Share

RSS

More Articles…

• The SOAR benefits: simplifying investigation and response
• Security Code Review: How the service works
• Integration of the automated response: the automations in SOCaaS
• Coordination between CTI and SOC: how to further raise the defenses
• New Cloud Server: redundant internet
• Quality certificate for the SOCaaS of SOD
• Managed Detection and Response: a new preventive approach
• CLUSIT: our collaboration for better services

Categories …

• Backup as a Service (17)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• ICT Monitoring (5)
• Log Management (2)
• News (21)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (15)
• Security (169)
  • Cyber Threat Intelligence (CTI) (6)
  • Ethical Phishing (8)
  • SOCaaS (54)
    • SIEM (12)
    • SOAR (5)
    • UEBA (9)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

Dark Reading

• Authentication Is Static, Yet Attackers Are Dynamic: Filling the Critical Gap May 20, 2022
  To succeed against dynamic cybercriminals, organizations must go multiple steps further and build a learning system that evolves over time to keep up with attacker tactics.
• New Open Source Project Brings Consistent Identity Access to Multicloud May 20, 2022
  Hexa and IDQL allows organizations using cloud platforms such as Microsoft Azure, Amazon Web Services, and Google Cloud Platform to apply consistent access policy across all applications, regardless of environment.
• More Than 1,000 Cybersecurity Career Pursuers Complete the (ISC)² Entry-Level Cybersecurity Certification Pilot Exam May 19, 2022
  New professional certification program establishes a pathway into the workforce for students and career changers by demonstrating their foundational knowledge, skills and abilities to employers.
• Deadbolt Ransomware Targeting QNAP NAS Devices May 19, 2022
  QNAP is urging customers of its NAS products to update QTS and avoid exposing the devices to the Internet.
• Pro-Russian Information Operations Escalate in Ukraine War May 19, 2022
  In the three months since the war started, Russian operatives and those allied with the nation's interests have unleashed a deluge of disinformation and fake news to try and sow fear and confusion in Ukraine, security vendor says.
• DoJ Won't Charge 'Good Faith' Security Researchers May 19, 2022
  Revised policy means security analysts won't be charged under the Computer Fraud and Abuse Act.
• Majority of Kubernetes API Servers Exposed to the Public Internet May 19, 2022
  Shadowserver Foundation researchers find 380,000 open Kubernetes API servers.
• Dig Exits Stealth With $11M for Cloud Data Detection and Response Solution May 19, 2022
  CrowdStrike and CyberArk invest in Dig's seed round, which was led by Team8, alongside Merlin Ventures and chairs of MongoDB and Exabeam.
• 6 Scary Tactics Used in Mobile App Attacks May 19, 2022
  Mobile attacks have been going on for many years, but the threat is rapidly evolving as more sophisticated malware families with novel features enter the scene.
• Phishing Attacks for Initial Access Surged 54% in Q1 May 19, 2022
  For the first time in a year, security incidents involving email compromises surpassed ransomware incidents, a new analysis shows.

Full Disclosure

• SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP® Application Server, ABAP and ABAP® Platform (Different Software Components) May 18, 2022
  Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 18SEC Consult Vulnerability Lab Security Advisory < 20220518-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: SAP® Application Server ABAP and ABAP® Platform (Different Software Components) vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security notes...
• PHPIPAM 1.4.4 - CVE-2021-46426 May 18, 2022
  Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-03/2022 ]========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents ]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability […]
• LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 May 18, 2022
  Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-12/2021 ]========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability...
• Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! May 18, 2022
  Posted by malvuln on May 18Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! https://www.youtube.com/watch?v=eg3l8a_HSSU
• github.com/malvuln/RansomDLLs / Catalog of current DLLs affecting vulnerable Ransomware strains. May 18, 2022
  Posted by malvuln on May 18Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I have used successfully to hijack and intercept vulnerable strains executing arbitrary code pre-encryption. https://github.com/malvuln/RansomDLLs
• APPLE-SA-2022-05-16-2 macOS Monterey 12.4 May 17, 2022
  Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-2 macOS Monterey 12.4 macOS Monterey 12.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213257. AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed […]
• APPLE-SA-2022-05-16-6 tvOS 15.5 May 17, 2022
  Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-6 tvOS 15.5 tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254. AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel […]
• APPLE-SA-2022-05-16-5 watchOS 8.6 May 17, 2022
  Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-5 watchOS 8.6 watchOS 8.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213253. AppleAVD Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free […]
• APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6 May 17, 2022
  Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6 macOS Big Sur 11.6.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213256. apache Available for: macOS Big Sur Impact: Multiple issues in apache Description: Multiple issues were addressed by updating apache to version 2.4.53. CVE-2021-44224 […]
• APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5 May 17, 2022
  Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5 iOS 15.5 and iPadOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213258. AppleAVD Available for: iPhone 6s and later, iPad Pro (all models), iPad Air 2 and later, iPad 5th generation and later, […]