Citrix Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in Citrix Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
Month: January 2024
NCSC Builds New “Cyber League” Threat Tracking Community
One of the UK’s leading cybersecurity agencies has announced plans to convene a new group of industry experts who will...
Illicit Cryptocurrency Flows Drop 39% in 2023
The value of cryptocurrency flowing into illicit addresses in 2023 was nearly two-fifths lower than the figure a year previously,...
Iranian Phishing Campaign Targets Israel-Hamas War Experts
Iran-linked threat actors are targeting high-profile researchers working on the Israel-Hamas conflict via a sophisticated social engineering campaign, according to...
New Malware Campaign Exploits 9hits in Docker Assault
Security researchers have uncovered a novel cyber-attack campaign targeting vulnerable Docker services. The attacks mark the first documented case of...
TA866 Resurfaces in Targeted OneDrive Campaign
Cybersecurity researchers at Proofpoint have identified the resurgence of TA866 in email threat campaigns after a hiatus of nine months. Writing...
CISA: Incident Response Guide for the WWS Sector
Incident Response Guide for the WWS Sector Today, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency...
CISA: VMware Releases Security Advisory for Aria Operations
VMware Releases Security Advisory for Aria Operations VMware released a security advisory to address a vulnerability (CVE-2023-34063) in Aria Operations....
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on January 16, 2024. These...
CISA: Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway
Citrix Releases Security Updates for NetScaler ADC and NetScaler Gateway Citrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549)...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These...
CISA: Atlassian Releases Security Updates for Multiple Products
Atlassian Releases Security Updates for Multiple Products Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: Oracle Releases Critical Patch Update Advisory for January 2024
Oracle Releases Critical Patch Update Advisory for January 2024 Oracle released its Critical Patch Update Advisory for January 2024 to...
CISA: Drupal Releases Security Advisory for Drupal Core
Drupal Releases Security Advisory for Drupal Core Drupal released a security advisory to address a vulnerability affecting multiple Drupal core versions....
FalconHound – A Blue Team Multi-Tool. It Allows You To Utilize And Enhance The Power Of Blo odHound In A More Automated Fashion
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more...
New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic
Vulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner...
CISA: Atlassian Releases Security Updates for Multiple Products
Atlassian Releases Security Updates for Multiple Products Atlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions...
HackerOne Bug Bounty Disclosure: b-reflected-xss-on-https-travel-line-me-b-mheranco
Company Name: b'LY Corporation' Company HackerOne URL: https://hackerone.com/line Submitted By:b'mheranco'Link to Submitters Profile:https://hackerone.com/b'mheranco' Report Title:b'Reflected XSS on https://travel.line.me'Report Link:https://hackerone.com/reports/1880607Date Submitted:18...
HackerOne Bug Bounty Disclosure: b-open-redirect-in-user-saml-via-relaystate-parameter-b-ryotak
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Open redirect in user_saml via RelayState parameter'Report...
HackerOne Bug Bounty Disclosure: b-authentication-bypass-in-global-site-selector-allows-an-attacker-to-log-in-as-any-user-b-ryotak
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Authentication bypass in Global Site Selector allows...
HackerOne Bug Bounty Disclosure: b-self-xss-when-sending-html-as-a-comment-in-the-deck-app-b-hackit-bharat
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'hackit_bharat'Link to Submitters Profile:https://hackerone.com/b'hackit_bharat' Report Title:b'Self XSS when sending HTML as a...
HackerOne Bug Bounty Disclosure: b-non-admin-users-can-reset-app-allowlist-to-the-default-b-ryotak
Company Name: b'Nextcloud' Company HackerOne URL: https://hackerone.com/nextcloud Submitted By:b'ryotak'Link to Submitters Profile:https://hackerone.com/b'ryotak' Report Title:b'Non-admin users can reset app allowlist to...
