Zenbuster – Multi-threaded URL Enumeration/Brute-Forcing Tool
ZenBuster is a multi-threaded, multi-platform URL enumeration tool written in Python by Zach Griffin (@0xTas). I wrote this tool as...
JukinMedia – 314,290 breached accounts
In October 2021, the "global leader in user-generated entertainment" Jukin Media suffered a data breach. The breach exposed 13GB of...
How to use Home Assistant / NodeRed to set up Holiday Lights to fake your presence.
So you have a smart home, you have all the lights set up and running as you like but you...
Cobalt Stike Beacon Detected – 180[.]76[.]161[.]95:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]132[.]237[.]65:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]101[.]92[.]94:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security Affairs newsletter Round 374 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for...
APT groups target journalists and media organizations since 2021
Researchers from Proofpoint warn that various APT groups are targeting journalists and media organizations since 2021. Proofpoint researchers warn that...
Critical flaw in Netwrix Auditor application allows arbitrary code execution
A vulnerability in the Netwrix Auditor software can be exploited to execute arbitrary code on affected devices. Bishop Fox discovered...
HackerOne Bug Bounty Disclosure: can-use-the-reddit-android-app-as-usual-even-though-revoking-the-access-of-it-from-reddit-combysateeshn
Programme HackerOne Reddit Reddit Submitted by sateeshn sateeshn Report Can use the Reddit android app as usual even though revoking...
HIVE Ransomware Victim: Carrolls Irish Gifts
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA urges to fix multiple critical flaws in Juniper Networks products
CISA urges admins to apply recently released fixes in Juniper Networks products, including Junos Space, Contrail Networking and NorthStar Controller....
Threat actors exploit a flaw in Digium Phone Software to target VoIP servers
Threat actors are targeting VoIP servers by exploiting a vulnerability in Digium’s software to install a web shell, Palo Alto...
Kubeaudit – Tool To Audit Your Kubernetes Clusters Against Common Security Controls
kubeaudit is a command line tool and a Go package to audit Kubernetes clusters for various different security concerns, such...
Famm – 535,240 breached accounts
In late 2020, the Japanese family photos website Famm suffered a data breach that subsequently exposed 1.3M customer records, including...
Eskimi – 1,197,620 breached accounts
In late 2020, the AdTech platform Eskimi suffered a data breach that exposed 26M records with 1.2M unique email addresses....
Cobalt Stike Beacon Detected – 185[.]81[.]68[.]45:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]178[.]36[.]51:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]232[.]222[.]254:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Node.js html-live-player module code execution |
NAME Node.js html-live-player module code execution Platforms Affected:Node.js html-live-playerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js html-live-player module could allow a remote attacker...
Honeywell Alerton Ascent Control Module (ACM) code execution | CVE-2022-30244
NAME Honeywell Alerton Ascent Control Module (ACM) code execution Platforms Affected:Honeywell Alerton Ascent Control Module (ACM) 2022-05-04Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Node.js patrick-test2 module code execution |
NAME Node.js patrick-test2 module code execution Platforms Affected:Node.js patrick-test2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js patrick-test2 module could allow a remote attacker...
Siemens SCALANCE X Switch Devices brute force | CVE-2022-26647
NAME Siemens SCALANCE X Switch Devices brute force Platforms Affected:Siemens SCALANCE X200-4P IRT (6GK5200-4AH00- 2BA3) Siemens SCALANCE X200-4P IRT (6GK5200-4AH10-...
Schneider Electric Easergy P5 buffer overflow | CVE-2022-34756
NAME Schneider Electric Easergy P5 buffer overflow Platforms Affected:Schneider Electric Easergy P5 01.401.102Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Schneider Electric Easergy P5...
