TerraGoat – Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration...
Update now! Apple fixes actively exploited zero-day
Apple has released a security fix for a zero-day vulnerability (CVE-2022-22620) that it says “may have been actively exploited.” According...
Cobalt Stike Beacon Detected – 176[.]121[.]14[.]161:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]144[.]179[.]204:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 138[.]197[.]65[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]69:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]147[.]131:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]193[.]62[.]6:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 178[.]128[.]58[.]166:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]107[.]31[.]43:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]105[.]15[.]102:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]154[.]230:2095
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]248[.]165[.]135:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Apple Safari 15.3-CVE-2022-22620
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Use after free DESCRIPTION CVE-2022-22620 is a use after free vulnerability impacting Apple...
PHPMailer security update-CVE-2020-36326
NAME PHPMailer - PHPMailer Platforms Affected:PHPMailerRisk Level:lowCVE Type:Deserialization of untrusted data DESCRIPTION CVE-2020-36326 is a deserialization of untrusted data vulnerability...
Siemens SICAM TOOLBOX II security bypass | CVE-2021-45106
NAME Siemens SICAM TOOLBOX II security bypass Platforms Affected:Siemens SICAM TOOLBOX IIRisk Level:9.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SICAM TOOLBOX II could allow...
Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk security bypass | CVE-2022-22809
NAME Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk security bypass Platforms Affected:Schneider Electric spaceLYnk 2.6.2 Schneider Electric Wiser for KNX...
Google Android privilege escalation | CVE-2021-39675
NAME Google Android privilege escalation Platforms Affected:Google Android 12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Google Android could allow a remote attacker to...
SAP NetWeaver, SAP Content Server and SAP Web Dispatcher HTTP request smuggling | CVE-2022-22536
NAME SAP NetWeaver, SAP Content Server and SAP Web Dispatcher HTTP request smuggling Platforms Affected:SAP Web Dispatcher WEBDISP 7.53 SAP...
Schneider Electric EcoStruxure EV Charging Expert unauthorized access | CVE-2022-22808
NAME Schneider Electric EcoStruxure EV Charging Expert unauthorized access Platforms Affected:Schneider Electric EcoStruxure EV Charging Expert HMIBSCEA53D1EDB Schneider Electric EcoStruxure...
Google Android security bypass | CVE-2021-30317
NAME Google Android security bypass Platforms Affected:Google AndroidRisk Level:9.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Google Android could allow a local attacker to bypass...
Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk cross-site request forgery | CVE-2022-22811
NAME Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk cross-site request forgery Platforms Affected:Schneider Electric spaceLYnk 2.6.2 Schneider Electric Wiser for...
Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk brute force | CVE-2022-22810
NAME Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk brute force Platforms Affected:Schneider Electric spaceLYnk 2.6.2 Schneider Electric Wiser for KNX...
