Stolen Azure AD key offered widespread access to Microsoft cloud services
The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and...
The Week in Ransomware – July 21st 2023 – Avaddon Back as NoEscape
This edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it...
VirusTotal apologizes for data leak affecting 5,600 customers
VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file...
Netscaler ADC bug exploited to breach US critical infrastructure org
The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector...
Clop Drives Record Ransomware Activity in June
Ransomware attacks in June soared 221% year-on-year to hit a record 434 for the month, according to an analysis from...
GitHub Warns Devs of North Korean Attacks
GitHub has warned of a new North Korean threat campaign designed to compromise victims via malicious npm package dependencies.The development...
US DoJ Announces Plan to Shakeup Cybercrime Investigations
The US Department of Justice (DoJ) is doubling the size of the team investigating cryptocurrency crime, with the fight against...
Plurilock Launches Generative AI ‘Guardrails’ Product for Workforces
Generative AI tools have conquered the workplace, especially large language model-based (LLM) chatbots like OpenAI’s ChatGPT and Google’s Bard.These powerful...
Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder
The Russian state prosecution asked the Moscow City Court to impose 18 years in a strict colony regime on Ilya...
Chinese Hackers Breached Ambassador’s Email
A Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These...
CISA: Adobe Releases Security Updates for ColdFusion
Adobe Releases Security Updates for ColdFusion Adobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion(link is...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July...
CISA: Citrix Releases Security Updates for NetScaler ADC and Gateway
Citrix Releases Security Updates for NetScaler ADC and Gateway Citrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
CISA: CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519
CISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519 The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of July 10, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoelra -- parkmatikImproper Neutralization of Special Elements used in an SQL Command...
HackerOne Bug Bounty Disclosure: b-password-reset-endpoint-is-not-brute-force-protected-b-rullzer
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'rullzer'Link to Submitters Profile:https://hackerone.com/b'rullzer' Report Title:b'Password reset endpoint is not brute force...
CISA: Atlassian Releases Security Updates
Atlassian Releases Security Updates Atlassian has released its Security Bulletin for July 2023(link is external) to address vulnerabilities in Confluence Data...
Posh C2 Detected – 103[.]230[.]142[.]243:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
