Share

RSS

More Articles…

• Hadoop Open Data Model: “open” data collection
• Pass the Ticket: how to mitigate it with a SOCaaS
• Use cases of a SOCaaS for companies part 2
• Use cases of a SOCaaS for companies part 1
• NIST Cybersecurity Framework
• “Left of boom” and “right of boom”: having a winning strategy
• Smishing: a fraud similar to phishing
• Network Traffic Analyzer: an extra gear for the Next Gen SIEM

Categories …

• Backup as a Service (2)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (20)
• Conferenza Cloud (4)
• ICT Monitoring (4)
• Log Management (2)
• News (18)
• ownCloud (4)
• Privacy (7)
• Secure Online Desktop (14)
• Security (14)
  • Cyber Threat Intelligence (CTI) (3)
  • Ethical Phishing (8)
  • SOCaaS (24)
    • SIEM (10)
    • SOAR (2)
    • UEBA (7)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

Dark Reading

• China's Hackers Crack Devices at Tianfu Cup for $1.5M in Prizes October 15, 2021
  China's premier hackers will target web browsers, operating systems, mobile devices, and even a car at Tianfu Cup.
• Cisco Duo Trusted Access Report: More Than 50% of Companies Plan Passwordless Move October 15, 2021
  Multifactor authentications soar as enterprises move away from passwords to secure hybrid workers.
• How Attackers Hack Humans October 15, 2021
  Inside their motivations, how they go about it -- and what businesses can do about it, according to Counterintelligence Institute founder Peter Warmka.
• 'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks October 15, 2021
  Discovered during a recent incident response engagement, the malware avoids Russian computers and uses a single symmetric key for encrypting every compromised system.
• Evolution Equity Partners Close $400M for Cybersecurity Investments October 15, 2021
  The firm expands capital base, team, and platform addressing a rapidly growing cybersecurity investment opportunity.
• From Help Desk to Head of SOC: Building a Cybersecurity Career on Empathy and Candor October 15, 2021
  Why a passion for helping people is key to delivering effective cybersecurity solutions.
• How AI Can Stop Zero-Day Ransomware October 15, 2021
  Ransomware attacks are unpredictable. AI is better at figuring out what looks malicious and abnormal than humans will ever be.
• Enterprise Data Storage Environments Riddled With Vulnerabilities October 14, 2021
  Many organizations are not properly protecting their storage and backup systems from compromise, new study finds.
• Increased Security Spending to Support Distributed Workforce October 14, 2021
  Security leaders are deploying or actively considering cloud security, threat intel, and XDR technologies.
• Deepfence Announces Open Source Availability of ThreatMapper October 14, 2021
  Cloud native security observability platform seamlessly scans, maps, and ranks application vulnerabilities from development through critical production stage.

Full Disclosure

• [RT-SA-2021-001] Cross-Site Scripting in myfactory.FMS October 13, 2021
  Posted by RedTeam Pentesting GmbH on Oct 13Advisory: Cross-Site Scripting in myfactory.FMS During a penetration test, a reflected cross-site scripting vulnerability (XSS) was found in the myfactory.FMS login form. If a user opens an attacker-prepared link to the application, attackers can run arbitrary JavaScript code in the user's browser. Details ======= Product: myfactory.FMS Affected Versions:
• [Update]: Dahua Authentication bypass (CVE-2021-33044, CVE-2021-33045) October 6, 2021
  Posted by bashis on Oct 05[STX] Subject: [Update]: Dahua Authentication bypass (CVE-2021-33044, CVE-2021-33045) Attack vector: Remote Authentication: Anonymous (no credentials needed) Researcher: bashis (2021) Limited Disclosure: September 6, 2021 Full Disclosure: October 6, 2021 PoC: https://github.com/mcw0/DahuaConsole -=[Dahua]=- Advisory: https://www.dahuasecurity.com/support/cybersecurity/details/957 Firmware:...
• Backdoor.Win32.Prorat.lkt / Port Bounce Scan (MITM) October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/dec8f9042986d64e29d62effb482290b_B.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Prorat.lkt Vulnerability: Port Bounce Scan (MITM) Description: The ProSpy Server V1.9 malware runs an FTP component that listens on TCP port 2121. Third-party attackers who successfully logon can abuse the backdoor […]
• Backdoor.Win32.Prorat.lkt / Weak Hardcoded Password October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/dec8f9042986d64e29d62effb482290b.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Prorat.lkt Vulnerability: Weak Hardcoded Password Description: The ProSpy Server V1.9 malware runs an FTP component that listens on TCP port 2121. The FTP server requires authentication for remote user access. However, […]
• HackTool.Win32.Agent.gi / Local Stack Buffer Overflow (SEH) October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/e60606d19a36789662ba97b4bb5c4ccf.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: HackTool.Win32.Agent.gi Vulnerability: Local Stack Buffer Overflow (SEH) Description: The Hack Office 2000 malware doesnt check bounds when loading textfiles for the wordlist to perform website URL cracking. Loading a specially crafted […]
• Trojan-PSW.Win32.PdPinch.gen / Remote Denial of Service October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/0e4fbfeb6f7a98e437a497013b285ffc.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan-PSW.Win32.PdPinch.gen Vulnerability: Remote Denial of Service Description: The malware listens on TCP port 1212. Third-party attackers who can reach infected systems can send a specially crafted junk HTTP request to trigger […]
• Backdoor.Win32.Hupigon.gy / Unauthenticated Open Proxy October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/be74cbb86c007309d8004d910f5270f7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.gy Vulnerability: Unauthenticated Open Proxy Description: The malware listens on TCP ports 8080, 1080. Third-party attackers who can connect to the infected system can relay requests from the original connection to […]
• Backdoor.Win32.Bifrose.ahyg / Insecure Permissions October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/d6aff119c03ff378d386b30b36b07a69.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Bifrose.ahyg Vulnerability: Insecure Permissions Description: The malware creates an dir with insecure permissions under c:\ drive granting change (C) permissions to the authenticated user group. Standard users can rename the...
• HEUR.Trojan.Win32.Generic / Insecure Service Path October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/2e4b6c5bd907995f6fd40c5eeab5c6e9.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Generic Vulnerability: Insecure Service Path Description: The malware creates a service with an unquoted path. Third party attackers who can place an arbitrary executable under c:\ drive can potentially undermine the […]
• Backdoor.Win32.Yoddos.an / Insecure Service Path October 6, 2021
  Posted by malvuln on Oct 05Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/bf2417bf23a3b7ae2e44676882b4b9dd.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Yoddos.an Vulnerability: Insecure Service Path Description: The malware creates a service with an unquoted path. Third party attackers who can place an arbitrary executable under c:\ drive can potentially undermine the […]