Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Amid heightened border tensions between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two...

Chinese Hackers Targeted India's Power Grid Amid Geopolitical Tensions

Amid heightened border tensions between India and China, cybersecurity researchers have revealed a concerted campaign against India's critical infrastructure, including the nation's power grid, from Chinese state-sponsored groups. The attacks, which coincided with the standoff between the two...

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y CONFIG_BPF=y CONFIG_CGROUPS=y CONFIG_CGROUP_BPF=y CONFIG_HARDENED_USERCOPY not set and BPF hook to getsockopt is registered). As result of BPF execution the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

...

Malware Gangs Partner Up in Double-Punch Security Threat

Cybergangs are joining forces under the guise of affiliate groups and “as-a-service” models, warns Maya Horowitz, the director of threat intelligence research with Check Point Research. She said the trend is driving a new and thriving cybercriminal underground economy. Several malware gangs have...

Russian Hackers Targeted Ukraine Authorities With Supply-Chain Malware Attack

Ukraine is formally pointing fingers at Russian hackers for hacking into one of its government systems and attempting to plant and distribute malicious documents that would install malware on target systems of public authorities. "The purpose of the attack was the mass contamination of informatio...

So Unchill: Melting UNC2198 ICEDID to Ransomware Operations

Mandiant Advanced Practices AP closely tracks the shifting tactics, techniques, and procedures TTPs of financially motivated groups who severely disrupt organizations with ransomware. In May 2020, FireEye released a blog post detailing intrusion tradecraft associated with the deployment of MAZE. ...

LazyScripter: From Empire to double RAT

Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth...

CVE-2021-3339

ModernFlow before 1.3.00.208 does not constrain web-page access to members of a security group, as demonstrated by the Search Screen and the Profile Screen...

lvm2 bug fix and enhancement update

The lvm2 packages include complete support for handling read and write operations on physical volumes, creating volume groups from one or more physical volumes, and creating one or more logical volumes in volume groups. Bug Fixes and Enhancements: lvmvdo7 manpage bugs manpage needs refinement...

ALBA-2021:0554 lvm2 bug fix and enhancement update

The lvm2 packages include complete support for handling read and write operations on physical volumes, creating volume groups from one or more physical volumes, and creating one or more logical volumes in volume groups. Bug Fixes and Enhancements: lvmvdo7 manpage bugs manpage needs refinement...

A Sticker Sent On Telegram Could Have Exposed Your Secret Chats

Cybersecurity researchers on Monday disclosed details of a now-patched flaw in the Telegram messaging app that could have exposed users' secret messages, photos, and videos to remote malicious actors. The issues were discovered by Italy-based Shielder in iOS, Android, and macOS versions of the ap...

DEBIAN-CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

Heap overflow

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

UBUNTU-CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

CVE-2021-21144

CVE-2021-21144 is a vulnerability in Chromium’s Tab Groups feature, where a heap buffer overflow prior to 88.0.4324.146 could allow a malicious extension to trigger heap corruption and potentially execute arbitrary code. Affected software is the Chromium browser (before 88.0.4324.146). The root c...

CVE-2021-21144

Heap buffer overflow in Tab Groups in Google Chrome prior to 88.0.4324.146 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension...

Detailed: Here's How Iran Spies on Dissidents with the Help of Hackers

Twin cyber operations conducted by state-sponsored Iranian threat actors demonstrate their continued focus on compiling detailed dossiers on Iranian citizens that could threaten the stability of the Islamic Republic, including dissidents, opposition forces, and ISIS supporters, and Kurdish native...