Cobalt Stike Beacon Detected – 146[.]70[.]87[.]23:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]19[.]230[.]32:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
This Week in Security News – April 1, 2022
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’ If you like the site, please consider joining...
New UAC-0056 activity: There’s a Go Elephant in the room
This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi. UAC-0056 also known as SaintBear, UNC2589 and...
Auto-Elevate – Escalate From A Low-Integrity Administrator Account To NT AUTHORITYSYSTEM Without An LPE Exploit By Combining A COM UAC Bypass And Token Impersonation
This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates...
Globant suffers network breach due to LAPSUS$ compromise
Globant, an IT and software development firm with offices all around the globe, recently admitted in a press statement Wednesday...
Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited
Apple has released security updates for macOS Monterey 12.3.1, iOS 15.4.1, iPadOS 15.4.1, tvOS 15.4.1, and watchOS 8.5.1. The update...
Hive ransomware impacts California non-profit health organisation
Ransomware authors are once again targeting health services, holding important files to ransom and impacting potentially vital services. On this...
LockBit 2.0 Ransomware Victim: https://liceu[.]barcelona/
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Conti Ransomware Victim: https-www-mideacarrier-com-b
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked
Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group. Anonymous continues...
AcidRain, a wiper that crippled routers and modems in Europe
Researchers spotted a new destructive wiper, tracked as AcidRain, that is likely linked to the recent attack against Viasat. Security...
Royal Enfield – 420,873 breached accounts
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over...
Slyther – AWS Security Tool
Slyther is AWS Security tool to check read/write/delete access for S3 buckets Requirements aws-cli Installation pip3 install -r requirements.txt Usage...
Zyxel fixes a critical bug in its business firewall and VPN devices
Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment...
Spring Framework version 5.3.18-CVE-2022-22965
NAME Spring Projects - Spring Framework Platforms Affected:Spring FrameworkRisk Level:highCVE Type:RCE DESCRIPTION CVE-2022-22965 is a remote code execution (RCE) vulnerability...
Apple macOS Monterey 12.3.1-CVE-2022-22675
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Out-of-bounds write DESCRIPTION CVE-2022-22675 is an out-of-bounds write vulnerability impacting Apple macOS Monterey...
Tryton security update-CVE-2022-26662
NAME Tryton - Multiple Platforms Affected:MultipleRisk Level:lowCVE Type:XML entity expansion DESCRIPTION CVE-2022-26662 is a xml entity expansion vulnerability impacting multiple...
Apple macOS Monterey 12.3.1-CVE-2022-22674
NAME Apple - macOS Monterey Platforms Affected:macOS MontereyRisk Level:mediumCVE Type:Out-of-bounds read DESCRIPTION CVE-2022-22674 is an out-of-bounds read vulnerability impacting Apple...
Google Chrome version 97.0.4692.71-CVE-2022-0337
NAME Google - Chrome Platforms Affected:ChromeRisk Level:lowCVE Type:Inappropriate implementation DESCRIPTION CVE-2022-0337 is an inappropriate implementation vulnerability impacting Google Chrome versions...
Spring Framework code execution | CVE-2022-22965
NAME Spring Framework code execution Platforms Affected:Spring Spring Framework 5.2.2 Spring Spring Framework 5.3.0 Spring Spring Framework 5.3.1 Spring Spring...
Accusoft ImageGear code execution | CVE-2021-40398
NAME Accusoft ImageGear code execution Platforms Affected:Accusoft ImageGear 19.10Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Accusoft ImageGear could allow a remote...
Medical Hub Directory Site cross-site scripting |
NAME Medical Hub Directory Site cross-site scripting Platforms Affected:SourcecCodester Medical Hub Directory Site 1.0Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Medical Hub Directory...
Vim buffer overflow | CVE-2022-1154
NAME Vim buffer overflow Platforms Affected:Vim Vim 6.0 Vim Vim 6.3 Vim Vim 6.4 Vim Vim 7.1.298 Vim Vim 7.2b...
