Month: August 2023

Phishing Spree Targets Zimbra Collaboration Account Holders

August 18, 2023

Cybersecurity researchers at ESET have exposed an ongoing mass-spreading phishing campaign that explicitly targets Zimbra Collaboration email server users. The...

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

August 18, 2023

Aqua Nautilus has uncovered critical vulnerabilities persisting within the PowerShell Gallery, resulting in a fertile ground for malicious actors to...

iMenu360 – 3,425,860 breached accounts

August 18, 2023

HIBP In approximately late 2022, 3.4M customer records from iMenu360 ("The world's #1 most trusted online ordering platform") were exposed....

NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security

August 18, 2023

A previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege...

CISA

CISA: CISA Releases Twelve Industrial Control Systems Advisories

August 18, 2023

CISA Releases Twelve Industrial Control Systems Advisories CISA released twelve Industrial Control Systems (ICS) advisories on August 10, 2023. These...

CISA

CISA: CISA Releases Two Industrial Control Systems Advisories

August 18, 2023

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 15, 2023. These...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

August 18, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: CISA Releases Two Industrial Control Systems Advisories

August 18, 2023

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These...

CISA

CISA: Fortinet Releases Security Update for FortiOS

August 18, 2023

Fortinet Releases Security Update for FortiOS Fortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A...

CISA

CISA: CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan

August 18, 2023

CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan Today, CISA released the Remote Monitoring and Management (RMM)...

CISA

CISA: CISA Releases Three Industrial Control Systems Advisories

August 18, 2023

CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These...

CISA

CISA: Cisco Releases Security Advisories for Multiple Products

August 18, 2023

Cisco Releases Security Advisories for Multiple Products Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber...

CISA

CISA: Atlassian Releases Security Update for Confluence Server and Data Center

August 18, 2023

Atlassian Releases Security Update for Confluence Server and Data Center Atlassian has released its security bulletin for August 2023 to...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

August 18, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

News

US-CERT Vulnerability Summary for the Week of August 7, 2023

August 17, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info phoenixcontact -- wp_6xxx_series In PHOENIX CONTACTs WP 6xxx series web panels...

f25bc7b7d2956093787e1741a5e802246e64d760612a15010ffe066882ead4c2

Columbus-Server – API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features

August 17, 2023

Columbus Project is an API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features. Columbus returned 638...

Month: August 2023

Phishing Spree Targets Zimbra Collaboration Account Holders

Critical Flaws in PowerShell Gallery Enable Malicious Exploits

iMenu360 – 3,425,860 breached accounts

NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security

CISA: CISA Releases Twelve Industrial Control Systems Advisories

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: Fortinet Releases Security Update for FortiOS

CISA: CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan

CISA: CISA Releases Three Industrial Control Systems Advisories

CISA: Cisco Releases Security Advisories for Multiple Products

CISA: Atlassian Releases Security Update for Confluence Server and Data Center

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

US-CERT Vulnerability Summary for the Week of August 7, 2023

Columbus-Server – API first subdomain discovery service, blazingly fast subdomain enumeration service with advanced features

Chaos – Origin IP Scanning Utility Developed With ChatGPT

NixImports – A .NET Malware Loader, Using API-Hashing To Evade Static Analysis

Xcrawl3R – A CLI Utility To Recursively Crawl Webpages

Trawler – PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms

Chimera – Automated DLL Sideloading Tool With EDR Evasion Capabilities

Redeye – A Tool Intended To Help You Manage Your Data During A Pentest Operation

HackBot – A Simple Cli Chatbot Having Llama2 As Its Backend Chat AI

InfoHound – An OSINT To Extract A Large Amount Of Data Given A Web Domain Name

Cobalt Strike Beacon Detected – 52[.]231[.]10[.]139:8080

Cobalt Strike Beacon Detected – 54[.]224[.]145[.]120:443

Cobalt Strike Beacon Detected – 118[.]193[.]37[.]157:8889

Cobalt Strike Beacon Detected – 103[.]225[.]196[.]197:80

Cobalt Strike Beacon Detected – 101[.]201[.]247[.]232:4433

You may have missed