Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches
Shadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these...
Month: September 2024
Cobalt Strike Beacon Detected – 120[.]46[.]149[.]112:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]109[.]20[.]145:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]239[.]242[.]141:2222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers
A new side-channel attack dubbed PIXHELL could be abused to target air-gapped computers by breaching the "audio gap" and exfiltrating...
Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments
The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate...
F5 Products Multiple Vulnerabilities
Multiple vulnerabilities were identified in F5 Products. A remote attacker could exploit some of these vulnerabilities to trigger denial of...
ChromeOS Multiple Vulnerabilities
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could exploit some of these vulnerabilities to trigger denial of service...
SonicWall Products Denial of Service Vulnerability
A vulnerability has been identified in Sonicwall Products. A remote user can exploit this vulnerability to trigger security restriction bypass and denial of...
CISA: Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717
Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-39717 Versa Networks has released an advisory for a vulnerability...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations Today, CISA—in partnership with the...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These...
CISA: CISA and Partners Release Advisory on RansomHub Ransomware
CISA and Partners Release Advisory on RansomHub Ransomware Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisory on September 5, 2024. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on September 3, 2024. These...
CISA: FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical Infrastructure
FBI, CISA, NSA, and US and International Partners Release Advisory on Russian Military Cyber Actors Targeting US and Global Critical...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Cobalt Strike Beacon Detected – 124[.]71[.]202[.]76:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 103[.]234[.]98[.]96:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of September 2, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
New RAMBO Attack Uses RAM Radio Signals to Steal Data from Air-Gapped Networks
A novel side-channel attack has been found to leverage radio signals emanated by a device's random access memory (RAM) as...
HackerOne Bug Bounty Disclosure: cross-site-scripting-reflected-alitoni
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:alitoni224Link to Submitters Profile:https://hackerone.com/alitoni224 Report Title:cross site scripting reflected Report Link:https://hackerone.com/reports/1496897Date...
