Gh-Dork – Github Dorking Tool
Supply a list of dorks and, optionally, one of the following: a user (-u) a file with a list of...
Six Apart Movable Type security update-CVE-2021-20837
NAME Six Apart - Movable Type Platforms Affected:Movable TypeRisk Level:highCVE Type:OS command injection DESCRIPTION CVE-2021-20837 is an OS command injection...
Metabase security update-CVE-2021-41277
NAME Metabase - Metabase Platforms Affected:MetabaseRisk Level:lowCVE Type:Improper input validation DESCRIPTION CVE-2021-41277 is an improper input validation vulnerability impacting Metabase...
SonicWall SMA security advisory-CVE-2021-20028
NAME SonicWall - Multiple Platforms Affected:MultipleRisk Level:highCVE Type:SQLi DESCRIPTION CVE-2021-20028 is a structured query language injection (SQLi) vulnerability impacting multiple...
Apple macOS Big Sur 11.6.3-CVE-2022-22587
NAME Apple - Multiple Platforms Affected:MultipleRisk Level:mediumCVE Type:Memory corruption DESCRIPTION CVE-2022-22587 is a memory corruption vulnerability impacting impacting Apple macOS...
Microsoft security update-CVE-2022-21882
NAME Microsoft - Windows Platforms Affected:WindowsRisk Level:mediumCVE Type:Privilege escalation DESCRIPTION CVE-2022-21882 is a privilege escalation vulnerability impacting multiple products and...
Popular apps left biometric data, IDs of millions of users in danger
Personal data belonging to millions of customers of large businesses have been exposed due to a flaw in Onfido IDV....
North Korea’s Lazarus APT leverages Windows Update client, GitHub in latest campaign
This blog was authored by Ankur Saini and Hossein Jazi Lazarus Group is one of the most sophisticated North Korean...
Microsoft mitigated a 3.47 Tbps DDoS attack, the largest one to date
Microsoft announced to have mitigated a record 3.47 Tbps distributed denial of service (DDoS) attack targeting an Azure customer. Microsoft announced that...
Lockbit ransomware gang claims to have hacked Ministry of Justice of France
A few hours ago Lockbit ransomware operators announced to have stolen data from Ministry of Justice of France. The Ministry...
CVE-2021-38694
Summary: SoftVibe SARABAN for INFOMA 1.1 allows SQL Injection. Reference Links(if available): https://orangeo.tech/post/2021/12/24/First-CVEs.html https://play.google.com/store/apps/details?id=th.co.softvibe.saraban&hl=en&gl=US CVSS Score (if available) v2: /...
CVE-2021-38696
Summary: SoftVibe SARABAN for INFOMA 1.1 has Incorrect Access Control vulnerability, that allows attackers to access signature files on the...
CVE-2021-46483
Summary: Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c. Reference Links(if available): https://github.com/pcmacdon/jsish/issues/62 CVSS...
CVE-2021-46482
Summary: Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c. Reference Links(if available): https://github.com/pcmacdon/jsish/issues/66 CVSS...
CVE-2021-41550
Summary: Leostream Connection Broker 9.0.40.17 allows administrator to upload and execute Perl code. Reference Links(if available): https://leostream.com/wp-content/uploads/2018/11/Leostream_release_notes.pdf https://www.leostream.com/resource/leostream-connection-broker-9-0/ CVSS Score...
A new highly evasive technique used to deliver the AsyncRAT Malware
Experts spotted a sophisticated malware campaign delivering the AsyncRAT trojan since September 2021. Researchers from Morphisec spotted a sophisticated phishing...
Ransomware gangs are recruiting breached individuals to persuade companies to pay up
You’ve heard about ransomware, where attackers lock up your files and demand a payment for the decryption key. You may...
Apple fixes Mac bug that could have allowed takeover of webcams and browser tabs
A researcher has picked up a $100,500 bounty from Apple after discovering a rather nasty method of gaining control of...
BloodyAD – An Active Directory Privilege Escalation Framework
BloodyAD is an Active Directory Privilege Escalation Framework, it can be used manually using bloodyAD.py or automatically by combining pathgen.py...
Cobalt Stike Beacon Detected – 121[.]5[.]254[.]251:50050
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]244[.]233:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]128[.]229[.]4:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]10[.]69:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]71[.]165[.]56:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
