This Week in Security News – February 11, 2022
Hidden scams in malicious scans, and feds arrest couple who allegedly laundered $1 Billion in stolen bitcoins If you like...
Year: 2022
Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™
This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™....
CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog
The U.S. CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The...
Dive – A Tool For Exploring Each Layer In A Docker Image
A tool for exploring a docker image, layer contents, and discovering ways to shrink the size of your Docker/OCI image....
Apple addressed a third zero-day in 2022, which is actively exploited
Apple addressed a new WebKit zero-day affecting iOS, iPadOS, macOS, and Safari that may have been actively exploited in the wild. Apple...
Online Safety Bill will legally require porn sites to verify users’ age
When Ioannis Dekas, a father of four boys, found that one of his sons had access to pornography, he and...
TerraGoat – Vulnerable Terraform Infrastructure
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration...
Update now! Apple fixes actively exploited zero-day
Apple has released a security fix for a zero-day vulnerability (CVE-2022-22620) that it says “may have been actively exploited.” According...
Cobalt Stike Beacon Detected – 176[.]121[.]14[.]161:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]144[.]179[.]204:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 138[.]197[.]65[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]161[.]69:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]147[.]131:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]193[.]62[.]6:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 178[.]128[.]58[.]166:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]107[.]31[.]43:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]105[.]15[.]102:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]154[.]230:2095
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]248[.]165[.]135:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Apple Safari 15.3-CVE-2022-22620
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Use after free DESCRIPTION CVE-2022-22620 is a use after free vulnerability impacting Apple...
PHPMailer security update-CVE-2020-36326
NAME PHPMailer - PHPMailer Platforms Affected:PHPMailerRisk Level:lowCVE Type:Deserialization of untrusted data DESCRIPTION CVE-2020-36326 is a deserialization of untrusted data vulnerability...
Siemens SICAM TOOLBOX II security bypass | CVE-2021-45106
NAME Siemens SICAM TOOLBOX II security bypass Platforms Affected:Siemens SICAM TOOLBOX IIRisk Level:9.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SICAM TOOLBOX II could allow...
Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk security bypass | CVE-2022-22809
NAME Schneider Electric spaceLYnk, Wiser for KNX, fellerLYnk security bypass Platforms Affected:Schneider Electric spaceLYnk 2.6.2 Schneider Electric Wiser for KNX...
