Experts discovered a privilege escalation issue in popular Umbraco CMS
Experts discovered a vulnerability in the popular CMS Umbraco that could allow low privileged users to escalate privileges to “admin.”...
hacking
Experts found critical flaws in Rockwell FactoryTalk AssetCentre
Rockwell Automation has recently addressed nine critical vulnerabilities in its FactoryTalk AssetCentre product with the release of version v11. The...
UAC – Unix-like Artifacts Collector
UAC is a Live Response collection tool for Incident Response that makes use of built-in tools to automate the collection...
Maigret – OSINT Username Checker. Collect A Dossier On A Person By Username From A Huge Number Of Sites
The Commissioner Jules Maigret is a fictional French police detective, created by Georges Simenon. His investigation method is based on...
A Quick Look Into Cloud Security Posture Management (CSPM)
The cloud security solutions market is growing rapidly, and there are many types of solutions to support your specific business...
InsightIDR’s Log Search: Recent Enhancements and Upcoming Investments
Log data is critical to ensuring that you have full visibility into what’s going on across your environment. Alongside endpoint...
What’s New in InsightAppSec and tCell: Q1 2021 in Review
2021 is off and running! The big question on the corporate world’s mind is, of course, “What will work life...
2,5M+ users can check whether their data were exposed in Facebook data leak
You can check if your personal information is included in the Facebook data leak by querying the data breach notification...
33.4% of ICS computers hit by a cyber attack in H2 2020
H2 2020 – Kaspersky observed an increase in ransomware attacks on industrial control system (ICS) systems in developed countries. Cybersecurity...
Firmware attacks, a grey area in cybersecurity of organizations
A new report published by Microsoft revealed that 80% of global enterprises were victims of a firmware-focused cyberattack. Microsoft recently...
Watson – Enumerate Missing KBs And Suggest Exploits For Useful Privilege Escalation Vulnerabilities
Watson is a .NET tool designed to enumerate missing KBs and suggest exploits for Privilege Escalation vulnerabilities.Supported VersionsWindows 10 1507,...
SharpHound3 – C# Data Collector For The BloodHound Project
Get SharpHoundThe latest build of SharpHound will always be in the BloodHound repository here Compile InstructionsSharpHound is written using C#...
Malware attack on Applus blocked vehicle inspections in some US states
A malware attack against vehicle inspection services provider Applus Technologies paralyzed preventing vehicle inspections in eight US states. Applus Technologies...
Security Affairs newsletter Round 308
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs free for...
Clop Ransomware operators plunder US universities
Clop ransomware gang leaked online data stolen from Stanford Medicine, University of Maryland Baltimore, and the University of California. Clop...
Data of 533 million Facebook users leaked in a hacking forum for free
On April 3, a user has leaked the phone numbers and personal data of 533 million Facebook users in a...
DefenderCheck – Identifies The Bytes That Microsoft Defender Flags On
Quick tool to help make evasion work a little bit easier. Takes a binary as input and splits it until...
SharpGPOAbuse – Tool To Take Advantage Of A User’S Edit Rights On A Group Policy Object (GPO) In Order To Compromise The Objects That Are Controlled By That GPO
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights...
Capital One discovered more customers’ SSNs exposed in 2019 hack
More clients of Capital One have been impacted in the 2019 data breach, the US bank is notifying them of...
Activision warns of Call of Duty Cheat tool used to deliver RAT
The popular video game publisher Activision is warning gamers that threat actors are actively disguising a remote-access trojan (RAT) in...
Attackers are abusing GitHub infrastructure to mine cryptocurrency
The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation...
Evolution and rise of the Avaddon Ransomware-as-a-Service
The Avaddon ransomware operators updated their malware after security researchers released a public decryptor in February 2021. The Avaddon ransomware...
FBI and CISA are warning of APT actors targeting Fortinet FortiOS servers
FBI and CISA published a joint alert to warn of advanced persistent threat (APT) groups targeting Fortinet FortiOS to access networks...
TIM’s Red Team Research (RTR) team found 5 zero-day flaws in the CA eHealth Performance Manager product
Researchers from TIM’s Red Team Research discovered five new vulnerabilities affecting the CA eHealth Performance Manager product. Researchers from TIM’s...
