Daily Vulnerability Trends: Fri Aug 26 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27925Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives...
Month: August 2022
LastPass data breach: threat actors stole a portion of source code
Password management software firm LastPass has suffered a data breach, threat actors have stole source code and other data. Password...
HIVE Ransomware Victim: Altice International
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Cobalt Stike Beacon Detected – 45[.]204[.]1[.]25:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 176[.]113[.]83[.]83:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]178[.]41[.]176:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]55:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]13[.]63[.]137:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]181[.]54:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]37[.]173[.]172:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]227[.]252[.]236:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. If...
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that...
New Golang Ransomware Agenda Customizes Attacks
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and...
LastPass Security Alert Compromised Development Area
LastPass have released the below statement regarding a compromise to the development environment. Dear valued customer,We are writing to inform...
CISA: CISA Adds Ten Known Exploited Vulnerabilities to Catalog
CISA Adds Ten Known Exploited Vulnerabilities to Catalog CISA has added ten new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
Nobelium APT uses new Post-Compromise malware MagicWeb
Russia-linked APT group Nobelium is behind a new sophisticated post-exploitation malware tracked by Microsoft as MagicWeb. Microsoft security researchers discovered...
HackerOne Bug Bounty Disclosure: default-login-credentials-on-https://broadbandmaps-mtn-com-gh/bytheranger
Programme HackerOne MTN Group MTN Group Submitted by theranger theranger Report Default Login Credentials on https://broadbandmaps.mtn.com.gh/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: pause-based-desync-in-apache-httpdbyalbinowax
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by albinowax albinowax Report Pause-based desync in Apache HTTPD Full Report...
HackerOne Bug Bounty Disclosure: non-revoked-api-key-information-disclosure-via-stripo_report()bydeb0con
Programme HackerOne Stripo Inc Stripo Inc Submitted by deb0con deb0con Report Non-revoked API Key Information disclosure via Stripo_report() Full Report...
HackerOne Bug Bounty Disclosure: unauthorized-accessbymega7
Programme HackerOne GitLab GitLab Submitted by mega7 mega7 Report Unauthorized access Full Report A considerable amount of time and effort...
CISA: CISA releases 1 Industrial Control Systems Advisory
CISA releases 1 Industrial Control Systems Advisory CISA has released 1 Industrial Control Systems (ICS) advisory on August 25, 2022....
dBmonster – Track WiFi Devices With Their Recieved Signal Strength
With dBmonster you are able to scan for nearby WiFi devices and track them trough the signal strength (dBm) of...
Cobalt Stike Beacon Detected – 68[.]183[.]27[.]162:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
