Operation TunnelSnake
Windows rootkits, especially those operating in kernel space, are pieces of malware infamous for their near absolute power in the...
Judge-Jury-and-Executable – A File System Forensics Analysis Scanner And Threat Hunting Tool
Features:Scan a mounted filesystem for threats right away Or gather a system baseline before an incident, for extra threat hunting...
Priv2Admin – Exploitation Paths Allowing You To (Mis)Use The Windows Privileges To Elevate Your Rights Within The OS
The idea is to "translate" Windows OS privileges to a path leading to: administrator, integrity and/or confidentiality threat, availability threat,...
Chinese PLA Unit 61419 suspected to have purchased AVs for cyber-espionage
Chinese military unit PLA Unit 61419 is suspected to be involved in cyber-espionage campaigns against multiple antivirus companies. Researchers from...
A taste of the latest release of QakBot
A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since...
Cisco fixes critical flaws in SD-WAN vManage and HyperFlex HX software
Cisco fixed critical flaws in SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts, and executing commands...
CVE-2020-22000
Summary: HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited...
CVE-2020-21989
Summary: HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions...
CVE-2017-9438
Summary: libyara/re.c in the regexp module in YARA 3.5.0 allows remote attackers to cause a denial of service (stack consumption)...
CVE-2019-19648
Summary: In the macho_parse_file functionality in macho/macho.c of YARA 3.11.0, command_size may be inconsistent with the real size. A specially...
180+ OAuth 2.0 cloud malware apps detected
Proofpoint offices in Toronto, Canada. (Raysonho @ Open Grid Scheduler / Scalable Grid Engine, CC0, via Wikimedia Commons)Researchers issued a...
Unidentified Cyberattackers Has Put Alaska Court System Offline
A recent cyberattack has forced The Alaska Court System (ACS) to temporarily discontinue its online services to the public including...
Threat Actors’ Dwell Time Reduced to 24 Days, FireEye Reports
FireEye, the intelligence-led security company, published the FireEye Mandiant M-Trends 2021 report. The FireEye-owned forensic specialist’s M-Trends 2021 report was...
The Russian Ministry of Internal Affairs began to identify serial cybercrimes with a special program
The press service of the Russian Ministry of Internal Affairs reported that employees of the department have been using a...
Scripps Health: The Non-Profit Healthcare Giant Hit by Cyberattack
According to many press reports and the San Diego Union-Tribune, the San Diego-based Scripps Health still tries to assemble certain...
N3TW0RM Ransomware: Emerges in Wave of Cyberattacks in Israel
In a surge of cyberattacks that began last week, a new ransomware group known as 'N3TW0RM' is targeting Israeli companies. N3TW0RM,...
KubeArmor – Container-aware Runtime Security Enforcement System
Introduction to KubeArmorKubeArmor is a container-aware runtime security enforcement system that restricts the behavior (such as process execution, file access,...
Botkube – An App That Helps You Monitor Your Kubernetes Cluster, Debug Critical Deployments And Gives Recommendations For Standard Practices
For complete documentation visit www.botkube.io BotKube integration with Slack, Mattermost or Microsoft Teams helps you monitor your Kubernetes cluster, debug...
UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware
A new cybercrime gang, tracked as UNC2529, has targeted many organizations in the US and other countries using new sophisticated...
Cyber Defense Magazine – May 2021 has arrived. Enjoy it!
Cyber Defense Magazine March 2021 Edition has arrived. We hope you enjoy this month’s edition…packed with over 90 pages of...
Experts found critical authentication bypass flaw in HPE Edgeline Infrastructure Manager
Researchers found a critical vulnerability in HPE Edgeline Infrastructure Manager that could be exploited by a remote attacker to bypass...
A massive DDoS knocked offline Belgian government websites
A massive distributed denial of service (DDoS) attack shut down Belgiums’ government websites, internal networks were also impacted. A massive...
Most of Exim email servers could be hacked by exploiting 21Nails flaws
The maintainers of the Exim email server software addressed a collection of 21 issues, dubbed 21Nails, that can allow attackers...
CVE-2020-7226
Summary: CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation...
