malware-related incident using a next generation malware analysis platform

aboutsecurity: Finally: attacks are never fully automated, end to end. Your defense can't be **only** evaluated in a fully automated way either. Emulation tools are great but don't forget there's always a "human in the loop". (end of thread) #FridayThoughts #BlueTeam #SecOps #ThinkRedActBlue

aboutsecurity: ... do I have the ability to react appropriately to reduce exposure? In summary: efficacy is not binary, is not blocked vs non-blocked, detected vs not detected. Efficacy must be measured as a set of distinct but complementary capabilities, with a range of possible outcomes ⬇️

aboutsecurity: As you emulate these behaviors, evaluate how the tools support your efficacy goals: can I block high fidelity events? can I get analytical detections with enough context & enrichment? do I get the telemetry needed for investigations & threat hunting? ⬇️

aboutsecurity: Next step is creating your emulation plan based on the selected TTPs. @MITREattack has released some that you can use as a reference i.e. APT3 https://t.co/yWJsUOYum7 and APT29 https://t.co/2V3M3SQ8hJ. Tools like Caldera are great to emulate these https://t.co/27O8VGbqQy ⬇️

kyleehmke: Possible UNC1878 greattxmsng-imgx[.]com was registered through OpenProvider on 3/24 and is hosted at BAcloud IP 185.25.51[.]55. Per @censysio, an SSL certificate was created for the domain on 4/13. In @ThreatConnect: https://t.co/QbDy5oyEjc https://t.co/zR2W25dqSo

kyleehmke: Suspicious domain msedgecloud[.]net was registered through Njalla on 4/12. The domain itself isn't hosted, but subdomain telemetry[.]msedgecloud[.]net resolves to 176.97.65[.]130 and 185.87.148[.]81. https://t.co/C7oS6gIEUo

kyleehmke: Per @PassiveTotal, the name server subdomains for defenderlive[.]com resolved to 185.243.112[.]120. https://t.co/Rq24nMwrr9

kyleehmke: Suspicious domain defenderlive[.]com was registered through MonoVM on 4/11 using scottescobedo@protonmail[.]com. Switched to its own NS and not currently resolving, but worth keeping an eye out for. H/t @DomainTools for the WHOIS. https://t.co/NiaeCLd0cY

Hexacorn: @HackingLZ I vehemently disagree with the notion attackers can code. bet these 'private' malware families is nothing but public stuff modded with Resource Hacker or edlin

Hexacorn: @bohops hah been using it in the past a lot to copy tables from web sites (prior to Chrome/FF and plug-ins)

Hexacorn: @cyb3rops could that be a part of deployment readiness protocol?

Hexacorn: @arekfurt @MalwareTechBlog c'mon, that's the type of yeeting tasks that interns are hired for

Hexacorn: @0gtweet cute + Palme d'Or for the zoom in at the end https://t.co/FP6JGZ8H7o

JCyberSec_: @ActorExpose @Bobby_Presto @emailrepio @iHeartMalware @Spam404 @PhishKitTracker Yeah we are seeing an increase in US state government sites popping up in the last few weeks. Very worrying indeed!

JCyberSec_: @Unix_Guru Do it! For the name of science! https://t.co/aysUjgm75k

JCyberSec_: @Unix_Guru You can eat them! 🌺 Straight from the tree if you're feeling brave! They have a slight ginger taste but ultimately, they taste how you would imagine a flower would taste. https://t.co/f15oq2TdJF

JCyberSec_: @InfoSec_Paul_M @sysgoblin @SteveD3 @nullcookies @illegalFawn Great write up, thanks for sharing. Always learning something new!! 👍

JCyberSec_: @BushidoToken Being slightly pedantic I'd state the lure document is Air Marshall and the site is impersonating Adobe

nullcookies: I also remember being able to proofread tweets long ago.

nullcookies: @DCuplink 😂

nullcookies: BE STRONG AND CRUSH YOUR ENEMIES https://t.co/6gPxgsghvp

nullcookies: Oldcookies, yelling at his neighbors whilst smoking a corncob pipe: “I remember when the intent was a series of tubes. Bring back the coal-powered internet and get off my lawn.” https://t.co/C3E8VgBeqt

campuscodi: Codecademy launched yesterday a cybersecurity course https://t.co/xaWdDMvYxp https://t.co/kb4zfCEH3t

campuscodi: Mirai code re-use in Gafgyt https://t.co/lezY25c9SQ https://t.co/F6O7fCvJ9x

SBousseaden: apparently not a recent one https://t.co/2eofar7sbD

SBousseaden: likely APT34 related: doc -> task -> exchange.vbs -> powershell -> load .NET EWS backdoor (uses https://t.co/n1ln6XH7I0.WebServices.dll for mail-C2) mailsrv: https://t.co/29791gEJNU. gov .lb (compromised) send/rcv cmd from masters.michelle@protonmail.com https://t.co/Sp5JvPRE2R https://t.co/gTK85QMHK1

SBousseaden: https://t.co/tonf9nA6kA

SBousseaden: winword- > vbe -> certreq.exe (download lolbin) -> msiexec -> python.exe (renamed) _ bunch of bas64 encoded script-> python backdoor + infostealer (persist via scheduled task) https://t.co/MOXsykWRVP https://t.co/5k0oMoEhjZ

SBousseaden: @r0wdy_ @Ledtech3 4702 is well detailed but to figure out what changed exactly (trigger, status, time etc.) the action registry if changed its quite suspicious.

424f424f: PowerShell is dead... long live PowerShell! Are we just detecting more today because we're finally/hopefully looking at those PowerShell logs? Why the increase when the PowerShell threat surface "should" be reduced by now? https://t.co/e0J1SmHyQJ

424f424f: @SadProcessor Yeah, sometimes not so user friendly lol Arooo! <3

424f424f: @sixdub Congrats! See you on the battlefield 😉

lazyactivist192: @d0xygen @executemalware Most of those were from Choopa, with some Bacloud spattered in.

lazyactivist192: @d0xygen @executemalware I grabbed blocks of ips and scanned them.

lazyactivist192: @chrisculling @mikecherry @NicoleBeckwith @bryanmcaninch @mojo_sec @Neogenxz @vagab0ndsec @DougOfBorg @GyledC @4n6woman @CrunkComputing @InnocentOrg @RNS @bobsmietana @absolutez3 @JohnnyCiocca Thanks 🙂

lazyactivist192: Definitely CS, was able to pull beacon the other day from it https://t.co/gF6Lfxry5s https://t.co/SGSyigV5pB

cyber__sloth: @markus_neis @ochsenmeier @James_inthe_box @shotgunner101 @securitydoggo @Circuitous__ That's a cool pivot @markus_neis 👌🏽

cyber__sloth: An email sent to few employees of https://t.co/g2DIhGljgQ with weird subject and #LNK file. Downloads a PDF and EXE from 8.142.58[.]112. Couldn't grab the payload :( Hash: 3bf627b9b240f4872323840ff4423cdb @James_inthe_box @markus_neis @shotgunner101 @securitydoggo https://t.co/VS51ogbxpD

cyber__sloth: More samples: c623eb88eb0b6c6c9ff0346ab578dc43

cyber__sloth: Probably from a researcher or security team in Vietnam. Hash : ed1bf2c48dfa06fd50ff2e363880cf0b : Tai lieu hoc tap.docx.lnk Pulling Files from GitHub https://t.co/o3Z4kQNmJq @Rmy_Reserve @blackorbird @cyb3rops @trungduc751995 @Arkbird_SOLG https://t.co/Hyp2LIksWN

FewAtoms: #malware #opendir #infosecurity #threathunting #cybersecurity hxxp://18.140.72.12/wind/ https://t.co/zTh7kwnW2H https://t.co/Itmmkv8SiG

FewAtoms: #malware #cybersecurity #opendir #infosecurity #threathunting hxxp://23.95.122.25/hd/ hxxp://23.95.122.25/hdf/ hxxp://23.95.122.25/..-.-................-.....-------------/..................................................................dot https://t.co/nSkz8rHJkT

FewAtoms: #malware #threathunting #cybersecurity #opendir #infosecurity hxxp://45.77.9.151/ @bl4ckh0l3z at your request https://t.co/mMu2R2iaU6

FewAtoms: @bl4ckh0l3z @abuse_ch @James_inthe_box @JAMESWT_MHT Wait few mins

reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@electro-plomb.ml markmoon212@gmail.com mail.[electro-plomb[.ml #infosec #CyberSecurity #DFIR #cybercrime #Security https://t.co/QmbHUcEMKp

reecdeep: #Phishing targeting #Italy 🇮🇹 🔥 hxxps://psd2-spid.com @guelfoweb @illegalFawn @D3LabIT @AndreaDraghetti @andpalmier @PhishStats @ActorExpose @Bank_Security @rootella_ @nuke86 #infosec #cybersecurity #cybercrime #mwitaly https://t.co/f1caFUAOcV

reecdeep: #Malspam spreading XLSM #Maldoc to spawn #AgentTesla #Malware ⚙️ https://t.co/1Y7BceZqlE 🔥 u@cometshippings.com mail.[cometshippings.[com #infosec #CyberSecurity #DFIR #cybercrime #Security https://t.co/ejlNYCazsA

reecdeep: #AgentTesla #Malware from #Malspam "New Intraoperative MRi & CSSD Upgrade" MD5: 01BDE51FB30A013B7536DC7D45EA4A0A 🔥 ekwe@yillyenterprise.com mail.[yillyenterprise.[com #infosec #CyberSecurity #DFIR #cybercrime #Security https://t.co/OcPcQpUF9p

reecdeep: 🔥currently live c2: njwhuclqpvvwhwg.]ru/poll.php credits @sS55752750

luc4m: @Artilllerie @malwrhunterteam @LawrenceAbrams Again the North Korean ? 🇰🇵🇰🇵🇰🇵

3xp0rtblog: @siri_urz @struppigel

3xp0rtblog: @0x7fff9 @Abjuri5t @Amigo_A_ @Arkbird_SOLG @Bank_Security @BleepinComputer @JAMESWT_MHT @JRoosen @James_inthe_box @Jan0fficial @Kangxiaopao @LawrenceAbrams @ViriBack @Xylit0l @campuscodi @demonslay335 @fumik0_ @hasherezade @hexlax @luc4m @malwrhunterteam @pmelson

3xp0rtblog: #Malware #Ransomware #DarkSide Another DarkSide update. Added automatic test decrypting, all processes now are automated. Available DDoS (L3, L7), is performing before the target enters online. Also, the DarkSide team expand specialties like network supplies, pentesting. https://t.co/ZUgFx4afyb

----Vulners.com High Sev. Last 3 Days----

CVSS: 9.0 NSA: 5 Security Bugs Under Active Nation-State Cyberattack

CVSS: 9.0 Patch now! NSA, CISA, and FBI warn of Russian intelligence exploiting 5 vulnerabilities

CVSS: 7.5 Mandiant Front Lines: How to Tackle Exchange Exploits

CVSS: 7.5 Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems

CVSS: 6.8 gnutls and nettle security update

CVSS: 9.0 US Sanctions Russia and Expels 10 Diplomats Over SolarWinds Cyberattack

CVSS: 10.0 Gafgyt Botnet Lifts DDoS Tricks from Mirai

CVSS: 7.5 Attackers Target ProxyLogon Exploit to Install Cryptojacker

CVSS: 10.0 1-Click Hack Found in Popular Desktop Apps — Check If You're Using Them

CVSS: 6.8 (RHSA-2021:1206) Important: gnutls and nettle security update

CVSS: 7.2 Linux kernel vulnerabilities

CVSS: 7.2 sudo security update

CVSS: 7.2 Linux kernel vulnerabilities

CVSS: 9.0 Nagios XI Remote Code Execution

CVSS: 7.1 Security Bug Allows Attackers to Brick Kubernetes Clusters

CVSS: 10.0 FBI Clears ProxyLogon Web Shells from Hundreds of Orgs

CVSS: 7.5 (RHSA-2021:1186) Moderate: RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] 0-day security, bug fix, enhance

CVSS: 7.5 (RHSA-2021:1169) Moderate: RHV Manager (ovirt-engine) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

CVSS: 7.5 (RHSA-2021:1184) Moderate: RHV RHEL Host (ovirt-host) 4.4.z [ovirt-4.4.5] security, bug fix, enhancement

CVSS: 10.0 Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes

CVSS: 7.5 CVE-2021-31162

CVSS: 6.8 Update Your Chrome Browser to Patch 2 New In-the-Wild 0-Day Exploits

CVSS: 7.5 Underscore vulnerability

----NVD Last 3 Days----

CVE#: CVE-2017-20004 Published Date: 2021-04-14 CVSS: NO CVSS Description: In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.

CVE#: CVE-2018-19942 Published Date: 2021-04-16 CVSS: NO CVSS Description: A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 build 20210202 (and later) QTS 4.5.1.1456 build 20201015 (and later) QTS 4.3.6.1446 build 20200929 (and later) QTS 4.3.4.1463 build 20201006 (and later) QTS 4.3.3.1432 build 20201006 (and later) QTS 4.2.6 build 20210327 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.4.1601 build 20210309 (and later) QuTScloud c4.5.3.1454 build 20201013 (and later)

CVE#: CVE-2018-25008 Published Date: 2021-04-14 CVSS: NO CVSS Description: In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.

CVE#: CVE-2020-19778 Published Date: 2021-04-14 CVSS: NO CVSS Description: Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request.

CVE#: CVE-2020-21087 Published Date: 2021-04-14 CVSS: 2.7 Description: Cross Site Scripting (XSS) in X2Engine X2CRM v6.9 and older allows remote attackers to execute arbitrary code by injecting arbitrary web script or HTML via the "New Name" field of the "Rename a Module" tool.

CVE#: CVE-2020-21088 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in X2engine X2CRM v7.1 and older allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "First Name" and "Last Name" fields in "/index.php/contacts/create page"

CVE#: CVE-2020-2509 Published Date: 2021-04-17 CVSS: NO CVSS Description: A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We have already fixed this vulnerability in the following versions: QTS 4.5.2.1566 Build 20210202 and later QTS 4.5.1.1495 Build 20201123 and later QTS 4.3.6.1620 Build 20210322 and later QTS 4.3.4.1632 Build 20210324 and later QTS 4.3.3.1624 Build 20210416 and later QTS 4.2.6 Build 20210327 and later QuTS hero h4.5.1.1491 build 20201119 and later

CVE#: CVE-2020-27237 Published Date: 2021-04-15 CVSS: NO CVSS Description: An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the The nomenclature parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE#: CVE-2020-27238 Published Date: 2021-04-15 CVSS: NO CVSS Description: An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The code parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE#: CVE-2020-27239 Published Date: 2021-04-15 CVSS: NO CVSS Description: An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3. The assetStatus parameter in the getAssets.jsp page is vulnerable to unauthenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability.

CVE#: CVE-2020-28124 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field.

CVE#: CVE-2020-28592 Published Date: 2021-04-15 CVSS: NO CVSS Description: A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability.

CVE#: CVE-2020-28593 Published Date: 2021-04-15 CVSS: NO CVSS Description: A unauthenticated backdoor exists in the configuration server functionality of Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability.

CVE#: CVE-2020-28898 Published Date: 2021-04-15 CVSS: NO CVSS Description: In QED ResourceXpress through 4.9k, a large numeric or alphanumeric value submitted in specific URL parameters causes a server error in script execution due to insufficient input validation.

CVE#: CVE-2020-29592 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in Orchard before 1.10. A broken access control issue in Orchard components that use the TinyMCE HTML editor's file upload allows an attacker to upload dangerous executables that bypass the file types allowed (regardless of the file types allowed list in Media settings).

CVE#: CVE-2020-29593 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in Orchard before 1.10. The Media Settings Allowed File Types list field allows an attacker to add a XSS payload that will execute when users attempt to upload a disallowed file type, causing the error to display.

CVE#: CVE-2020-35418 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in the contact page of Group Office CRM 6.4.196 by uploading a crafted svg file.

CVE#: CVE-2020-35419 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in Group Office CRM 6.4.196 via the SET_LANGUAGE parameter.

CVE#: CVE-2020-35660 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in Monica before 2.19.1 via the journal page.

CVE#: CVE-2020-36120 Published Date: 2021-04-14 CVSS: 3.6 Description: Buffer Overflow in the "sixel_encoder_encode_bytes" function of Libsixel v1.8.6 allows attackers to cause a Denial of Service (DoS).

CVE#: CVE-2020-36195 Published Date: 2021-04-17 CVSS: NO CVSS Description: An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain application information. QNAP has already fixed this vulnerability in the following versions of Multimedia Console and the Media Streaming add-on. QTS 4.3.3: Media Streaming add-on 430.1.8.10 and later QTS 4.3.6: Media Streaming add-on 430.1.8.8 and later QTS 4.4.x and later: Multimedia Console 1.3.4 and later We have also fixed this vulnerability in the following versions of QTS 4.3.3 and QTS 4.3.6, respectively: QTS 4.3.3.1624 Build 20210416 or later QTS 4.3.6.1620 Build 20210322 or later

CVE#: CVE-2020-36288 Published Date: 2021-04-15 CVSS: NO CVSS Description: The issue navigation and search view in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.1 allows remote attackers to inject arbitrary HTML or JavaScript via a DOM Cross-Site Scripting (XSS) vulnerability caused by parameter pollution.

CVE#: CVE-2020-36322 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.

CVE#: CVE-2020-36323 Published Date: 2021-04-14 CVSS: NO CVSS Description: In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.

CVE#: CVE-2020-7269 Published Date: 2021-04-15 CVSS: NO CVSS Description: Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.

CVE#: CVE-2020-7270 Published Date: 2021-04-15 CVSS: NO CVSS Description: Exposure of Sensitive Information in the web interface in McAfee Advanced Threat Defense (ATD) prior to 4.12.2 allows remote authenticated users to view sensitive unencrypted information via a carefully crafted HTTP request parameter. The risk is partially mitigated if your ATD instances are deployed as recommended with no direct access from the Internet to them.

CVE#: CVE-2020-7308 Published Date: 2021-04-15 CVSS: NO CVSS Description: Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS allows a remote attacker to view the requests from ENS and responses from GTI over DNS. By gaining control of an intermediate DNS server or altering the network DNS configuration, it is possible for an attacker to intercept requests and send their own responses.

CVE#: CVE-2020-9667 Published Date: 2021-04-16 CVSS: 5.9 Description: Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to to plant custom binaries and execute them with System permissions. Exploitation of this issue requires user interaction.

CVE#: CVE-2020-9668 Published Date: 2021-04-16 CVSS: 4.2 Description: Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user.

CVE#: CVE-2020-9681 Published Date: 2021-04-16 CVSS: 5.9 Description: Adobe Genuine Service version 6.6 (and earlier) is affected by an Uncontrolled Search Path element vulnerability. An authenticated attacker could exploit this to rewrite the file of the administrator, which may lead to elevated permissions. Exploitation of this issue requires user interaction.

CVE#: CVE-2021-0488 Published Date: 2021-04-15 CVSS: NO CVSS Description: In pb_write of pb_encode.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-178754781

CVE#: CVE-2021-20288 Published Date: 2021-04-15 CVSS: NO CVSS Description: An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHX_GET_AUTH_SESSION_KEY requests, it doesn't sanitize other_keys, allowing key reuse. An attacker who can request a global_id can exploit the ability of any user to request a global_id previously associated with another user, as ceph does not force the reuse of old keys to generate new ones. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

CVE#: CVE-2021-20491 Published Date: 2021-04-16 CVSS: NO CVSS Description: IBM Spectrum Protect Server 7.1 and 8.1 is subject to a stack-based buffer overflow caused by improper bounds checking during the parsing of commands. By issuing such a command with an improper parameter, an authorized administrator could overflow a buffer and cause the server to crash. IBM X-Force ID: 197792.

CVE#: CVE-2021-21087 Published Date: 2021-04-15 CVSS: 3.4 Description: Adobe Coldfusion versions 2016 (update 16 and earlier), 2018 (update 10 and earlier) and 2021.0.0.323925 are affected by an Improper Neutralization of Directives in Dynamically Evaluated Code (‘Eval Injection’) vulnerability. An attacker could abuse this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction.

CVE#: CVE-2021-21091 Published Date: 2021-04-15 CVSS: 1.4 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds read vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21092 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21093 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21094 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21095 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Out-of-bounds write vulnerability when parsing a crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21096 Published Date: 2021-04-15 CVSS: 4.2 Description: Adobe Bridge versions 10.1.1 (and earlier) and 11.0.1 (and earlier) are affected by an Improper Authorization vulnerability in the Genuine Software Service. A low-privileged attacker could leverage this vulnerability to achieve application denial-of-service in the context of the current user. Exploitation of this issue does not require user interaction.

CVE#: CVE-2021-21100 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Digital Editions version 4.5.11.187245 (and earlier) is affected by a Privilege Escalation vulnerability during installation. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary file system write in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-21405 Published Date: 2021-04-15 CVSS: NO CVSS Description: Lotus is an Implementation of the Filecoin protocol written in Go. BLS signature validation in lotus uses blst library method VerifyCompressed. This method accepts signatures in 2 forms: "serialized", and "compressed", meaning that BLS signatures can be provided as either of 2 unique byte arrays. Lotus block validation functions perform a uniqueness check on provided blocks. Two blocks are considered distinct if the CIDs of their blockheader do not match. The CID method for blockheader includes the BlockSig of the block. The result of these issues is that it would be possible to punish miners for valid blocks, as there are two different valid block CIDs available for each block, even though this must be unique. By switching from the go based `blst` bindings over to the bindings in `filecoin-ffi`, the code paths now ensure that all signatures are compressed by size and the way they are deserialized. This happened in https://github.com/filecoin-project/lotus/pull/5393.

CVE#: CVE-2021-22539 Published Date: 2021-04-16 CVSS: NO CVSS Description: An attacker can place a crafted JSON config file into the project folder pointing to a custom executable. VScode-bazel allows the workspace path to lint *.bzl files to be set via this config file. As such the attacker is able to execute any executable on the system through vscode-bazel. We recommend upgrading to version 0.4.1 or above.

CVE#: CVE-2021-22879 Published Date: 2021-04-14 CVSS: NO CVSS Description: Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation.

CVE#: CVE-2021-23884 Published Date: 2021-04-15 CVSS: NO CVSS Description: Cleartext Transmission of Sensitive Information vulnerability in the ePO Extension of McAfee Content Security Reporter (CSR) prior to 2.8.0 allows an ePO administrator to view the unencrypted password of the McAfee Web Gateway (MWG) or the password of the McAfee Web Gateway Cloud Server (MWGCS) read only user used to retrieve log files for analysis in CSR.

CVE#: CVE-2021-23886 Published Date: 2021-04-15 CVSS: NO CVSS Description: Denial of Service vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to cause a BSoD through suspending a process, modifying the processes memory and restarting it. This is triggered by the hdlphook driver reading invalid memory.

CVE#: CVE-2021-23887 Published Date: 2021-04-15 CVSS: NO CVSS Description: Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) Endpoint for Windows prior to 11.6.100 allows a local, low privileged, attacker to write to arbitrary controlled kernel addresses. This is achieved by launching applications, suspending them, modifying the memory and restarting them when they are monitored by McAfee DLP through the hdlphook driver.

CVE#: CVE-2021-24028 Published Date: 2021-04-14 CVSS: NO CVSS Description: An invalid free in Thrift's table-based serialization can cause the application to crash or potentially result in code execution or other undesirable effects. This issue affects Facebook Thrift prior to v2021.02.22.00.

CVE#: CVE-2021-25314 Published Date: 2021-04-14 CVSS: NO CVSS Description: A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root. This issue affects: SUSE Linux Enterprise High Availability 12-SP3 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 12-SP5 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 15-SP2 hawk2 versions prior to 2.6.3+git.1614684118.af555ad9.

CVE#: CVE-2021-25316 Published Date: 2021-04-14 CVSS: NO CVSS Description: A Insecure Temporary File vulnerability in s390-tools of SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-SP2 allows local attackers to prevent VM live migrations This issue affects: SUSE Linux Enterprise Server 12-SP5 s390-tools versions prior to 2.1.0-18.29.1. SUSE Linux Enterprise Server 15-SP2 s390-tools versions prior to 2.11.0-9.20.1.

CVE#: CVE-2021-26030 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page

CVE#: CVE-2021-26031 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.

CVE#: CVE-2021-26073 Published Date: 2021-04-16 CVSS: NO CVSS Description: Broken Authentication in Atlassian Connect Express (ACE) from version 3.0.2 before version 6.6.0: Atlassian Connect Express is a Node.js package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Express app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Express versions between 3.0.2 - 6.5.0 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

CVE#: CVE-2021-26074 Published Date: 2021-04-16 CVSS: NO CVSS Description: Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions between 1.1.0 - 2.1.2 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

CVE#: CVE-2021-26075 Published Date: 2021-04-15 CVSS: NO CVSS Description: The Jira importers plugin AttachTemporaryFile rest resource in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before 8.13.4, and from version 8.14.0 before 8.15.1 allowed remote authenticated attackers to obtain the full path of the Jira application data directory via an information disclosure vulnerability in the error message when presented with an invalid filename.

CVE#: CVE-2021-26076 Published Date: 2021-04-15 CVSS: NO CVSS Description: The jira.editor.user.mode cookie set by the Jira Editor Plugin in Jira Server and Data Center before version 8.5.12, from version 8.6.0 before version 8.13.4, and from version 8.14.0 before version 8.15.0 allows remote anonymous attackers who can perform an attacker in the middle attack to learn which mode a user is editing in due to the cookie not being set with a secure attribute if Jira was configured to use https.

CVE#: CVE-2021-26582 Published Date: 2021-04-15 CVSS: NO CVSS Description: A security vulnerability in HPE IceWall SSO Domain Gateway Option (Dgfw) module version 10.0 on RHEL 5/6/7, version 10.0 on HP-UX 11i v3, version 10.0 on Windows and 11.0 on Windows could be exploited remotely to allow cross-site scripting (XSS).

CVE#: CVE-2021-26805 Published Date: 2021-04-14 CVSS: NO CVSS Description: Buffer Overflow in tsMuxer 2.6.16 allows attackers to cause a Denial of Service (DoS) by running the application with a malicious WAV file.

CVE#: CVE-2021-26812 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in the Jitsi Meet 2.7 through 2.8.3 plugin for Moodle via the "sessionpriv.php" module. This allows attackers to craft a malicious URL, which when clicked on by users, can inject javascript code to be run by the application.

CVE#: CVE-2021-26827 Published Date: 2021-04-14 CVSS: NO CVSS Description: Buffer Overflow in TP-Link WR2041 v1 firmware for the TL-WR2041+ router allows remote attackers to cause a Denial-of-Service (DoS) by sending an HTTP request with a very long "ssid" parameter to the "/userRpm/popupSiteSurveyRpm.html" webpage, which crashes the router.

CVE#: CVE-2021-26830 Published Date: 2021-04-16 CVSS: NO CVSS Description: SQL Injection in Tribalsystems Zenario CMS 8.8.52729 allows remote attackers to access the database or delete the plugin. This is accomplished via the `ID` input field of ajax.php in the `Pugin library - delete` module.

CVE#: CVE-2021-26832 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in the "Reset Password" page form of Priority Enterprise Management System v8.00 allows attackers to execute javascript on behalf of the victim by sending a malicious URL or directing the victim to a malicious site.

CVE#: CVE-2021-27112 Published Date: 2021-04-15 CVSS: NO CVSS Description: LightCMS v1.3.5 contains a remote code execution vulnerability in /app/Http/Controllers/Admin/NEditorController.php during the downloading of external images.

CVE#: CVE-2021-27113 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters.

CVE#: CVE-2021-27114 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'s_ip" and "s_mac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address.

CVE#: CVE-2021-27129 Published Date: 2021-04-15 CVSS: NO CVSS Description: CASAP Automated Enrollment System version 1.0 contains a cross-site scripting (XSS) vulnerability through the Students > Edit > ROUTE parameter.

CVE#: CVE-2021-27130 Published Date: 2021-04-14 CVSS: NO CVSS Description: Online Reviewer System 1.0 contains a SQL injection vulnerability through authentication bypass, which may lead to a reverse shell upload.

CVE#: CVE-2021-27180 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in MDaemon before 20.0.4. There is Reflected XSS in Webmail (aka WorldClient). It can be exploited via a GET request. It allows performing any action with the privileges of the attacked user.

CVE#: CVE-2021-27181 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in MDaemon before 20.0.4. Remote Administration allows an attacker to perform a fixation of the anti-CSRF token. In order to exploit this issue, the user has to click on a malicious URL provided by the attacker and successfully authenticate into the application. Having the value of the anti-CSRF token, the attacker may trick the user into visiting his malicious page and performing any request with the privileges of attacked user.

CVE#: CVE-2021-27182 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in MDaemon before 20.0.4. There is an IFRAME injection vulnerability in Webmail (aka WorldClient). It can be exploited via an email message. It allows an attacker to perform any action with the privileges of the attacked user.

CVE#: CVE-2021-27183 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in MDaemon before 20.0.4. Administrators can use Remote Administration to exploit an Arbitrary File Write vulnerability. An attacker is able to create new files in any location of the filesystem, or he may be able to modify existing files. This vulnerability may directly lead to Remote Code Execution.

CVE#: CVE-2021-27246 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 AC1750 1.0.15 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of MAC addresses by the tdpServer endpoint. A crafted TCP message can write stack pointers to the stack. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-12306.

CVE#: CVE-2021-27247 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows remote attackers to disclose sensitive information on affected installations of Tencent WeChat 2.9.5 desktop version. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the WXAM decoder. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-11907.

CVE#: CVE-2021-27248 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage parameter, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-10932.

CVE#: CVE-2021-27249 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-11369.

CVE#: CVE-2021-27250 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 v1.01rc001 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the errorpage request parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11856.

CVE#: CVE-2021-27251 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Authentication is not required to exploit this vulnerability The specific flaw exists within handling of firmware updates. The issue results from a fallback to a insecure protocol to deliver updates. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12308.

CVE#: CVE-2021-27252 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R7800 firmware version 1.0.2.76. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the vendor_specific DHCP opcode. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12216.

CVE#: CVE-2021-27253 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of the rc_service parameter provided to apply_bind.cgi. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-12303.

CVE#: CVE-2021-27258 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute escalate privileges on affected installations of SolarWinds Orion Platform 2020.2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SaveUserSetting endpoint. The issue results from improper restriction of this endpoint to unprivileged users. An attacker can leverage this vulnerability to escalate privileges their privileges from Guest to Administrator. Was ZDI-CAN-11903.

CVE#: CVE-2021-27259 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12021.

CVE#: CVE-2021-27260 Published Date: 2021-04-14 CVSS: NO CVSS Description: This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-12068.

CVE#: CVE-2021-27288 Published Date: 2021-04-14 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in X2Engine X2CRM v7.1 allows remote attackers to obtain sensitive information by injecting arbitrary web script or HTML via the "Comment" field in "/profile/activity" page.

CVE#: CVE-2021-27394 Published Date: 2021-04-16 CVSS: NO CVSS Description: A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.19), Mendix Applications using Mendix 8 (All versions < V8.17.0), Mendix Applications using Mendix 8 (V8.12) (All versions < V8.12.5), Mendix Applications using Mendix 8 (V8.6) (All versions < V8.6.9), Mendix Applications using Mendix 9 (All versions < V9.0.5). Authenticated, non-administrative users could modify their privileges by manipulating the user role under certain circumstances, allowing them to gain administrative privileges.

CVE#: CVE-2021-27544 Published Date: 2021-04-15 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "sername" parameter.

CVE#: CVE-2021-27545 Published Date: 2021-04-15 CVSS: NO CVSS Description: SQL Injection in the "add-services.php" component of PHPGurukul Beauty Parlour Management System v1.0 allows remote attackers to obtain sensitive database information by injecting SQL commands into the "sername" parameter.

CVE#: CVE-2021-27599 Published Date: 2021-04-14 CVSS: NO CVSS Description: SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be restricted.

CVE#: CVE-2021-27604 Published Date: 2021-04-14 CVSS: NO CVSS Description: In order to prevent XML External Entity vulnerability in SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Enterprise Service Repository JAVA Mappings), versions - 7.10, 7.20, 7.30, 7.31, 7.40, 7.50, SAP recommends to refer this note.

CVE#: CVE-2021-27608 Published Date: 2021-04-14 CVSS: NO CVSS Description: An unquoted service path in SAPSetup, version - 9.0, could lead to privilege escalation during the installation process that is performed when an executable file is registered. This could further lead to complete compromise of confidentiality, Integrity and Availability.

CVE#: CVE-2021-27672 Published Date: 2021-04-15 CVSS: NO CVSS Description: SQL Injection in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to obtain sesnitive database information by injecting SQL commands into the "cID" parameter when creating a new HTML component.

CVE#: CVE-2021-27673 Published Date: 2021-04-15 CVSS: NO CVSS Description: Cross Site Scripting (XSS) in the "admin_boxes.ajax.php" component of Tribal Systems Zenario CMS v8.8.52729 allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the "cID" parameter when creating a new HTML component.

CVE#: CVE-2021-27691 Published Date: 2021-04-16 CVSS: NO CVSS Description: Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5(5876)_CN , and Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted action/setDebugCfg request. This occurs because the "formSetDebugCfg" function executes glibc's system function with untrusted input.

CVE#: CVE-2021-27692 Published Date: 2021-04-16 CVSS: NO CVSS Description: Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15.11.0.16(9024)_CN allows remote attackers to execute arbitrary OS commands via a crafted "action/umountUSBPartition" request. This occurs because the "formSetUSBPartitionUmount" function executes the "doSystemCmd" function with untrusted input.

CVE#: CVE-2021-27705 Published Date: 2021-04-14 CVSS: NO CVSS Description: Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"qosIndex "request. This occurs because the "formQOSRuleDel" function directly passes the parameter "qosIndex" to strcpy without limit.

CVE#: CVE-2021-27706 Published Date: 2021-04-14 CVSS: NO CVSS Description: Buffer Overflow in Tenda G1 and G3 routers with firmware version V15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"IPMacBindIndex "request. This occurs because the "formIPMacBindDel" function directly passes the parameter "IPMacBindIndex" to strcpy without limit.

CVE#: CVE-2021-27707 Published Date: 2021-04-14 CVSS: NO CVSS Description: Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.17(9502)_CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without limit.

CVE#: CVE-2021-27708 Published Date: 2021-04-14 CVSS: NO CVSS Description: Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "command" parameter is directly passed to the attacker, allowing them to control the "command" field to attack the OS.

CVE#: CVE-2021-27710 Published Date: 2021-04-14 CVSS: NO CVSS Description: Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system function with untrusted input. In the function, "ip" parameter is directly passed to the attacker, allowing them to control the "ip" field to attack the OS.

CVE#: CVE-2021-27815 Published Date: 2021-04-14 CVSS: NO CVSS Description: NULL Pointer Deference in the exif command line tool, when printing out XML formatted EXIF data, in exif v0.6.22 and earlier allows attackers to cause a Denial of Service (DoS) by uploading a malicious JPEG file, causing the application to crash.

CVE#: CVE-2021-27850 Published Date: 2021-04-15 CVSS: NO CVSS Description: A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was possible to download arbitrary class files from the classpath by providing a crafted asset file URL. An attacker was able to download the file `AppModule.class` by requesting the URL `http://localhost:8080/assets/something/services/AppModule.class` which contains a HMAC secret key. The fix for that bug was a blacklist filter that checks if the URL ends with `.class`, `.properties` or `.xml`. Bypass: Unfortunately, the blacklist solution can simply be bypassed by appending a `/` at the end of the URL: `http://localhost:8080/assets/something/services/AppModule.class/` The slash is stripped after the blacklist check and the file `AppModule.class` is loaded into the response. This class usually contains the HMAC secret key which is used to sign serialized Java objects. With the knowledge of that key an attacker can sign a Java gadget chain that leads to RCE (e.g. CommonsBeanUtils1 from ysoserial). Solution for this vulnerability: * For Apache Tapestry 5.4.0 to 5.6.1, upgrade to 5.6.2 or later. * For Apache Tapestry 5.7.0, upgrade to 5.7.1 or later.

CVE#: CVE-2021-27989 Published Date: 2021-04-14 CVSS: 2.7 Description: Appspace 6.2.4 is vulnerable to stored cross-site scripting (XSS) in multiple parameters within /medianet/sgcontentset.aspx.

CVE#: CVE-2021-27990 Published Date: 2021-04-14 CVSS: NO CVSS Description: Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities.

CVE#: CVE-2021-28048 Published Date: 2021-04-14 CVSS: NO CVSS Description: An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page.

CVE#: CVE-2021-28055 Published Date: 2021-04-15 CVSS: NO CVSS Description: An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. The anti-CSRF token generation is predictable, which might allow CSRF attacks that add an admin user.

CVE#: CVE-2021-28060 Published Date: 2021-04-14 CVSS: NO CVSS Description: A Server-Side Request Forgery (SSRF) vulnerability in Group Office 6.4.196 allows a remote attacker to forge GET requests to arbitrary URLs via the url parameter to group/api/upload.php.

CVE#: CVE-2021-28098 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in Forescout CounterACT before 8.1.4. A local privilege escalation vulnerability is present in the logging function. SecureConnector runs with administrative privileges and writes logs entries to a file in %PROGRAMDATA%\ForeScout SecureConnector\ that has full permissions for the Everyone group. Using a symbolic link allows an attacker to point the log file to a privileged location such as %WINDIR%\System32. The resulting log file adopts the file permissions of the source of the symbolic link (in this case, the Everyone group). The log file in System32 can be replaced and renamed with a malicious DLL for DLL hijacking.

CVE#: CVE-2021-28157 Published Date: 2021-04-14 CVSS: NO CVSS Description: An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete.

CVE#: CVE-2021-28242 Published Date: 2021-04-15 CVSS: NO CVSS Description: SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers to obtain sensitive database information by injecting SQL commands into the "cf_name" parameter when creating a new filter under the "Collections" tab.

CVE#: CVE-2021-28300 Published Date: 2021-04-14 CVSS: NO CVSS Description: NULL Pointer Dereference in the "isomedia/track.c" module's "MergeTrack()" function of GPAC v0.5.2 allows attackers to execute arbitrary code or cause a Denial-of-Service (DoS) by uploading a malicious MP4 file.

CVE#: CVE-2021-28484 Published Date: 2021-04-14 CVSS: NO CVSS Description: An issue was discovered in the /api/connector endpoint handler in Yubico yubihsm-connector before 3.0.1 (in YubiHSM SDK before 2021.04). The handler did not validate the length of the request, which can lead to a state where yubihsm-connector becomes stuck in a loop waiting for the YubiHSM to send it data, preventing any further operations until the yubihsm-connector is restarted. An attacker can send 0, 1, or 2 bytes to trigger this.

CVE#: CVE-2021-28548 Published Date: 2021-04-15 CVSS: 5.9 Description: Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-28549 Published Date: 2021-04-15 CVSS: NO CVSS Description: Adobe Photoshop versions 21.2.6 (and earlier) and 22.3 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted JSX file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE#: CVE-2021-28797 Published Date: 2021-04-14 CVSS: NO CVSS Description: A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (and later) for ARM CPU NAS (64bit OS) and x86 CPU NAS (64bit OS) Surveillance Station 5.1.5.3.3 (and later) for ARM CPU NAS (32bit OS) and x86 CPU NAS (32bit OS)

CVE#: CVE-2021-28825 Published Date: 2021-04-14 CVSS: NO CVSS Description: The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition: versions 1.3.0 and below and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition: versions 1.3.0 and below.

CVE#: CVE-2021-28826 Published Date: 2021-04-14 CVSS: NO CVSS Description: The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Community Edition: versions 1.3.0 and below and TIBCO Messaging - Eclipse Mosquitto Distribution - Bridge - Enterprise Edition: versions 1.3.0 and below.

CVE#: CVE-2021-28855 Published Date: 2021-04-14 CVSS: NO CVSS Description: In Deark before 1.5.8, a specially crafted input file can cause a NULL pointer dereference in the dbuf_write function (src/deark-dbuf.c).

CVE#: CVE-2021-28856 Published Date: 2021-04-14 CVSS: NO CVSS Description: In Deark before v1.5.8, a specially crafted input file can cause a division by zero in (src/fmtutil.c) because of the value of pixelsize.

CVE#: CVE-2021-29338 Published Date: 2021-04-14 CVSS: NO CVSS Description: Integer Overflow in OpenJPEG v2.4.0 allows remote attackers to crash the application, causing a Denial of Service (DoS). This occurs when the attacker uses the command line option "-ImgDir" on a directory that contains 1048576 files.

CVE#: CVE-2021-29430 Published Date: 2021-04-15 CVSS: NO CVSS Description: Sydent is a reference Matrix identity server. Sydent does not limit the size of requests it receives from HTTP clients. A malicious user could send an HTTP request with a very large body, leading to memory exhaustion and denial of service. Sydent also does not limit response size for requests it makes to remote Matrix homeservers. A malicious homeserver could return a very large response, again leading to memory exhaustion and denial of service. This affects any server which accepts registration requests from untrusted clients. This issue has been patched by releases 89071a1, 0523511, f56eee3. As a workaround request sizes can be limited in an HTTP reverse-proxy. There are no known workarounds for the problem with overlarge responses.

CVE#: CVE-2021-29431 Published Date: 2021-04-15 CVSS: NO CVSS Description: Sydent is a reference Matrix identity server. Sydent can be induced to send HTTP GET requests to internal systems, due to lack of parameter validation or IP address blacklisting. It is not possible to exfiltrate data or control request headers, but it might be possible to use the attack to perform an internal port enumeration. This issue has been addressed in in 9e57334, 8936925, 3d531ed, 0f00412. A potential workaround would be to use a firewall to ensure that Sydent cannot reach internal HTTP resources.

CVE#: CVE-2021-29432 Published Date: 2021-04-15 CVSS: NO CVSS Description: Sydent is a reference matrix identity server. A malicious user could abuse Sydent to send out arbitrary emails from the Sydent email address. This could be used to construct plausible phishing emails, for example. This issue has been fixed in 4469d1d.

CVE#: CVE-2021-29433 Published Date: 2021-04-15 CVSS: NO CVSS Description: ### Impact Missing input validation of some parameters on the endpoints used to confirm third-party identifiers could cause excessive use of disk space and memory leading to resource exhaustion. ### Patches Fixed by 3175fd3. ### Workarounds There are no known workarounds. ### References n/a ### For more information If you have any questions or comments about this advisory, email us at security@matrix.org.

CVE#: CVE-2021-29443 Published Date: 2021-04-16 CVSS: NO CVSS Description: jose is an npm library providing a number of cryptographic operations. In vulnerable versions AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. A possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). All major release versions have had a patch released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `^1.28.1 || ^2.0.5 || >=3.11.4`. Users should upgrade their v1.x dependency to ^1.28.1, their v2.x dependency to ^2.0.5, and their v3.x dependency to ^3.11.4. Thanks to Jason from Microsoft Vulnerability Research (MSVR) for bringing this up and Eva Sarafianou (@esarafianou) for helping to score this advisory.

CVE#: CVE-2021-29444 Published Date: 2021-04-16 CVSS: NO CVSS Description: jose-browser-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.

CVE#: CVE-2021-29445 Published Date: 2021-04-16 CVSS: NO CVSS Description: jose-node-esm-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.

CVE#: CVE-2021-29446 Published Date: 2021-04-16 CVSS: NO CVSS Description: jose-node-cjs-runtime is an npm package which provides a number of cryptographic functions. In versions prior to 3.11.4 the AES_CBC_HMAC_SHA2 Algorithm (A128CBC-HS256, A192CBC-HS384, A256CBC-HS512) decryption would always execute both HMAC tag verification and CBC decryption, if either failed `JWEDecryptionFailed` would be thrown. But a possibly observable difference in timing when padding error would occur while decrypting the ciphertext makes a padding oracle and an adversary might be able to make use of that oracle to decrypt data without knowing the decryption key by issuing on average 128*b calls to the padding oracle (where b is the number of bytes in the ciphertext block). A patch was released which ensures the HMAC tag is verified before performing CBC decryption. The fixed versions are `>=3.11.4`. Users should upgrade to `^3.11.4`.

CVE#: CVE-2021-29447 Published Date: 2021-04-15 CVSS: NO CVSS Description: Wordpress is an open source CMS. A user with the ability to upload files (like an Author) can exploit an XML parsing issue in the Media Library leading to XXE attacks. This requires WordPress installation to be using PHP 8. Access to internal files is possible in a successful XXE attack. This has been patched in WordPress version 5.7.1, along with the older affected versions via a minor release. We strongly recommend you keep auto-updates enabled.

CVE#: CVE-2021-29448 Published Date: 2021-04-15 CVSS: NO CVSS Description: Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. The Stored XSS exists in the Pi-hole Admin portal, which can be exploited by the malicious actor with the network access to DNS server. See the referenced GitHub security advisory for patch details.

CVE#: CVE-2021-29449 Published Date: 2021-04-14 CVSS: NO CVSS Description: Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details.

CVE#: CVE-2021-29450 Published Date: 2021-04-15 CVSS: NO CVSS Description: Wordpress is an open source CMS. One of the blocks in the WordPress editor can be exploited in a way that exposes password-protected posts and pages. This requires at least contributor privileges. This has been patched in WordPress 5.7.1, along with the older affected versions via minor releases. It's strongly recommended that you keep auto-updates enabled to receive the fix.

CVE#: CVE-2021-29451 Published Date: 2021-04-16 CVSS: NO CVSS Description: Portofino is an open source web development framework. Portofino before version 5.2.1 did not properly verify the signature of JSON Web Tokens. This allows forging a valid JWT. The issue will be patched in the upcoming 5.2.1 release.

CVE#: CVE-2021-29452 Published Date: 2021-04-16 CVSS: NO CVSS Description: a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible to admins. Unfortunately, privileges were incorrectly checked allowing any logged in user to make this change. Patched in v0.18.2.

CVE#: CVE-2021-29654 Published Date: 2021-04-14 CVSS: NO CVSS Description: AjaxSearchPro before 4.20.8 allows Deserialization of Untrusted Data (in the import database feature of the administration panel), leading to Remote Code execution.

CVE#: CVE-2021-30138 Published Date: 2021-04-15 CVSS: NO CVSS Description: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE#: CVE-2021-3017 Published Date: 2021-04-14 CVSS: NO CVSS Description: The web interface on Intelbras WIN 300 and WRN 342 devices through 2021-01-04 allows remote attackers to discover credentials by reading the def_wirelesspassword line in the HTML source code.

CVE#: CVE-2021-30209 Published Date: 2021-04-15 CVSS: NO CVSS Description: Textpattern V4.8.4 contains an arbitrary file upload vulnerability where a plug-in can be loaded in the background without any security verification, which may lead to obtaining system permissions.

CVE#: CVE-2021-30245 Published Date: 2021-04-15 CVSS: NO CVSS Description: The project received a report that all versions of Apache OpenOffice through 4.1.8 can open non-http(s) hyperlinks. The problem has existed since about 2006 and the issue is also in 4.1.9. If the link is specifically crafted this could lead to untrusted code execution. It is always best practice to be careful opening documents from unknown and unverified sources. The mitigation in Apache OpenOffice 4.1.10 (unreleased) assures that a security warning is displayed giving the user the option of continuing to open the hyperlink.

CVE#: CVE-2021-30459 Published Date: 2021-04-14 CVSS: NO CVSS Description: A SQL Injection issue in the SQL Panel in Jazzband Django Debug Toolbar before 1.11.1, 2.x before 2.2.1, and 3.x before 3.2.1 allows attackers to execute SQL statements by changing the raw_sql input field of the SQL explain, analyze, or select form.

CVE#: CVE-2021-30477 Published Date: 2021-04-15 CVSS: NO CVSS Description: An issue was discovered in Zulip Server before 3.4. A bug in the implementation of replies to messages sent by outgoing webhooks to private streams meant that an outgoing webhook bot could be used to send messages to private streams that the user was not intended to be able to send messages to.

CVE#: CVE-2021-30478 Published Date: 2021-04-15 CVSS: NO CVSS Description: An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the can_forge_sender permission (previously is_api_super_user) resulted in users with this permission being able to send messages appearing as if sent by a system bot, including to other organizations hosted by the same Zulip installation.

CVE#: CVE-2021-30479 Published Date: 2021-04-15 CVSS: NO CVSS Description: An issue was discovered in Zulip Server before 3.4. A bug in the implementation of the all_public_streams API feature resulted in guest users being able to receive message traffic to public streams that should have been only accessible to members of the organization.

CVE#: CVE-2021-30487 Published Date: 2021-04-15 CVSS: NO CVSS Description: In the topic moving API in Zulip Server 3.x before 3.4, organization administrators were able to move messages to streams in other organizations hosted by the same Zulip installation.

CVE#: CVE-2021-30493 Published Date: 2021-04-14 CVSS: NO CVSS Description: Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the ChromaBroadcast subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).

CVE#: CVE-2021-30494 Published Date: 2021-04-14 CVSS: NO CVSS Description: Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other words, an attacker can create a file in an unintended directory (with some limitations).

CVE#: CVE-2021-31152 Published Date: 2021-04-14 CVSS: NO CVSS Description: Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords, and perform other actions through misconfigured requests, entries, and headers.

CVE#: CVE-2021-31162 Published Date: 2021-04-14 CVSS: 5.9 Description: In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics.

CVE#: CVE-2021-31229 Published Date: 2021-04-15 CVSS: NO CVSS Description: An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_internal_dtd() performs incorrect memory handling while parsing crafted XML files, which leads to an out-of-bounds write of a one byte constant.

CVE#: CVE-2021-31347 Published Date: 2021-04-16 CVSS: NO CVSS Description: An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (writing outside a memory region created by mmap).

CVE#: CVE-2021-31348 Published Date: 2021-04-16 CVSS: NO CVSS Description: An issue was discovered in libezxml.a in ezXML 0.8.6. The function ezxml_parse_str() performs incorrect memory handling while parsing crafted XML files (out-of-bounds read after a certain strcspn failure).

CVE#: CVE-2021-31402 Published Date: 2021-04-15 CVSS: NO CVSS Description: The dio package 4.0.0 for Dart allows CRLF injection if the attacker controls the HTTP method string, a different vulnerability than CVE-2020-35669.

CVE#: CVE-2021-31414 Published Date: 2021-04-16 CVSS: NO CVSS Description: The unofficial vscode-rpm-spec extension before 0.3.2 for Visual Studio Code allows remote code execution via a crafted workspace configuration.

CVE#: CVE-2021-3243 Published Date: 2021-04-15 CVSS: NO CVSS Description: Wfilter ICF 5.0.117 contains a cross-site scripting (XSS) vulnerability. An attacker in the same LAN can craft a packet with a malicious User-Agent header to inject a payload in its logs, where an attacker can take over the system by through its plugin-running function.

CVE#: CVE-2021-3487 Published Date: 2021-04-15 CVSS: NO CVSS Description: There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption.

----#MALWARE----

newsoft53759560: RT @QAValley: Behind Every Successful Cyber Attack There Is A Human https://t.co/rxnS8K5Ekz #Cyberattack #Cybersecurity #Cybercrime #Malwar… Link with Tweet

newsoft53759560: RT @QAValley: The Need for a Cybersecurity Protection Agency https://t.co/R2XPjeF1CC #CyberSecurity #Malware #Cyberattack #Cybercrime #Rans… Link with Tweet

Fabriciosx: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

beefyspace: RT @cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial #ransomwar… Link with Tweet

PythonExpertBot: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

beefyspace: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

botcybersec: RT @cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial #ransomwar… Link with Tweet

cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial… https://t.co/jZvWSpNPIp Link with Tweet Link with Tweet

the404code: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

botcybersec: RT @DBMPartners: Cybersecurity: Victims are spotting cyberattacks much more quickly - but there's a catch #cybersecurity #cyberattack #hack…

DBMPartners: Cybersecurity: Victims are spotting cyberattacks much more quickly - but there's a catch #cybersecurity… https://t.co/i8EXPteFFL Link with Tweet

cyber_int: ⚠️ [NEW BLOG] There's an ongoing attack campaign targeting social media influencers, attempting to infect them with… https://t.co/DP7VyMWcHi Link with Tweet

CyberSecurityN8: RT @phishingorguk: 5 Measures You Can Take Against Spear Phishing https://t.co/hFhyI360M3 #databreach #malware #ransomware #emailsecurit… Link with Tweet

sectest9: RT @phishingorguk: 5 Measures You Can Take Against Spear Phishing https://t.co/hFhyI360M3 #databreach #malware #ransomware #emailsecurit… Link with Tweet

sectest9: RT @CDOTrends: Reality: Ransonware attacks are getting worse and far more costly; Profound damaging effects across all businesses and organ…

----#PHISHING----

MalwarePatrol: Another active #Phishing targeting Dropbox URL: hxxps://sonne-medoon.firebaseapp.com/ #onpatrol4malware (bot genera… https://t.co/LKGp3pyFl0 Link with Tweet

cybersec_feeds: RT @DataSpaceSecur1: 💪Ready To Accelerate Your Security Operations? Get a free Demo! & Learn How We Can Help You With Spear #Phishing, #Thr…

JEMPradio: Allman Brothers Band - Mountain Jam (9-16-71) #Phish #CommunityRadio https://t.co/LPFrNQaySD Link with Tweet

sectest9: RT @TMCheck_: ⚠️ @Amazon Scam Alert⚠️ Your name is Membership Of Amazon. 😏 ✅Use #TrendMicroCheck for immediate scam detection: https://t.c…

CyberSecurityN8: RT @TMCheck_: ⚠️ @Amazon Scam Alert⚠️ Your name is Membership Of Amazon. 😏 ✅Use #TrendMicroCheck for immediate scam detection: https://t.c…

CyberSematic: RT @attcyber: Does a Covid-based #phishing exercise succeed in anything other than violating the senses? Read today's #guestblog from @BobC…

TMCheck_: ⚠️ @Amazon Scam Alert⚠️ Your name is Membership Of Amazon. 😏 ✅Use #TrendMicroCheck for immediate scam detection:… https://t.co/W48PIzzktc Link with Tweet

JEMPradio: Phish - Julius (12-31-14) #Phish #CommunityRadio https://t.co/LPFrNQaySD Link with Tweet

JEMPradio: Jimi Hendrix - Johnny B. Goode (5-30-70) #Phish #CommunityRadio https://t.co/LPFrNQaySD Link with Tweet

botcybersec: RT @SecurePurple: Can you spot a #phishing attempt? #CyberSecurity #socialmedia https://t.co/odGQ7Ni6ZO

SecurePurple: Can you spot a #phishing attempt? #CyberSecurity #socialmedia https://t.co/odGQ7Ni6ZO

beefyspace: RT @NcsVentures: The major bank scam targeting South Africans right now – and why you often can’t get your money back | #phishing | #scams…

JEMPradio: Trey Anastasio - More (10-30-19) #Phish #CommunityRadio https://t.co/LPFrNQaySD Link with Tweet

beefyspace: RT @GregoryDEvans: The major bank scam targeting South Africans right now – and why you often can’t get your money back | #phishing | #scam…

beefyspace: RT @GarWarner: Two Indonesian scammers arrested for their #SMS #phishing related to state unemployment scams. 20 million SMS messages convi…

----#OSINT----

thesecuritydai1: dutch_osintguy: RT @Ginger__T: Five excellent #OSINT resources :- ➡️@OsintCurious https://t.co/WyN4akHims ➡️… https://t.co/qjcnQuq2nK Link with Tweet Link with Tweet

TarnishedByPDX: RT @lobsterlarryliu: Training of Liaoning aircraft carrier formation in South China Sea. Image via @planetlabs #OSINT #Liaoning #PLA http…

darkfyrewall: RT @CtgIntelligence: #OSINT training doesn't have to be expensive! Great presentation by @10fMan7 at @d_overcon highlighting great resource…

HerefordIT: RT @CtgIntelligence: #OSINT training doesn't have to be expensive! Great presentation by @10fMan7 at @d_overcon highlighting great resource…

steffanwatkins: RT @lobsterlarryliu: Training of Liaoning aircraft carrier formation in South China Sea. Image via @planetlabs #OSINT #Liaoning #PLA http…

137more: RT @lobsterlarryliu: Training of Liaoning aircraft carrier formation in South China Sea. Image via @planetlabs #OSINT #Liaoning #PLA http…

CircuitMagazine: A great set of free or cost effective #OSINT educational resources! https://t.co/cX2gorwdPN Link with Tweet

LockpickingPete: RT @Ginger__T: Five excellent #OSINT trainers :- ➡️@WebBreacher https://t.co/bsIAZSWqkj ➡️@technisette https://t.co/620qlaU9vn ➡️@Blackstag… Link with Tweet Link with Tweet

lobsterlarryliu: Training of Liaoning aircraft carrier formation in South China Sea. Image via @planetlabs #OSINT #Liaoning #PLA https://t.co/ZyTOOBr1Ri

d_overcon: RT @CtgIntelligence: #OSINT training doesn't have to be expensive! Great presentation by @10fMan7 at @d_overcon highlighting great resource…

CtgIntelligence: #OSINT training doesn't have to be expensive! Great presentation by @10fMan7 at @d_overcon highlighting great resou… https://t.co/j6HASHPK1T Link with Tweet

RDSWEB: RT @aw_osint: @Ginger__T listed great #OSINT trainers 👩‍🏫  I would also add: @Sector035 @nixintel @hatless1der @sinwindie @the_wojciech and…

RDSWEB: RT @IFENewsAgency: Update: Pic 1: #Russia Air Force Beriev Be-200 multirole amphibious aircraft on mission over Sea of Azov. Pic 2: Russ…

LockpickingPete: RT @aw_osint: @Ginger__T listed great #OSINT trainers 👩‍🏫  I would also add: @Sector035 @nixintel @hatless1der @sinwindie @the_wojciech and…

crispSV: #Russia Air Force Beriev Be-200 multirole amphibious aircraft on mission over Sea of Azov. #Crimea #Ukraine #NATO… https://t.co/BxBbrZbeg8 Link with Tweet

----#THREATINTEL----

cyberreport_io: What are the different roles within cybersecurity? https://t.co/YJOX0sVNoV #cybersecurity #threatintelligence… https://t.co/DbwwEN3Egl Link with Tweet Link with Tweet

kay_ay_: RT @bad_packets: Mass scanning activity detected from 185.191.32.158 (🇷🇺) targeting Fortinet VPN servers vulnerable to unauthenticated arbi…

SecdevB: RT @Certego_Intel: #Covid19 #CertStream #Suspicious Domain: ww16[.coronavirusliveupdate[.com VirusTotal: https://t.co/So3RigYnz8 #CyberSecu… Link with Tweet

Certego_Intel: #Covid19 #CertStream #Suspicious Domain: ww16[.coronavirusliveupdate[.com VirusTotal: https://t.co/So3RigYnz8… https://t.co/0Nmiy0uZ21 Link with Tweet Link with Tweet

cybersec_feeds: RT @RedPacketSec: University of Hertfordshire Hit by Cyberattack - https://t.co/pY2mh44jyY #OSINT #Security #Threatintel #cybersecurity Link with Tweet

cybersec_feeds: RT @RedPacketSec: 643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo - https://t.co/VOFDQKkc5y #OSINT #Security #Th… Link with Tweet

cybersec_feeds: RT @RedPacketSec: ParkMobile Data Breach: 21Million User Data Exposed - https://t.co/E5omitXGYR #OSINT #Security #Threatintel #cybersecurity Link with Tweet

cybersec_feeds: RT @RedPacketSec: U.S. Agencies Warns of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities - https://t.co/rWPJbL4ode #OS… Link with Tweet

cybersec_feeds: RT @reconshell: Harpoon - OSINT and Threat Intelligence CLI tool #OSINT #ThreatIntelligence #InfoSec #CyberSecurity #Harpoon @Emrullah_A…

f2rv: RT @reconshell: Harpoon - OSINT and Threat Intelligence CLI tool #OSINT #ThreatIntelligence #InfoSec #CyberSecurity #Harpoon @Emrullah_A…

RedPacketSec: U.S. Agencies Warns of Russian APT Operators Exploiting Five Publicly Known Vulnerabilities -… https://t.co/Za4xg9Alxo Link with Tweet

RedPacketSec: ParkMobile Data Breach: 21Million User Data Exposed - https://t.co/E5omitXGYR #OSINT #Security #Threatintel #cybersecurity Link with Tweet

botcybersec: RT @RedPacketSec: 643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo - https://t.co/VOFDQKkc5y #OSINT #Security #Th… Link with Tweet

botcybersec: RT @RedPacketSec: University of Hertfordshire Hit by Cyberattack - https://t.co/pY2mh44jyY #OSINT #Security #Threatintel #cybersecurity Link with Tweet

RedPacketSec: 643GB of Customer Information Exposed in a Data Breach Suffered by Bizongo - https://t.co/VOFDQKkc5y #OSINT… https://t.co/2tH6gotpvd Link with Tweet Link with Tweet

----#RANSOMWARE----

newsoft53759560: RT @QAValley: Behind Every Successful Cyber Attack There Is A Human https://t.co/rxnS8K5Ekz #Cyberattack #Cybersecurity #Cybercrime #Malwar… Link with Tweet

newsoft53759560: RT @QAValley: The Need for a Cybersecurity Protection Agency https://t.co/R2XPjeF1CC #CyberSecurity #Malware #Cyberattack #Cybercrime #Rans… Link with Tweet

Fabriciosx: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

beefyspace: RT @cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial #ransomwar… Link with Tweet

PythonExpertBot: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

beefyspace: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

botcybersec: RT @cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial #ransomwar… Link with Tweet

cybermaterial_: Certified Ethical Hacker (Practical) https://t.co/4mSwdLsax8 #cybersecurity #infosec #malware #cybermaterial… https://t.co/jZvWSpNPIp Link with Tweet Link with Tweet

the404code: RT @keepnetlabs: Watering Hole Attacks https://t.co/0MUanI5Dms #databreach #malware #ransomware #emailsecurity #datasecurity #iot #covid1… Link with Tweet

CyberSecurityN8: RT @phishingorguk: 5 Measures You Can Take Against Spear Phishing https://t.co/hFhyI360M3 #databreach #malware #ransomware #emailsecurit… Link with Tweet

CyberSecurityN8: RT @SecurChronicle: #Teslarvng #Ransomware operators are claiming to have mail #Database of @PittBullSecure (#US based premium managed #IT…

sectest9: RT @SecurChronicle: #Teslarvng #Ransomware operators are claiming to have mail #Database of @PittBullSecure (#US based premium managed #IT…

sectest9: RT @phishingorguk: 5 Measures You Can Take Against Spear Phishing https://t.co/hFhyI360M3 #databreach #malware #ransomware #emailsecurit… Link with Tweet

hackingcoil: RT @SecurChronicle: #Teslarvng #Ransomware operators are claiming to have mail #Database of @PittBullSecure (#US based premium managed #IT…

welcometobora: RT @ISC2: In 2020, ransomware was the most widely-used method of delivering cyber attacks, accounting for 23% of security events handled by…

-----#OPENDIR----

status_418: #Opendir | #Phishingkit Victims: @Office365 Kits: hXXps://mnseating.com/FN/new.zip Actors: litogeneration@yandex… https://t.co/qm2d5MS60o Link with Tweet

-----#MALSPAM----

AndreGironda: RT @malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email examples,…

cybersec_feeds: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

an4lys1s: RT @malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email examples,…

JRoosen: RT @malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email examples,…

cpardue09: #ln -s :malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter… https://t.co/PhbsAkct9P Link with Tweet

shotgunner101: RT @malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email examples,…

malware_traffic: 2021-04-16 (Friday) - #BazaLoader (#BazarLoader) from #BazaCall (#BazarCall) callcenter #malspam - 10 email example… https://t.co/yzSMLr6G1z Link with Tweet

cybersec_feeds: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

beefyspace: RT @reecdeep: #AgentTesla #Malware targets #italy 🇮🇹 from #Malspam exfiltrates via Telegram bot "Conferma dell'account" ⚙️ https://t.co/9…

cybersec_feeds: RT @reecdeep: #AgentTesla #Malware targets #italy 🇮🇹 from #Malspam exfiltrates via Telegram bot "Conferma dell'account" ⚙️ https://t.co/9…

1nt_ma1in: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

AnonOzzyDude: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

sectest9: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

CyberSecurityN8: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

England20124: RT @reecdeep: #AgentTesla #Malware from #Malspam "telephone conversation" MD5: A0494AF086A80AABB398034D4438AD12 🔥 pauline.nguimfack@elect…

----#EMOTET----

AcooEdi: Threat Roundup for April 9 to April 16 https://t.co/ApDKOnLlTa #CiscoTalos #Dridex #Emotet #Features #IOCs via… https://t.co/dOX4hlB7Uw Link with Tweet Link with Tweet

McAfee_Help: Are you prepared to defend against #Emotet? Watch our Emotet Trojan #webcast, where we covered behavioral analysi… https://t.co/gkM5bVBrv8 Link with Tweet

AndreGironda: RT @ShadowMagnetGER: #Emotet preparing for a comeback? New version compile date 2021-02-07, switching back to the anti ML obfuscator they u…

botcybersec: RT @securityjwd: Emotet Takedown: Time to Celebrate? #emotet #cybersecurity https://t.co/Jjz7mFrWaa Link with Tweet

securityjwd: Emotet Takedown: Time to Celebrate? #emotet #cybersecurity https://t.co/Jjz7mFrWaa Link with Tweet

sectest9: RT @malware_devil: #emotet Takedown: Time to Celebrate? https://t.co/jErlernJEI #cyber #eff #emotet #europe #infrastructure #malware #se… Link with Tweet

CyberSecurityN8: RT @malware_devil: #emotet Takedown: Time to Celebrate? https://t.co/jErlernJEI #cyber #eff #emotet #europe #infrastructure #malware #se… Link with Tweet

malware_devil: #emotet Takedown: Time to Celebrate? https://t.co/jErlernJEI #cyber #eff #emotet #europe #infrastructure #malware #security #malwaredevil Link with Tweet

GitaMike: RT @Eurojust: ✉️ It's here! Find all the highlights of the first quarter wrapped up in our latest newsletter: 🇵🇹 First steps with the #EU2…

EUCriminalLaw: RT @Eurojust: ✉️ It's here! Find all the highlights of the first quarter wrapped up in our latest newsletter: 🇵🇹 First steps with the #EU2…

coordinationEU: RT @Eurojust: ✉️ It's here! Find all the highlights of the first quarter wrapped up in our latest newsletter: 🇵🇹 First steps with the #EU2…

_TimHeller: RT @Eurojust: ✉️ It's here! Find all the highlights of the first quarter wrapped up in our latest newsletter: 🇵🇹 First steps with the #EU2…

Eurojust: ✉️ It's here! Find all the highlights of the first quarter wrapped up in our latest newsletter: 🇵🇹 First steps wit… https://t.co/a2LFsq1Kc9 Link with Tweet

PolymEkaterina: RT @Obrela: At the end of January 2021, #Emotet, “the world’s most dangerous #malware,” was taken down by global law enforcement teams. But…

botcybersec: RT @Obrela: At the end of January 2021, #Emotet, “the world’s most dangerous #malware,” was taken down by global law enforcement teams. But…

-----#BUGBOUNTY----

TheBugBot: RT @KurenoLola: Friday night podcast listening time! Good night everyone, and I hope you have a wonderful and peaceful weekend! #cybersecur…

CoderRetweet: RT @HackingBooksPDF: Cyber Operations #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBu…

davidvalles007: RT @fernale: I'm pleased to share my first write-up :D How I got 9000 USD by hacking into #Apple iCloud. https://t.co/7Ze9GxI6zH #BugBou… Link with Tweet

codedailybot: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

codedailybot: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

codedailybot: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

codedailybot: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

PythonExpertBot: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

sectest9: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

CyberSecurityN8: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

CoderRetweet: RT @HackingBooksPDF: Network Guide #books #PDF #100DaysOfCode #bugbountytips #ethicalhacking #Hackers #Pentesting #CyberSecurity #BugsBunny…

0xAr7hur: RT @pwn0sec: High up to Criticals using a fuzz-recon Leaked a database credentials in phpmyadmin /phpMyAdmin/templates /phpMyAdmin/databas…

botcybersec: RT @viehgroup: Hunting for bugs in Telegram's animated stickers remote attack surface https://t.co/2x670gSP2X #Pentesting #Fuzzing #BugBo… Link with Tweet

viehgroup: Hunting for bugs in Telegram's animated stickers remote attack surface https://t.co/2x670gSP2X #Pentesting… https://t.co/RNRcZw4KUl Link with Tweet Link with Tweet

a1woareS: RT @pwn0sec: High up to Criticals using a fuzz-recon Leaked a database credentials in phpmyadmin /phpMyAdmin/templates /phpMyAdmin/databas…

----#CYBERCRIME----

vishne0: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

newsoft53759560: RT @QAValley: Behind Every Successful Cyber Attack There Is A Human https://t.co/rxnS8K5Ekz #Cyberattack #Cybersecurity #Cybercrime #Malwar… Link with Tweet

newsoft53759560: RT @QAValley: The Need for a Cybersecurity Protection Agency https://t.co/R2XPjeF1CC #CyberSecurity #Malware #Cyberattack #Cybercrime #Rans… Link with Tweet

rafitayeye: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

beefyspace: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

VENOMonDUTY: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

missyadores: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

AbubakarMundir: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

CyberSecurityN8: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

sectest9: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

MindsOoo: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

Janddda: RT @TheHackersNews: A Ukrainian hacker—who worked as a system administrator for the BILLION-dollar #hacking group #FIN7—has been sentenced…

real_pars: RT @tht_en: 5 Operating Systems for Ethical Hackers❗ #cybersecurity #cyberattack #data #system #apps #network #kalilinux #parrot #program…

tht_en: 5 Operating Systems for Ethical Hackers❗ #cybersecurity #cyberattack #data #system #apps #network #kalilinux… https://t.co/iHRXypTHAw Link with Tweet

chidambara09: RT @scanta_io: The $1 billion Russian cyber company that the US says hacks for Moscow! https://t.co/Ej6PBZuOgV #Scanta #DigitalTransforma… Link with Tweet

----Hacking Updates----

aigars-github updated blacklist. This repo has 0 stars and 1 watchers. This repo was created on 2020-10-24. --- IP's from which scanning, spaming or hacking attempts detected

22XploiterCrew-Team updated Gel4y-Mini-Shell-Backdoor. This repo has 35 stars and 1 watchers. This repo was created on 2021-03-20. --- A webshell that can bypass some system security

hackforla updated website. This repo has 22 stars and 26 watchers. This repo was created on 2018-04-18. --- Hack for LA's website

Zarcolio updated sitedorks. This repo has 250 stars and 18 watchers. This repo was created on 2020-04-18. --- Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term with a default set of websites, bug bounty programs or a custom collection. *** Help wanted with more lists ***

MuhammadJamal99 updated hackerRank_challenges. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- Solve Hacker rank challenges

PDGHACK-10 updated FACEBOOK-BRUTEFORCE. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- FACEBOOK BRUTEFORCE THIS TOOL USE TO HACK FACEBOOK OR BRUTEFORCE IT WITH TERMUX APP

RfidResearchGroup updated proxmark3. This repo has 955 stars and 71 watchers. This repo was created on 2018-08-12. --- RRG / Iceman repo, the most totally wicked repo around if you are into Proxmark3 and RFID hacking

Chamepp updated GoogleForms. This repo has 6 stars and 1 watchers. This repo was created on 2020-12-03. --- :dart: Simply Hack Google Forms.

22anirudhk updated covid-net. This repo has 0 stars and 0 watchers. This repo was created on 2020-07-15. --- 🎉   2nd Place - Harmony Hacks 2 📈  A Deep Learning Powered Automated Coronavirus Visualization and Prediction Software

danielburgess updated hextra. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- The ROM Hacking Hex Editor. Written as an html/javascript component.

mister-hai updated grab-bag-of-madness. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-27. --- just for stuff I share with hackers

y-ohanne-s updated Life-Hacks. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- A Simple Life Hacks App built by Flutter

eppeque updated hacker_news. This repo has 2 stars and 1 watchers. This repo was created on 2020-12-08. --- A Hacker News reader app.

snolab updated CapsLockX. This repo has 42 stars and 5 watchers. This repo was created on 2017-06-09. --- Operate the computer like a hacker! 像黑客一样操作电脑!

clintev1 updated Kwitter. This repo has 1 stars and 1 watchers. This repo was created on 2021-02-23. --- So this app is made for chatting. Just enter your name then create your room and Hangout with your friends. There is no password. We never take your personal info except for your name. No hackers. It's hacker-proof!

DanielOliyarnik updated Virtual-me. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- For hack dartmouth

elmot updated lempo_smart_watch. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- Hacking Chinese smart watch based on nRF52832

akamboj99 updated Hacker-Rank. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-04. --- This repository contains all solutions to the problem I solved on hacker rank

Moham3dRiahi updated XAttacker. This repo has 915 stars and 89 watchers. This repo was created on 2017-11-07. --- X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

Ananya-0306 updated Cybersecurity. This repo has 1 stars and 1 watchers. This repo was created on 2021-04-09. --- A collection of various awesome lists for hackers, pentesters and security researchers

vay3t updated hax0rpi. This repo has 94 stars and 18 watchers. This repo was created on 2016-07-26. --- A Raspberry Pi Hacker Tools suite

LeonarthCG updated FFTA_Engine_Hacks. This repo has 7 stars and 3 watchers. This repo was created on 2019-02-07. --- A collection of my modular engine hacks for FFTA

haisenberg updated book-it. This repo has 2 stars and 1 watchers. This repo was created on 2021-04-16. --- Automatic hacking book search by google dorks

qvtqht updated sHiTMyseLf. This repo has 1 stars and 1 watchers. This repo was created on 2020-11-29. --- friendly floating forum for hackers and their friends

sayanarijit updated xplr. This repo has 854 stars and 9 watchers. This repo was created on 2021-02-24. --- A hackable, minimal, fast TUI file explorer, stealing ideas from nnn and fzf.

----Security Updates----

Isaacobuya5 updated spring_security_practice. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- None

projectdiscovery updated nuclei-templates. This repo has 1503 stars and 106 watchers. This repo was created on 2020-04-04. --- Community curated list of templates for the nuclei engine to find security vulnerabilities.

22XploiterCrew-Team updated Gel4y-Mini-Shell-Backdoor. This repo has 35 stars and 1 watchers. This repo was created on 2021-03-20. --- A webshell that can bypass some system security

Vadbeg updated networks-and-info-security. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-04. --- Labs for University subject

nusenu updated OrNetStats. This repo has 19 stars and 2 watchers. This repo was created on 2017-05-08. --- Stats about the Tor network (website)

geekabel updated security. This repo has 0 stars and 1 watchers. This repo was created on 2019-07-29. --- note sur les essentiel de la sécurité

damienbod updated angular-auth-oidc-client. This repo has 598 stars and 36 watchers. This repo was created on 2017-06-13. --- npm package for OpenID Connect, OAuth Code Flow with PKCE, Refresh tokens, Implicit Flow

JavaGarcia updated Neanet. This repo has 5 stars and 1 watchers. This repo was created on 2020-08-02. --- Threat intelligence

chungdk1993 updated Spring_master. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-13. --- Spring Framework 환경 구축부터 AOP, JPA, Security, Unit Test, Log 등의 단계적 적용을 통한 Spring에 대한 전반적 학습

Anteste updated Pentesting-Notes. This repo has 5 stars and 1 watchers. This repo was created on 2020-12-14. --- Notes from CTF, KOTH, security adventures, etc..

f0r3idd3n-n3tw0rk2 updated H4CK1NG-SCRIPTS. This repo has 1 stars and 1 watchers. This repo was created on 2021-01-09. --- Small Python Scripts for Cyber Security Study

nikitavoryet updated jwt-crack-goLang. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- The project was created for a brute JWT token that can be used on GO. The author is not responsible for the use of the project. The main idea is to check the work of the security department with an estimate of the reaction time. Also the idea is to check the difficulty of generating a token.

CrashOverrideProductions updated Tools. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-11. --- Penetration Testing and Cyber Security Tools

PKUFlyingPig updated UCB-CS161. This repo has 0 stars and 1 watchers. This repo was created on 2021-02-07. --- computer security

tobias-z updated security-testing. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- None

YurinDoctrine updated Fresh. This repo has 2 stars and 2 watchers. This repo was created on 2020-10-17. --- Tons of modules for Windows 10 fine-tuning and post installation

OpenVPN updated openvpn. This repo has 5828 stars and 421 watchers. This repo was created on 2012-04-26. --- OpenVPN is an open source VPN daemon

NuurZrReaq updated Security. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- None

z1pti3 updated jimi. This repo has 27 stars and 6 watchers. This repo was created on 2020-06-11. --- Jimi is an automation first platform designed from the ground by IT and Cyber Security. Automation first means that the usual product limitations are removed opening the possibilities of automation to all aspects of IT. Jimi features a rich no-code user interface creating a single pane of glass that effortlessly integrate your existing tools unlocking new possibilities and enabling cross functional automation.

juliojsb updated jota-cert-checker. This repo has 32 stars and 5 watchers. This repo was created on 2016-11-22. --- Check SSL certificate expiration date of a list of sites.

czs108 updated PE-Packer. This repo has 74 stars and 9 watchers. This repo was created on 2020-01-02. --- 📦 A simple Windows x86 PE file packer written in C & Microsoft Assembly. The file after packing can obstruct the process of reverse engineering.

GrapheneOS updated releases.grapheneos.org. This repo has 14 stars and 8 watchers. This repo was created on 2018-12-22. --- GrapheneOS update server site.

Parthiv-M updated events-wearemist. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-15. --- The repository for the Events portal for Manipal Information Security Team

controlplaneio updated kubesec. This repo has 458 stars and 13 watchers. This repo was created on 2017-10-10. --- Security risk analysis for Kubernetes resources

kateberryd updated security-app. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-15. --- None

----PoC Updates----

Esperenzza updated splunk-cloud-cicd. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- A Proof Of Concept on how to integrate Splunk Cloud in a CICD pipeline

NIkolayrr updated election-app. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-09. --- Proof of concept for I-voting application build with React Native - Expo and Firebase.

Denperidge updated media-raspberry-pie. This repo has 0 stars and 1 watchers. This repo was created on 2020-06-02. --- A set of tools that allow a Raspberry Pi to become the cheapest downloading + streaming platform. More proof of concept than anything. Still watch official releases if possible.

codecreative updated newsminder. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-22. --- Proof of concept Puppeteer and Actions

schulke-214 updated django-page-transitions. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-14. --- A proof of concept repo to show transition abilities for bigger server side rendered django projects.

ualberta-smr updated api-mapping-with-program-synthesis. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-09. --- A proof of concept that program synthesis can be used for API mapping

Systems-Modeling updated SysML-v2-Pilot-Implementation. This repo has 28 stars and 14 watchers. This repo was created on 2018-01-09. --- Proof-of-concept pilot implementation of the SysML v2 textual notation and visualization

jsherling updated io-oasis. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-07. --- Proof of concept for social media site

mitwelten updated mitwelten-iot-hardware-poc. This repo has 0 stars and 2 watchers. This repo was created on 2021-02-12. --- IoT Hardware Proof of Concept

UCSD-E4E updated Automated_Audio_Labeling_System_AID. This repo has 1 stars and 7 watchers. This repo was created on 2021-01-31. --- A repo designed to convert audio-based "weak" labels to "strong" intraclip labels. Provides a pipeline to compare automated moment-to-moment labels to human labels. Current proof of concept work being fulfilled on Bird Audio clips using Microfaune predictions.

clojurust updated clojurust. This repo has 4 stars and 1 watchers. This repo was created on 2020-09-28. --- A proof of concept version of Clojure in Rust.

Peabo83 updated Valheim-Server-Web-GUI. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-27. --- This is a proof of concept of a simple web GUI for a Valheim server configured with https://github.com/Nimdy/Dedicated_Valheim_Server_Script *Requires Apache2, PHP and PHP command 'shell_exec' enabled

OSAlt updated gb-www-site. This repo has 0 stars and 2 watchers. This repo was created on 2021-03-03. --- New GeekBeacon Proof of Concept

gdevic updated CalculatorProof. This repo has 1 stars and 1 watchers. This repo was created on 2021-03-12. --- Calculator Project: Proof of Concept

crcollver updated bandcamp-group-listen. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-21. --- A simple chat and music sync app using Vue 3 and Firebase. Styling to be done at a later date, this is simply a proof of concept.

unPi-ro updated sonar.glass. This repo has 0 stars and 0 watchers. This repo was created on 2021-03-28. --- a proof of concept, smart visor for the Blind, built with Raspberry Pico

GlennMay updated POC_SQL_DATA_MOCKER. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-15. --- Proof of concept - Sql Data Mock generator.

webyrd updated mediKanren. This repo has 207 stars and 25 watchers. This repo was created on 2017-11-17. --- Proof-of-concept for reasoning over the SemMedDB knowledge base, using miniKanren + heuristics + indexing.

oparamo updated talkingdog. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-16. --- A proof-of-concept application for exploring Twilio's APIs. Uses firebase cloud functions to receive WebHook notifications. Also I didn't make this, my dog actually did. 🐕

garrettmichaelgeorge updated patch_cable. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-19. --- WIP: A proof-of-concept implementation of the Patcher family of audio programming environments, using Tone.js backed by Rails and Stimulus Reflex.

binup5727 updated Final_POC. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-11. --- proof of concept

AltruSight updated AltruSight. This repo has 0 stars and 0 watchers. This repo was created on 2021-01-25. --- AltruSight’s goal is to implement a proof-of concept website to serve as a beacon of transparency when it comes to donating money to nonprofits. There are several main goals for our project. First, we want to provide a centralized system where donors can track how their donations are being used. We also wish to add a social aspect of donation in the form of a Venmo-esque payment feed, as well as the ability to favorite, share, like, etc. for any nonprofit supported on the website. We also wish to ultimately provide a comprehensive analytics platform detailing how each nonprofit spends their money, as well as details on an individual level detailing personal goals and donations. Ultimately, our objective is to create a system that makes it easier to hold nonprofits accountable and makes it easier for donors to see how their donations are being put to use, as well as providing relevant information on the legitimacy of nonprofits supported on the website. We want to be a central hub of information for all things nonprofit.

nullsecuritynet updated tools. This repo has 1371 stars and 169 watchers. This repo was created on 2015-02-01. --- Security and Hacking Tools, Exploits, Proof of Concepts, Shellcodes, Scripts.

nightingaleproject updated blackbird. This repo has 3 stars and 6 watchers. This repo was created on 2018-02-06. --- This proof-of-concept application demonstrates a technical approach for allowing medical certifiers to report and certify to jurisdiction electronic death registration systems (EDRS) from a hospital setting.

pfaffman updated discourse-pfaffmanager. This repo has 1 stars and 2 watchers. This repo was created on 2020-09-24. --- Mostly proof of concept plugin for adding a model