North Korean Hackers Stole $600m in Crypto in 2023
North Korean hackers stole at least $600m in cryptocurrency in 2023, around a third of the total value of such...
Month: January 2024
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and...
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool
CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool CISA has published the finalized Microsoft 365 Secure Configuration Baselines,...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on January 4, 2024. These...
CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: Juniper Releases Security Advisory for Juniper Secure Analytics
Juniper Releases Security Advisory for Juniper Secure Analytics Juniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure...
Brute Ratel C4 Detected – 211[.]76[.]170[.]240:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of January 1, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
CATSploit – An Automated Penetration Testing Tool Using Cyber Attack Techniques Scoring
CATSploit is an automated penetration testing tool using Cyber Attack Techniques Scoring (CATS) method that can be used without pentester....
HackerOne Bug Bounty Disclosure: b-ghes-management-console-eop-editor-to-site-admin-b-imrerad
Company Name: b'GitHub' Company HackerOne URL: https://hackerone.com/github Submitted By:b'imrerad'Link to Submitters Profile:https://hackerone.com/b'imrerad' Report Title:b'GHES Management console EoP (editor to site...
HackerOne Bug Bounty Disclosure: b-view-repo-and-title-of-any-private-check-run-b-ahacker
Company Name: b'GitHub' Company HackerOne URL: https://hackerone.com/github Submitted By:b'ahacker1'Link to Submitters Profile:https://hackerone.com/b'ahacker1' Report Title:b'View Repo and Title of Any Private...
CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals
Threat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that's equipped...
Posh C2 Detected – 65[.]20[.]68[.]219:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Unifying Security Tech Beyond the Stack: Integrating SecOps with Managed Risk and Strategy
Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, "only 59%...
Webinar – Leverage Zero Trust Security to Minimize Your Attack Surface
Digital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming...
IBM CICS Transaction Gateway improper access controls | CVE-2023-47140
NAME__________IBM CICS Transaction Gateway improper access controlsPlatforms Affected:IBM CICS Transaction Gateway Containers 9.3Risk Level:4Exploitability:UnprovenConsequences:Configuration DESCRIPTION__________IBM CICS Transaction Gateway 9.3 could...
QEMU buffer overflow | CVE-2023-6693
NAME__________QEMU buffer overflowPlatforms Affected:Qemu QemuRisk Level:4.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QEMU is vulnerable to a stack-based buffer overflow, caused by improper bounds checking...
Samsung Email information disclosure | CVE-2024-20807
NAME__________Samsung Email information disclosurePlatforms Affected:Samsung EmailRisk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Samsung Email could allow a local attacker to obtain sensitive information, caused...