Security Affairs newsletter Round 350
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
hacking
Pay attention to Log4j attacks, Dutch National Cybersecurity Centre (NCSC) warns
The Dutch National Cybersecurity Centre (NCSC) warns organizations of risks associated with cyberattacks exploiting the Log4J vulnerability. The Dutch National...
Mandiant-Azure-AD-Investigator – PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity
This repository contains a PowerShell module for detecting artifacts that may be indicators of UNC2452 and other threat actor activity....
Vulnerabilities in Control Web Panel potentially expose Linux Servers to hack
Two critical security vulnerabilities in Control Web Panel potentially expose Linux servers to remote code execution attacks Researchers from Octagon Networks disclosed...
US Treasury Department sanctions 4 Ukrainian officials for working with Russian intelligence
The U.S. Treasury Department announced sanctions against four current and former Ukrainian government officials for collaborating with Russia. The U.S....
A bug in McAfee Agent allows running code with Windows SYSTEM privileges
McAfee addressed a security flaw in its McAfee Agent software for Windows that allows running arbitrary code with SYSTEM privileges. McAfee...
Experts warn of anomalous spyware campaigns targeting industrial firms
Researchers spotted several spyware campaigns targeting industrial enterprises to steal credentials and conduct financial fraud. Researchers from Kaspersky Lab have...
Google Project Zero discloses details of two Zoom zero-day flaws
Google Project Zero experts disclosed details of two zero-day flaws impacting Zoom clients and Multimedia Router (MMR) servers. Google Project Zero researchers...
MoonBounce UEFI implant spotted in a targeted APT41 attack
Researchers have spotted China-linked APT41 cyberespionage group using a UEFI implant, dubbed MoonBounce, to maintain persistence. Kaspersky researchers spotted the...
Conti ransomware gang started leaking files stolen from Bank Indonesia
The central bank of the Republic of Indonesia, Bank Indonesia, confirmed the ransomware attack that hit it in December. Bank...
Pwndora – Massive IPv4 Scanner, Find And Analyze Internet-Connected Devices In Minutes, Create Your Own IoT Search Engine At Home
Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading. Using sockets, it analyzes which ports are...
T-Reqs-HTTP-Fuzzer – A Grammar-Based HTTP Fuzzer
T-Reqs (Two Requests) is a grammar-based HTTP Fuzzer written as a part of the paper titled "T-Reqs: HTTP Request Smuggling...
Wireshark-Forensics-Plugin – A cross-platform Wireshark plugin that correlates network traffic data with threat intelligence, asset categorization & vulnerability data
Wireshark is the most widely used network traffic analyzer. It is an important tool for both live traffic analysis &...
Dep-Scan – Fully Open-Source Security Audit For Project Dependencies Based On Known Vulnerabilities And Advisories. Supports Both Local Repos And Container Images. Integrates With Various CI Environments Such As Azure Pipelines, CircleCI, Google CloudBuild
dep-scan is a fully open-source security audit tool for project dependencies based on known vulnerabilities, advisories and license limitations. Both...
SolarWinds Serv-U bug exploited for Log4j attacks
SolarWinds has fixed a Serv-U vulnerability that threat actors actively exploited to carry out Log4j attacks to internal devices on...
New DDoS IRC Bot distributed through Korean webHard platforms
Researchers spotted an IRC bot written in GoLang that is being used to carry out DDoS attacks targeting users in Korea. Researchers...
UK NCSC shares guidance for organizations to secure their communications with customers
UK NCSC has published new guidance for organizations to secure their communications with customers via SMS or phone calls. UK’s...
Http-Desync-Guardian – Analyze HTTP Requests To Minimize Risks Of HTTP Desync Attacks (Precursor For HTTP Request Smuggling/Splitting)
Overview HTTP/1.1 went through a long evolution since 1991 to 2014: HTTP/0.9 – 1991 HTTP/1.0 – 1996 HTTP/1.1 RFC 2068...
CISA warns of potential critical threats following attacks against Ukraine
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned organizations about “potential critical threats” following the recent cyberattacks that hit...
Box flaw allowed to bypass MFA and takeover accounts
A vulnerability in the implementation of multi-factor authentication (MFA) for Box allowed threat actors to take over accounts. A vulnerability...
Pip-Audit – Audits Python Environments And Dependency Trees For Known Vulnerabilities
pip-audit is a tool for scanning Python environments for packages with known vulnerabilities. It uses the Python Packaging Advisory Database...
Is White Rabbit ransomware linked to FIN8 financially motivated group?
A new ransomware gang named White Rabbit appeared in the threat landscape, experts believe it is linked to the FIN8...
AlphV/BlackCat ransomware gang published data stolen from fashion giant Moncler
Luxury fashion giant Moncler confirmed a data breach after a ransomware attack carried out by the AlphV/BlackCat. Moncler confirmed a data...
goCabrito – Super Organized And Flexible Script For Sending Phishing Campaigns
Super organized and flexible script for sending phishing campaigns. Features Sends to a single email Sends to lists of emails...
