Ransomware author releases decryption keys, says goodbye forever
If you’re unfortunate enough to be caught out by ransomware, the consequences can be devastating. You may be able to...
Threat actors compromised +500 Magento-based e-stores with e-skimmers
Experts uncovered a mass Magecart campaign that compromised over 500 e-store running the Magento 1 eCommerce platform. Researchers from cybersecurity...
A new Magecart campaign is making waves
Malwarebytes’ researchers are closely monitoring web skimmers and have noticed that one of the infamous Magecart groups is causing a...
Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents
The Uptycs threat research team has been observing an increase in utilization of regsvr32.exe heavily via various types of Microsoft...
How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit?
IPv6 became imperative after developers discovered that IPv4 had a finite number and addresses. How does an IPv6 Proxy work?...
LockBit 2.0 Ransomware Victim: COFRAP ESPAÑOLA SA
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Spyware, ransomware and Nation-state hacking: Q&A from a recent interview
I transcribed a recent interview, here some questions and answers about nation-state hacking, spyware, and cyber warfare. Enjoy” How has...
LDAP-Password-Hunter – Password Hunter In The LDAP Infamous Database
It happens that due to legacy services requirements or just bad security practices password are world-readable in the LDAP database...
Cobalt Stike Beacon Detected – 117[.]50[.]174[.]131:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]42[.]226[.]28:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]156[.]2[.]25:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]55[.]153[.]204:8989
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]132[.]108[.]254:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]233[.]163[.]246:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]198[.]77[.]140:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Critical RCE flaws in PHP Everywhere WordPress plugin affect thousands of sites
WordPress plugin PHP Everywhere is affected by three critical issues that can be exploited to execute arbitrary code on affected...
Drupal security advisory-CVE-2020-13671
NAME Drupal - Drupal Platforms Affected:DrupalRisk Level:lowCVE Type:Unrestricted file upload DESCRIPTION CVE-2020-13671 is an unrestricted file upload vulnerability impacting Drupal...
Symfony Twig code execution | CVE-2022-23614
NAME Symfony Twig code execution Platforms Affected:Symfony Twig 2.0.0 Symfony Twig 2.14.10 Symfony Twig 3.3.7 Symfony Twig 3.0.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...
Servisnet Tessa privilege escalaiton | CVE-2022-22832
NAME Servisnet Tessa privilege escalaiton Platforms Affected:Servisnet TessaRisk Level:8.8Exploitability:FunctionalConsequences:Gain Privileges DESCRIPTION Servisnet Tessa could allow a remote authenticated attacker to...
Link Plus one CSV+ cross-site scripting | CVE-2022-21241
NAME Link Plus one CSV+ cross-site scripting Platforms Affected:Link CSV+ by Plus oneRisk Level:7.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Link Plus one CSV+...
Microsoft SharePoint Server spoofing | CVE-2022-21987
NAME Microsoft SharePoint Server spoofing Platforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint Server...
H.H.G Multistore cross-site scripting | CVE-2021-46447
NAME H.H.G Multistore cross-site scripting Platforms Affected:H.H.G Multistore 5.1.0Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION H.H.G Multistore is vulnerable to cross-site scripting, caused...
Mozilla Firefox code execution | CVE-2022-22755
NAME Mozilla Firefox code execution Platforms Affected:Mozilla Firefox 96Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla Firefox could allow a remote attacker to...
D-Link DIR-878 command execution | CVE-2021-44882
NAME D-Link DIR-878 command execution Platforms Affected:D-Link DIR-878 FW1.30B08_Hotfix_02Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION D-Link DIR-878 could allow a remote attacker to...
