Share

RSS

More Articles…

• The SOAR benefits: simplifying investigation and response
• Security Code Review: How the service works
• Integration of the automated response: the automations in SOCaaS
• Coordination between CTI and SOC: how to further raise the defenses
• New Cloud Server: redundant internet
• Quality certificate for the SOCaaS of SOD
• Managed Detection and Response: a new preventive approach
• CLUSIT: our collaboration for better services

Categories …

• Backup as a Service (17)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• ICT Monitoring (5)
• Log Management (2)
• News (21)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (15)
• Security (170)
  • Cyber Threat Intelligence (CTI) (6)
  • Ethical Phishing (8)
  • SOCaaS (55)
    • SIEM (13)
    • SOAR (5)
    • UEBA (9)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

Dark Reading

• ICYMI: A Microsoft Warning, Follina, Atlassian, and More July 1, 2022
  Dark Reading's digest of the other don't-miss stories of the week, including YouTube account takeovers and a sad commentary on cyber-pro hopelessness.
• OpenSea NFT Marketplace Faces Insider Hack July 1, 2022
  OpenSea warns users that they are likely to be targeted in phishing attacks after a vendor employee accessed and downloaded its email list.
• Time Constraints Hamper Security Awareness Programs July 1, 2022
  Even as more attacks target humans, lack of dedicated staff, relevant skills, and time are making it harder to develop a security-aware and engaged workforce, SANS says.
• Criminals Use Deepfake Videos to Interview for Remote Work July 1, 2022
  The latest evolution in social engineering could put fraudsters in a position to commit insider threats.
• DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware July 1, 2022
  The hacktivist group is ramping up its activities and ready to assault governments and businesses with escalating capabilities.
• When It Comes to SBOMs, Do You Know the Ingredients in Your Ingredients? July 1, 2022
  Transitive dependencies can complicate the process of developing software bills of materials.
• Microsoft Going Big on Identity with the Launch of Entra July 1, 2022
  With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.
• Google: Hack-for-Hire Groups Present a Potent Threat June 30, 2022
  Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.
• 18 Zero-Days Exploited So Far in 2022 June 30, 2022
  It didn't have to be this way: So far 2022's tranche of zero-days shows too many variants of previously patched security bugs, according Google Project Zero.
• API Security Losses Total Billions, But It's Complicated June 30, 2022
  A recent analysis of breaches involving application programming interfaces (APIs) arrives at some eye-popping damage figures, but which companies are most affected, and in what ways?

Full Disclosure

• JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function July 1, 2022
  Posted by Eldar Marcussen on Jun 30JAHx221 - RCE in copy/pasted PHP compat libraries, json_decode function =============================================================================== Several PHP compatability libraries contain a potential remote code execution flaw in their `json_decode()` function based on having copy pasted existing vulnerable code. Identifiers --------------------------------------- * JAHx221 - http://www.justanotherhacker.com/advisories/JAHx221.txt...
• Backdoor.Win32.EvilGoat.b / Weak Hardcoded Credentials July 1, 2022
  Posted by malvuln on Jun 30Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/20daf01e941f966b21a7ae431faefc65.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.EvilGoat.b Vulnerability: Weak Hardcoded Credentials Description: The malware listens on TCP port 13014. Authentication is required, however the credentials "evilgoat / penix" are weak and found within the PE...
• Backdoor.Win32.Coredoor.10.a / Authentication Bypass July 1, 2022
  Posted by malvuln on Jun 30Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/49da40a2ac819103da9dc5ed10d08ddb.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Coredoor.10.a Vulnerability: Authentication Bypass Description: The malware runs an FTP server on TCP port 21000. Third-party attackers who can reach infected systems can logon using any username/password combination....
• Backdoor.Win32.Cafeini.b / Weak Hardcoded Credentials July 1, 2022
  Posted by malvuln on Jun 30Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/a8fc1b3f7a605dc06a319bf0e14ca68b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Cafeini.b Vulnerability: Weak Hardcoded Credentials Description: The malware listens on TCP ports 51966 and 23. Authentication is required, however the password "mama" is weak and found within the PE […]
• BigBlueButton - Stored XSS in username (CVE-2022-31064) July 1, 2022
  Posted by Rick Verdoes via Fulldisclosure on Jun 30CVE-2022-31064 - Stored Cross-Site Scripting in BigBlueButton. ========================= Exploit Title: Stored Cross-Site Scripting (XSS) in BigBlueButton Product: BigBlueButton Vendor: BigBlueButton Vulnerable Versions: 2.3,
• typeorm CVE-2022-33171 July 1, 2022
  Posted by lixts via Fulldisclosure on Jun 30typeorm CVE-2022-33171 findOne(id), findOneOrFail(id) The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOptions object. When input to the function is a user-controlled parsed JSON object, supplying a crafted FindOneOptions instead of an id string leads to SQL injection. The issue […]
• 🐞 CFP for Hardwear.io NL 2022 is OPEN! July 1, 2022
  Posted by Andrea Simonca on Jun 30*🐞 CFP for Hardwear.io NL 2022 is OPEN!* If you have groundbreaking embedded research or an awesome open-source tool you’d like to showcase before the global hardware security community, this is your chance. Send in your ideas on various hardware subjects, including but not limited to Chips, Processors, ICS/SCADA, […]
• [Extension: CPSIoTSec 2022] The Workshop on CPS&IoT Security and Privacy **Submission Deadline: July 25, 2022** July 1, 2022
  Posted by alcaraz on Jun 30[Apologies for cross-posting] -------------------------------------------------------------------------- C a l l F o r P a p e r s The Workshop on CPS&IoT Security and Privacy (CPSIoTSec 2022), in conjunction with the ACM Conference on Computer and Communications Security (ACM CCS) November 7-11, 2022, Los Angeles, U.S.A. https://cpsiotsec2022.github.io/cpsiotsec/...
• Backdoor.Win32.InfecDoor.17.c / Insecure Permissions June 28, 2022
  Posted by malvuln on Jun 27Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/1fd70e41918c3a75c634b1c234ec36fb.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.InfecDoor.17.c Vulnerability: Insecure Permissions Description: The malware writes a ".420" settings file type to c drive granting change (C) permissions to the authenticated user group. Standard users can...
• Trojan-Mailfinder.Win32.VB.p / Insecure Permissions June 28, 2022
  Posted by malvuln on Jun 27Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2022 Original source: https://malvuln.com/advisory/20e438d84aa2828826d52540d80bf7f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-Mailfinder.Win32.VB.p Vulnerability: Insecure Permissions Description: The malware writes a dir with multiple PE files to c drive granting change (C) permissions to the authenticated user group. Standard users can […]