CISA: CISA Releases Advisory on Cyber Resilience for the HPH Sector
CISA Releases Advisory on Cyber Resilience for the HPH Sector Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights...
Month: January 2024
CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...
CISA: CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords
CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords Today, CISA published guidance on How Manufacturers Can Protect...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and...
CISA: CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool
CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool CISA has published the finalized Microsoft 365 Secure Configuration Baselines,...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These...
Brute Ratel C4 Detected – 2600:9000:201a:6800:1e:5e67:e400:21:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
CLZero – A Project For Fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors
A project for fuzzing HTTP/1.1 CL.0 Request Smuggling Attack Vectors. About Thank you to @albinowax, @defparam and @d3d else this...
KnowsMore – A Swiss Army Knife Tool For Pentesting Microsoft Active Directory (NTLM Hashes, BloodHound, NTDS And DCSync)
KnowsMore officially supports Python 3.8+. Main features Import NTLM Hashes from .ntds output txt file (generated by CrackMapExec or secretsdump.py)...
Metahub – An Automated Contextual Security Findings Enrichment And Impact Evaluation Tool For Vulnerability Management
MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management. You can use it with...
Blutter – Flutter Mobile Application Reverse Engineering Tool
Flutter Mobile Application Reverse Engineering Tool by Compiling Dart AOT Runtime Currently the application supports only Android libapp.so (arm64 only)....
ProcessStomping – A Variation Of ProcessOverwriting To Execute Shellcode On An Executable’S Section
A variation of ProcessOverwriting to execute shellcode on an executable's section What is it For a more detailed explanation you...
BestEdrOfTheMarket – Little AV/EDR Bypassing Lab For Training And Learning Purposes
Little AV/EDR Evasion Lab for training & learning purposes. (️ under construction..) ____ _ _____ ____ ____ ___ __ _____...
Pantheon – Insecure Camera Parser
Pantheon is a GUI application that allows users to display information regarding network cameras in various countries as well as...
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections
Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be...
New Terrapin Flaw Could Let Attackers Downgrade SSH Protocol Security
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could...
rtMedia plugin for WordPress, BuddyPress and bbPress code execution | CVE-2023-5939
NAME__________rtMedia plugin for WordPress, BuddyPress and bbPress code executionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________rtMedia plugin for WordPress, BuddyPress and bbPress could...
rtMedia plugin for WordPress, BuddyPress and bbPress for WordPress file upload | CVE-2023-5931
NAME__________rtMedia plugin for WordPress, BuddyPress and bbPress for WordPress file uploadPlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________rtMedia plugin for WordPress, BuddyPress and...
New JinxLoader Targeting Users with Formbook and XLoader Malware
A new Go-based malware loader called JinxLoader is being used by threat actors to deliver next-stage payloads such as Formbook...
Android Game Devs Google Drive Misconfig Highlights Cloud Security Risks
Japanese game developer Ateam has proven that a simple Google Drive configuration mistake can result in the potential but unlikely...
CISA: CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords
CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords Today, CISA published guidance on How Manufacturers Can Protect...
CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates
CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...
