CISA: 2023 CWE Top 25 Most Dangerous Software Weaknesses
2023 CWE Top 25 Most Dangerous Software Weaknesses The Homeland Security Systems Engineering and Development Institute, sponsored by the Department...
Security
CISA: DoS and DDoS Attacks against Multiple Sectors
DoS and DDoS Attacks against Multiple Sectors CISA is aware of open-source reporting of targeted denial-of-service (DoS) and distributed denial-of-service...
CISA: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities Progress Software has released a Service Pack to address three newly...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants
CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants Today, the Cybersecurity and Infrastructure Security Agency...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023....
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR
Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR Mozilla has released security advisories to address vulnerabilities in Thunderbird,...
Bropper – An Automatic Blind ROP Exploitation Tool
An automatic Blind ROP exploitation python tool Abstract BROP (Blind ROP) was a technique found by Andrew Bittau from Stanford...
Golddigger – Search Files For Gold
Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist...
ScrapPY – A Python Utility For Scraping Manuals, Documents, And Other Sensitive PDFs To Generate Wordlists That Can Be Utilized By Offensive Security Tools
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate targeted wordlists that can be...
Artemis – A Modular Web Reconnaissance Tool And Vulnerability Scanner
A modular web reconnaissance tool and vulnerability scanner based on Karton (https://github.com/CERT-Polska/karton). The Artemis project has been initiated by the...
Wanderer – An Open-Source Process Injection Enumeration Tool Written In C#
Wanderer is an open-source program that collects information about running processes. This information includes the integrity level, the presence of...
BugChecker – SoftICE-like Kernel Debugger For Windows 11
Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 (and Windows XP as well: it supports Windows...
Polaris – Validation Of Best Practices In Your Kubernetes Clusters
Polaris is an open source policy engine for Kubernetes Polaris is an open source policy engine for Kubernetes that validates...
Badsecrets – A Library For Detecting Known Secrets Across Many Web Frameworks
A pure python library for identifying the use of known or very weak cryptographic secrets across a variety of platforms....
SOC-Multitool – A Powerful And User-Friendly Browser Extension That Streamlines Investigations For Security Professionals
Introducing SOC Multi-tool, a free and open-source browser extension that makes investigations faster and more efficient. Now available on the...
CISA: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities Progress Software has released a Service Pack to address three newly...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Malware Analysis – banker – 3e7f87ff8fba7c78349284a6f4b9838b
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 3e7f87ff8fba7c78349284a6f4b9838bSHA1: 7d3f3b9cf7834b490f4ebfd7b714de5ba7ac67cbANALYSIS DATE: 2023-07-07T06:43:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – ransomware – 99a4a7145a78577d18ab6547210e5fec
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 99a4a7145a78577d18ab6547210e5fecSHA1: 20374dec61f839f1392bab96fc8e71f0e18ff334ANALYSIS DATE: 2023-07-07T06:25:15ZTTPS: T1005, T1081, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – e7e442f7f42d61cdebfddc801f4b03dc
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e7e442f7f42d61cdebfddc801f4b03dcSHA1: 3b16dbc84446cb30963b4886600b16b4cb545dd7ANALYSIS DATE: 2023-07-07T08:35:42ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – coper – 49f67ec7bcfd5d8b01c1fb92820481f5
Score: 10 MALWARE FAMILY: coperTAGS:family:coper, family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 49f67ec7bcfd5d8b01c1fb92820481f5SHA1: 19bf5e03023516b25bd2d0747773186911bdbf2fANALYSIS DATE: 2023-07-07T08:10:51ZTTPS: ScoreMeaningExample10Known badA malware family...
CISA: CISA Releases SCuBA TRA and eVRF Guidance Documents
CISA Releases SCuBA TRA and eVRF Guidance Documents CISA has released several documents as part of the Secure Cloud Business...
CISA: CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments
CISA and NSA Release Joint Guidance on Defending Continuous Integration/Continuous Delivery (CI/CD) Environments Today, CISA, together with the National Security...
