Share

RSS

More Articles…

• From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company
• NIS: what it is and how it protects cybersecurity
• Advanced persistent threats (APTs): what they are and how to defend yourself
• Penetration Testing and MFA: A Dual Strategy to Maximize Security
• Penetration Testing: Where to Strike to Protect Your IT Network
• Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
• Why IT audit and log management are important for Cybersecurity
• Red Team, Blue Team and Purple Team: what are the differences?

Categories …

• Backup as a Service (18)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• Cyberfero (15)
• ICT Monitoring (5)
• Log Management (2)
• News (25)
• ownCloud (4)
• Privacy (7)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Deception (4)
  • Ethical Phishing (11)
  • Netwrix Auditor (2)
  • Penetration Test (11)
  • Posture Guard (3)
  • SOCaaS (65)
    • EDR (3)
    • SIEM (13)
    • SOAR (5)
    • UEBA (10)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

darkreading

• Singapore Cybersecurity Update Puts Cloud Providers on Notice May 15, 2024
  The nation amends its Cybersecurity Act, giving its primary cybersecurity agency more power to regulate critical infrastructure and third parties, and requiring cyber incidents be reported.
• Microsoft Windows DWM Zero-Day Poised for Mass Exploit May 14, 2024
  CVE-2024-30051, under active exploit, is the most concerning out of this month's Patch Tuesday offerings, and already being abused by several QakBot actors.
• Unprotected Session Tokens Can Undermine FIDO2 Security May 14, 2024
  While the protocol has made passwordless authentication a reality, token-binding is key to prevent against token theft and reuse, security vendor says.
• As the FBI Closes In, Scattered Spider Attacks Finance, Insurance Orgs May 14, 2024
  Scattered Spider is as active as ever, despite authorities claiming that they're close to nailing its members.
• A Cost-Effective Encryption Strategy Starts With Key Management May 14, 2024
  Key management is more complex than ever. Your choices are: Rely on your cloud provider or manage keys locally; Encrypt only the most critical data; Or encrypt everything.
• Dangerous Google Chrome Zero-Day Allows Sandbox Escape May 14, 2024
  Exploit code is circulating for CVE-2024-4761, disclosed less than a week after a similar security vulnerability was disclosed as being used in the wild.
• DNS Tunneling Abuse Expands to Tracking & Scanning Victims May 14, 2024
  Several campaigns are leveraging the evasive tactic to provide useful insights into victims' online activities and find new ways to compromise organizations.
• There Is No Cyber Labor Shortage May 14, 2024
  There are plenty of valuable candidates on the market. Hiring managers are simply looking in the wrong places.
• Heartbleed: When Is It Good to Name a Vulnerability? May 13, 2024
  Ten years have passed since Heartbleed was first identified, but the security industry is still grappling with the question of branded vulnerabilities and naming vulnerabilities appropriately.
• 500 Victims In, Black Basta Reinvents With Novel Vishing Strategy May 13, 2024
  Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.

Full Disclosure

• SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAP® Cloud Connector May 14, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 14SEC Consult Vulnerability Lab Security Advisory < 20240513-0 > ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 (Portable and Installer) fixed version: 2.16.2 (Portable and Installer) CVE number: CVE-2024-25642 impact: high homepage:...
• TROJANSPY.WIN64.EMOTET.A / Arbitrary Code Execution May 14, 2024
  Posted by malvuln on May 14Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/f917c77f60c3c1ac6dbbadbf366ddd30.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: TrojanSpy.Win64.EMOTET.A Vulnerability: Arbitrary Code Execution Description: The malware looks for and executes a x64-bit "CRYPTBASE.dll" PE file in its current directory. Therefore, we can hijack the DLL and execute […]
• BACKDOOR.WIN32.ASYNCRAT / Arbitrary Code Execution May 14, 2024
  Posted by malvuln on May 14Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.AsyncRat Vulnerability: Arbitrary Code Execution Description: The malware looks for and executes a x32-bit "CRYPTSP.dll" PE file in its current directory. Therefore, we can hijack the DLL and execute […]
• Re: Panel.SmokeLoader / Cross Site Request Forgery (CSRF) May 14, 2024
  Posted by malvuln on May 14Updated and fixed a payload typo and added additional info regarding the stored persistent XSS see attached. Thanks, Malvuln Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Request Forgery (CSRF) - Persistent XSS […]
• Panel.SmokeLoader / Cross Site Request Forgery (CSRF) May 14, 2024
  Posted by malvuln on May 14Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Request Forgery (CSRF) Family: SmokeLoader Type: Web Panel MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php) SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743 Vuln...
• Panel.SmokeLoader C2 / Cross Site Scripting (XSS) May 14, 2024
  Posted by malvuln on May 14Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Panel.SmokeLoader Vulnerability: Cross Site Scripting (XSS) Family: SmokeLoader Type: Web Panel MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php) SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743 Vuln ID:...
• Panel.Amadey.d.c C2 / Cross Site Scripting (XSS) May 14, 2024
  Posted by malvuln on May 14Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/50467c891bf7de34d2d65fa93ab8b558.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Panel Amadey.d.c Vulnerability: Cross Site Scripting (XSS) Family: Amadey Type: Web Panel MD5: 50467c891bf7de34d2d65fa93ab8b558 (Login.php) SHA256: 65623eead2bcba66817861246e842386d712c38c5c5558e50eb49cffa2a1035d Vuln ID:...
• Re: RansomLord v3 / Anti-Ransomware Exploit Tool Released May 14, 2024
  Posted by malvuln on May 14Updated, fixed typo SHA256 : 810229C7E62D5EDDD3DA9FFA19D04A31D71F9C36D05B6A614FEF496E88656FF5
• RansomLord v3 / Anti-Ransomware Exploit Tool Released May 14, 2024
  Posted by malvuln on May 14Proof-of-concept tool that automates the creation of PE files, used to exploit Ransomware pre-encryption. Updated v3: https://github.com/malvuln/RansomLord/releases/tag/v3 Lang: C SHA256: 83f56d14671b912a9a68da2cd37607cac3e5b31560a6e30380e3c6bd093560f5 Video PoC (old v2): https://www.youtube.com/watch?v=_Ho0bpeJWqI RansomLord generated PE files are saved to disk in the x32 or x64 directories where the program is run from. Goal is to exploit...
• APPLE-SA-05-13-2024-8 tvOS 17.5 May 14, 2024
  Posted by Apple Product Security via Fulldisclosure on May 14APPLE-SA-05-13-2024-8 tvOS 17.5 tvOS 17.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT214102. Apple maintains a Security Releases page at https://support.apple.com/HT201222 which lists recent software updates with security advisories. AppleAVD Available for: Apple TV HD and Apple TV 4K (all […]