Infosec News

CVE-2020-1967 – Segmentation fault in OpenSSL

OVERVIEW OpenSSL is a robust, commercial-grade, and full-featured toolkit for the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols. It is also a general-purpose cryptography library.   It is a software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is …

CVE-2020-1967 – Segmentation fault in OpenSSL Read More »

Multiple Qakbot (Qbot) waves detected in April 2020

Since last month there have been significant resurgence in Qbot. Different Qbot waves were reported like “feature“, “extend“, “string” and “one-drive” wave. Several bot_groups spx85 to spx103 were found active for this Qakbot resurgence. In this post we will be going though detailed analysis of the Qbot wave -“feature wave” from bot_group spx98. What is …

Multiple Qakbot (Qbot) waves detected in April 2020 Read More »

Patch your Vcenter server for CVSS10.0 rated vulnerability – CVE-2020-3952

This report is about the vulnerability found in the VMWare vCenter software and recorded in CVE-ID: CVE-2020-3952. The vulnerability is caused by improper access controls affecting the VMware Directory Service. The affected version of the software is vCenter 6.7 with a patch available for this software flaw. What is vCenter server? vCenter Server is an …

Patch your Vcenter server for CVSS10.0 rated vulnerability – CVE-2020-3952 Read More »

“MegaCortex” Ransomware in action -A MayDay gift no-one wanted

Sudden presence of all new megaCortex ransomware on various enterprise network was not less then a May Day surprise for Infotech world. A new ransomware named as MegaCortex got noticed on last wednesday when a serious hike was noticed against multiple clients of sophos around the globe. According to Sophos lab investigation, attack was delivered …

“MegaCortex” Ransomware in action -A MayDay gift no-one wanted Read More »