Share

RSS

More Articles…

• The threat of DDoS ransomware
• Procedural Security Analysis – Thank you for contacting us!
• Zombie phishing: beware of emails, it could be zombies
• Social engineering: how hackers scam their victims
• What is phishing? Understanding and identifying social engineering attacks
• Avoid Ransomware: That’s why it’s best not to take any risks
• Double extortion ransomware: What they are and how to defend yourself
• Zero-Day attack: what they are and how to defend yourself with SOCaaS

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (10)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (17)
• ownCloud (4)
• Privacy (6)
• Secure Online Desktop (14)
• Security (6)
  • Ethical Phishing (2)
  • SOCaaS (11)
    • SIEM (3)
    • UEBA (3)
  • Vulnerabilities (83)
• Web Hosting (13)

Tags

Dark Reading:

• Inside Strata's Plans to Solve the Cloud Identity Puzzle February 25, 2021
  Strata Identity was founded to change businesses' approach to identity management as multicloud environments become the norm.
• Microsoft Releases Free Tool for Hunting SolarWinds Malware February 25, 2021
  Meanwhile, researchers at SecurityScorecard say the "fileless" malware loader in the attack - Teardrop - actually dates back to 2017.
• North Korea's Lazarus Group Expands to Stealing Defense Secrets February 25, 2021
  Several gigabytes of sensitive data stolen from one restricted network, with organizations in more than 12 countries impacted, Kaspersky says.
• Ransomware, Phishing Will Remain Primary Risks in 2021 February 25, 2021
  Attackers have doubled down on ransomware and phishing -- with some tweaks -- while deepfakes and disinformation will become more major threats in the future, according to a trio of threat reports.
• Thousands of VMware Servers Exposed to Critical RCE Bug February 25, 2021
  Security experts report scanning activity targeting vulnerable vCenter servers after a researcher published proof-of-concept code.
• 5 Key Steps Schools Can Take to Defend Against Cyber Threats February 25, 2021
  Educational institutions have become prime targets, but there are things they can do to stay safer.
• How to Avoid Falling Victim to a SolarWinds-Style Attack February 25, 2021
  A multilayered, zero-trust security posture provides a better chance of fending off sophisticated supply chain attackers before it's too late.
• Cybercriminals Target QuickBooks Databases February 24, 2021
  Stolen financial files then get sold on the Dark Web, researchers say.
• New APT Group Targets Airline Industry & Immigration February 24, 2021
  LazyScript bears similarities to some Middle Eastern groups but appears to be a distinct operation of its own, Malwarebytes says.
• 61% of Malware Delivered via Cloud Apps: Report February 24, 2021
  Researchers report the majority of malware is now delivered via cloud applications - a jump from 48% last year.

Full Disclosure

• Backdoor.Win32.DarkKomet.irv / Insecure Permissions February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/a229acff4e0605ad24eaf3d9c44fdb1b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.DarkKomet.irv Vulnerability: Insecure Permissions Description: DarkKomet.irv creates an insecure dir named "Windupdt" under c:\ drive, granting change (C) permissions to authenticated user group. Standard users can rename...
• Trojan.Win32.Pluder.o / Insecure Permissions February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ee22eea131c0e00162e4ba370f396a00.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Pluder.o Vulnerability: Insecure Permissions Description: Creates an insecure dir named "z_Drivers" under c:\ drive, granting change (C) permissions to authenticated user group. Pluder.o also creates several registry key...
• Trojan.Win32.Pincav.cmfl / Insecure Permissions February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/9d296ebd6b4f79457fcc61e38dcce61e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Pincav.cmfl Vulnerability: Insecure Permissions Description: The trojan creates an insecure dir named "Windupdt" under c:\ drive, granting change (C) permissions to authenticated users group. Standard users can rename the...
• Trojan-Proxy.Win32.Daemonize.i / Remote Denial of Service February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/61bec9f22a5955e076e0d5ddf6232f3f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Proxy.Win32.Daemonize.i Vulnerability: Remote Denial of Service Description: Daemonize.i listens on TCP port 5823, sending some junk packets to the trojan results in invalid pointer read leading to an access violation and […]
• Backdoor.Win32.Ketch.h / Remote Stack Buffer Overflow (SEH) February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/63c55ad21e0771c7f9ca71ec3bfcea0f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Ketch.h Vulnerability: Remote Stack Buffer Overflow (SEH) Description: Ketch makes HTTP request to port 80 for a file named script.dat, after process the server response of 1,612 bytes or more it […]
• Backdoor.Win32.Inject.tyq / Insecure Permissions February 23, 2021
  Posted by malvuln on Feb 23Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/833868d3092bea833839a6b8ec196046.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Inject.tyq Vulnerability: Insecure Permissions Description: The backdoor creates an dir named "hotfix" under c:\ drive granting change (C) permissions to the authenticated user group. Type: PE32 MD5:...
• IBM(R) Db2(R) Windows client DLL Hijacking Vulnerability(0day) February 23, 2021
  Posted by houjingyi on Feb 23A few months ago I disclosed Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability I found : https://seclists.org/fulldisclosure/2020/Oct/16 In that post I mentioned "I will add more details 90 days after my report or a security bulletin available". Here it comes. NOTICE : This vulnerability seems did not get […]
• CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189) February 23, 2021
  Posted by David Coomber on Feb 23CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189)
• [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability February 20, 2021
  Posted by research on Feb 19-------------------------------------------------------------- docsify
• Backdoor.Win32.Bionet.10 / Anonymous Logon February 19, 2021
  Posted by malvuln on Feb 19Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/be559307f5cd055f123a637b1135c8d3.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bionet.10 Vulnerability: Anonymous Logon Description: The backdoor listens on TCP port 12348 and allows anonymous logon credentials to be used to access an infected host. Type: PE32 MD5: be559307f5cd055f123a637b1135c8d3 Vuln ID:...