Posted inSecurity

Iranian Phosphorous APT in to Limelight

Microsoft Threat Intelligence Center shared the results of their analysis on the evolution of Iran-linked threat actors. Over the past 12 months, MSTIC experts observed increasingly sophisticated attacks orchestrated by…
Azure AD Info Disclosure Bug Fixed

Azure AD Info Disclosure Bug Fixed

Microsoft has addressed an information disclosure vulnerability, tracked as CVE-2021-42306, affecting Azure AD. The vulnerability received a CVSS score of 8.1. Due to a misconfiguration in Azure, Automation Account “Run…

BlackSmith Follows Row Hammer Attack

Researchers have come up with yet another variation of the Rowhammer attack affecting all DRAM chips that bypasses currently deployed mitigations, thereby effectively compromising the security of the devices. dubbed Blacksmith CVE-2021-42114…

Intel Bugs Severe BIOS Firmware Issue

Intel disclosed two high-severity vulnerabilities that affect the BIOS firmware in several processor families, both vulnerabilities have received a CVSS v3 score of 8.2. The vulnerabilities, tracked as CVE-2021-0157 and CVE-2021-0158,…

Shark Bot🦈 Banking Trojan

Researchers have discovered a new Android banking trojan capable of hijacking users’ smartphones and emptying out e-banking and cryptocurrency accounts.Dubbed SharkBot, after one of the domains used for its C2C. SharkBot…
Microsoft issues OOB Updates for Authentication issues

Microsoft issues OOB Updates for Authentication issues

Microsoft has released out-of-band updates to fix authentication failures related to Kerberos delegation scenarios impacting Domain Controllers (DC) running Windows Server. These issues impacts Windows Server 2019 and lower versions, including Windows…
Lazarus hits with Trojanized IDA

Lazarus hits with Trojanized IDA

Lazarus, the North Korea affiliated state-sponsored group, is attempting to once again target security researchers with backdoors and remote access trojans using a trojanized pirated version of the popular IDA…
OMG DDS Vulnerabilities !

OMG DDS Vulnerabilities !

The CISA has released new ICS alert urging organisations to patch key flaws or DoS attacks. It has pointed to vulnerabilities found in multiple open-source and proprietary Object Management Group…