Cobalt Stike Beacon Detected – 47[.]99[.]72[.]130:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]116[.]155[.]6:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]101[.]27[.]127:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Motorola Solutions ACE1000 default account | CVE-2022-30270
NAME Motorola Solutions ACE1000 default account Platforms Affected:Motorola ACE1000Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Motorola Solutions ACE1000 contains default hardcoded credentials. A...
HOME SPOT CUBE2 command execution | CVE-2022-33948
NAME HOME SPOT CUBE2 command execution Platforms Affected:KDDI CORPORATION HOME SPOT CUBE2 V101 KDDI HOME SPOT CUBE2 V102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Advantech iView SQL injection | CVE-2022-2137
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
Simple Page Transition plugin for WordPress cross-site scripting |
NAME Simple Page Transition plugin for WordPress cross-site scripting Platforms Affected:WordPress Simple Page Transition Plugin for WordPress 1.4.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting...
Advantech iView SQL injection | CVE-2022-2143
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Advantech iView could allow a remote attacker to...
Advantech iView SQL injection | CVE-2022-2136
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
ILIAS security bypass | CVE-2022-31266
NAME ILIAS security bypass Platforms Affected:ILIAS ILIAS 7.10Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION ILIAS could allow a remote attacker to bypass security...
Vim denial of service | CVE-2022-2231
NAME Vim denial of service Platforms Affected:Vim Vim 8.2.5164Risk Level:7.8Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION Vim is vulnerable to a...
Advantech iView denial of service | CVE-2022-2138
NAME Advantech iView denial of service Platforms Affected:Advantech iView 5.7Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION Advantech iView is vulnerable to a...
PrestaShop BlockWishList SQL injection | CVE-2022-31101
NAME PrestaShop BlockWishList SQL injection Platforms Affected:PrestaShop BlockWishList 2.0.0Risk Level:8.1Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION PrestaShop BlockWishList is vulnerable to SQL injection. A...
Atlassian Jira Data Center and Server server-side request forgery | CVE-2022-26135
NAME Atlassian Jira Data Center and Server server-side request forgery Platforms Affected:Atlassian Jira Software Data Center 8.14.0 Atlassian Jira Software...
Motorola Solutions ACE1000 default account | CVE-2022-30271
NAME Motorola Solutions ACE1000 default account Platforms Affected:Motorola ACE1000Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Motorola Solutions ACE1000 contains default hardcoded SSH private...
Node.js underscore.deep module code execution | CVE-2022-31106
NAME Node.js underscore.deep module code execution Platforms Affected:Node.js underscore.deep 0.5.2Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js underscore.deep module could allow a remote...
Advantech iView SQL injection | CVE-2022-2142
NAME Advantech iView SQL injection Platforms Affected:Advantech iView 5.7Risk Level:8.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION Advantech iView is vulnerable to SQL injection. A...
YTStealer info-stealing malware targets YouTube content creators
Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new...
Daily Vulnerability Trends: Thu Jun 30 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26809Remote Procedure Call Runtime Remote Code Execution Vulnerability. This CVE ID is...
How to Present Cloud Risk to the Board
Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security...
Gallia – Extendable Pentesting Framework
Gallia is an extendable pentesting framework with the focus on the automotive domain. The scope of gallia is conducting penetration...
Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers
Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers....
Jwtear – Modular Command-Line Tool To Parse, Create And Manipulate JWT Tokens For Hackers
A modular command-line tool to parse, create and manipulate JSON Web Token(JWT) tokens for security testing purposes. Features Complete modularity....
Mitre shared 2022 CWE Top 25 most dangerous software weaknesses
The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top...
