Cobalt Stike Beacon Detected – 147[.]182[.]170[.]214:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]29[.]113[.]192:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]73[.]159[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign. If you like the site, please...
Oracle WebLogic Detection and Mitigation
We review 2020 and 2021 Oracle WebLogic vulnerabilities and how using a unified SaaS platform can help you detect and...
This Week in Security News – December 17, 2021
This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability...
Conti ransomware gang exploits Log4Shell bug in its operations
The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is...
VMware fixes critical SSRF flaw in Workspace ONE UEM Console
VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed...
CVE-2021-0675
Summary: In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could...
CVE-2021-0769
Summary: In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could...
CVE-2021-0799
Summary: In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation...
CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2021-0918
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2020-16156
Summary: CPAN 2.28 allows Signature Verification Bypass. Reference Links(if available): https://metacpan.org/pod/distribution/CPAN/scripts/cpan https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html CVSS Score (if available) v2: / MEDIUM...
Phorpiex botnet is back, in 2021 it $500K worth of crypto assets
Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half...
PseudoManuscrypt, a mysterious massive cyber espionage campaign
Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky...
PseudoManuscrypt: a mass-scale spyware attack campaign
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is...
Flaws in Lenovo laptops allow escalating to admin privileges
The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin...
CVE-2021-37604
Summary: In version 6.5 of our MiWi software and all previous versions including legacy products, there is a possibility of...
CVE-2021-37605
Summary: In version 6.5 of MiWi software and all previous versions including legacy products, the stack is validating only two...
CVE-2021-24945
Summary: The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in...
CVE-2021-41547
Summary: A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All...
CVE-2018-25021
Summary: The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows...
While attackers begin exploiting a second Log4j flaw, a third one emerges
Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web...
