Cobalt Stike Beacon Detected – 208[.]87[.]129[.]179:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]193[.]178[.]194:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]97[.]38[.]197:8096
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]70[.]24[.]145:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]95[.]207[.]72:2095
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]55[.]189[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]232[.]172[.]130:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New DDoS IRC Bot distributed through Korean webHard platforms
Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers...
UK NCSC shares guidance for organizations to secure their communications with customers
UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s...
Http-Desync-Guardian – Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks (Precursor For HTTP Request Smuggling/Splitting)
Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991 HTTP/1.0 – 1996 HTTP/1.1 RFC 2068...
CISA warns of potential critical threats following attacks against Ukraine
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit...
Browsers on iOS, iPadOS and Mac leak your browsing activity and personal identifiers
Researchers at FingerprintJS, a Chicago-based firm that specializes in online fraud prevention, have published a software bug introduced in Safari...
Mac users, update now! “Powerdir” flaw could allow attackers to spy on you
If you have been forgoing updating your Mac, this article might make you think twice. The Microsoft 365 Defender Research...
CVE-2022-21882
Summary: Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-21887. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21882 CVSS Score (if...
CVE-2022-21883
Summary: Windows IKE Extension Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-21843, CVE-2022-21848, CVE-2022-21889, CVE-2022-21890. Reference Links(if...
CVE-2021-1573
Summary: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
CVE-2022-21884
Summary: Local Security Authority Subsystem Service Elevation of Privilege Vulnerability. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-21884 CVSS Score (if available) v2: /...
CVE-2021-34704
Summary: A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense...
Campaign launched to delay social media end-to-end encryption
The many issues surrounding end-to-end encryption (E2EE) are ever-present. They usually spring up when something that could potentially affect the...
Box flaw allowed to bypass MFA and takeover accounts
A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability...
Open Subtitles – 6,783,158 breached accounts
In August 2021, the subtitling website Open Subtitles suffered a data breach and subsequent ransom demand. The breach exposed almost...
Upstox – 111,002 breached accounts
In April 2021, Indian brokerage firm Upstox suffered a data breach. The incident exposed extensive personal information on over 100k...
Pip-Audit – Audits Python Environments And Dependency Trees For Known Vulnerabilities
pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database...
Cybercriminals’ friend VPNLab.net shut down by law enforcement
Europol has announced that law enforcement has seized or disrupted the 15 servers that hosted VPNLab.net’s service, rendering it no...
