November 2021 – Page 2 – TheCyberThrone

Apache SSRF bug Exploited

Threat actors are exploiting a recently addressed server-side request forgery (SSRF) vulnerability, tracked as CVE-2021-40438, in Apache HTTP servers. This flaw can be exploited against httpd web servers that have…

PravinKarthik November 29, 2021

APT37 Unleashes Chinotto Malware

North Korean defectors, journalists, and entities in South Korea are being targeted in on by a nation state sponsored APT tracked as ScarCruft, also known as APT37 aka Reaper Group…

PravinKarthik November 29, 2021

Microsoft Defender fails with its Defence

Microsoft has confirmed a new issue impacting Windows Server devices preventing the Microsoft Defender for Endpoint security solution from launching on some systems. The enterprise endpoint security platform might fail…

PravinKarthik November 29, 2021

HTTPS Everywhere soon will become Nowhere

A browser extension that encrypts and secures your communication with websites, HTTPS Everywhere has come a long way. Data transfers between a web browser and a visiting website should always…

PravinKarthik November 29, 2021

Security

Tencent Games Headache

Chinese regulators have told video game giant Tencent that it will need to submit its apps to the Ministry of Industry and Information Technology, or MIIT, before launching or updating…

PravinKarthik November 28, 2021

0Patch Releases Patch for Privilege Escalation Zero Day

0patch released free unofficial patches for Windows local privilege escalation zero-day (CVE-2021-24084) in Windows 10, version 1809 and later. The issue doesn’t impact Windows Servers because the vulnerable functionality in…

PravinKarthik November 28, 2021

Side Channel Attack in Linux Kernel Exploit DNS Cache

A recent research shows the existence of previously overlooked side channels in the Linux kernels that can be exploited to attack DNS servers. DNS has been a fragile part of…

PravinKarthik November 28, 2021

Container Security with Zero Trust & Compliance

Gartner predicts that by end of 2022, more than 75-80% of global organizations will be running containerized applications in production. Though organizations can achieve many business benefits by using Kubernetes…

PravinKarthik November 28, 2021