Share

RSS

More Articles…

• NIST Cybersecurity Framework
• “Left of boom” and “right of boom”: having a winning strategy
• Smishing: a fraud similar to phishing
• Network Traffic Analyzer: an extra gear for the Next Gen SIEM
• The importance of Cyber Threat Intelligence
• Red Team, Blue Team and Purple Team: what are the differences?
• Magecart attack: what it is and how to protect yourself
• 9 reasons why you should consider using a VPN

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (18)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (14)
• Security (14)
  • Cyber Threat Intelligence (CTI) (3)
  • Ethical Phishing (8)
  • SOCaaS (21)
    • SIEM (10)
    • SOAR (2)
    • UEBA (5)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

Dark Reading:

• New Normal Demands New Security Leadership Structure August 2, 2021
  At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.
• Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System August 2, 2021
  "PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.
• 8 Security Tools to be Unveiled at Black Hat USA July 28, 2021
  Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.
• Biden Administration Responds to Geopolitical Cyber Threats July 23, 2021
  In response to growing concerns regarding the recent uptick in large-scale, nation-state-backed ransomware attacks on critical infrastructure, the Biden administration is taking new action to tackle the evolving challenges posed by ransomware attacks.
• 7 Hot Cyber Threat Trends to Expect at Black Hat July 22, 2021
  A sneak peek of some of the main themes at Black Hat USA next month.
• Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack July 19, 2021
  Campbell Conroy & O'Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals.
• US Accuses China of Using Criminal Hackers in Cyber Espionage Operations July 19, 2021
  DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others.
• How Gaming Attack Data Aids Defenders Across Industries July 19, 2021
  Web application attacks against the video game industry quadrupled in 2020 compared to the previous year, but companies outside entertainment can learn from the data.
• NSO Group Spyware Used On Journalists & Activists Worldwide July 19, 2021
  An investigation finds Pegasus spyware, intended for use on criminals and terrorists, has been used in targeted campaigns against others around the world.
• When Ransomware Comes to (Your) Town July 19, 2021
  While steps for defending against a ransomware attack vary based on the size of the government entity and the resources available to each one, rooting out ransomware ultimately will come down to two things: system architecture and partnerships.

Full Disclosure

• Backdoor.Win32.Nbdd.bgz / Remote Stack Buffer Overflow July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6fab73bf104c6a9211b94f9559faa134.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Nbdd.bgz Vulnerability: Remote Stack Buffer Overflow Description: NetBot_Attacker VIP 5.9 on initial startup listens on port 8080 and on subsequent restarts port 80. Third-party attackers who can reach an infected system […]
• Backdoor.Win32.Bifrose.acci / Local Stack Buffer Overflow July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/611dbff0d68df777c6d6881e00440143.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.acci Vulnerability: Local Stack Buffer Overflow Description: Bifrost doesn't properly validate the IP address when importing Bifrost settings (.set) files. The IP address offset is located after a NULL byte which […]
• Backdoor.Win32.PsyRat.b / Remote Denial of Service July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130c_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Remote Denial of Service Description: The PsyRAT 1.02 malware listens by default on TCP port 9863. Third-party attackers who can reach infected systems can send a specially crafted command […]
• Backdoor.Win32.PsyRat.b / Unauthenticated Remote Command Execution July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/5817183894cb513239f6aef28895130c.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.PsyRat.b Vulnerability: Unauthenticated Remote Command Execution Description: The PsyRAT 1.02 malware listens by default on TCP port 9863, but can be changed when building backdoor servers. Third-party attackers who can reach...
• Backdoor.Win32.Agent.cu / Unauthenticated Remote Command Execution July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107_C.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP ports 10426, 56185. Third-party attackers who can reach infected systems can execute commands made available by the backdoor....
• Backdoor.Win32.Agent.cu / Port Bounce Scan (MITM) July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Port Bounce Scan (MITM) Description: The malware listens on TCP ports 10426, 56185, its FTP component accepts any username/password credentials. Third-party attackers who successfully logon can abuse the...
• Backdoor.Win32.Agent.cu / Authentication Bypass RCE July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ce1963d3fd6a8e1383aac40a1f1c4107.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Agent.cu Vulnerability: Authentication Bypass RCE Description: The malware listens on TCP ports 10426, 56185. Third-party attackers who can reach infected systems can logon using any username/password combination. Intruders may then...
• Backdoor.Win32.Mazben.me / Unauthenticated Open Proxy July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6681d5e4b68abd21a14c704edf9e2ff5.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Mazben.me Vulnerability: Unauthenticated Open Proxy Description: The malware listens on random TCP ports like 3515, 7936, 3972. Third-party attackers who can connect to the infected system can relay requests from the […]
• Backdoor.Win32.Hupigon.aaur / Unauthenticated Open Proxy July 27, 2021
  Posted by malvuln on Jul 26Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/16d598c01f7b391986c8c19eded005b1.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.aaur Vulnerability: Unauthenticated Open Proxy Description: The malware listens on TCP port 8080. Third-party attackers who can connect to the infected system can relay requests from the original connection to the...
• ATLASSIAN - CVE-2020-36239 - Jira Data Center and Jira Service Management Data Center July 27, 2021
  Posted by Atlassian on Jul 26This email refers to the advisory found at https://confluence.atlassian.com/adminjiraserver/jira-data-center-and-jira-service-management-data-center-security-advisory-2021-07-21-1063571388.html CVE ID: * CVE-2020-36239 Products: Jira Data Center, Jira Core Data Center, Jira Software Data Center, and Jira Service Management Data Center. Affected Versions - Jira Data Center, Jira Core Data Center, and Jira Software Data Center: 6.3.0