10CVSS
-0.3AI Score
0.976EPSS
What the Log4Shell Bug Means for SMBs: Experts Weigh In
News of the Log4Shell vulnerability is everywhere, with security experts variously calling the Apache log4j logging library bug a recipe for an “internet meltdown,” as well as the “worst cybersecurity bug of the year.” Names like “Apple,” “Twitter” and “Cloudflare” are being bandied about as being....
10CVSS
-0.3AI Score
0.976EPSS
How to Buy Precious Patching Time as Log4j Exploits Fly
Sure, Apache got a patch out fast when the Log4j logging library vulnerability – aka Javageddon or “up there with Shellshock” – exploded last week. But emergency patches take days (best-case scenario) or weeks to install: plenty of time for attackers to do their worst. Which they lickety-split...
-0.4AI Score
10CVSS
-0.3AI Score
0.976EPSS
Where the Latest Log4Shell Attacks Are Coming From
Cybersecurity professionals across the world have been scrambling to shore up their systems against a critical remote code-execution (RCE) flaw (CVE-2021-44228) in the Apache Log4j tool, discovered just days ago. Now under active exploit, the “Log4Shell” bug allows complete server takeover....
10CVSS
0.1AI Score
0.976EPSS
Log4Shell Is Spawning Even Nastier Mutations
The internet has a fast-spreading, malignant cancer – otherwise known as the Apache Log4j logging library exploit – that’s been rapidly mutating and attracting swarms of attackers since it was publicly disclosed last week. Most of the attacks focus on cryptocurrency mining done on victims’ dimes,.....
10CVSS
-0.5AI Score
0.976EPSS
8.8CVSS
-0.4AI Score
0.967EPSS
10CVSS
-0.3AI Score
0.976EPSS
10CVSS
-0.3AI Score
0.976EPSS
Zero Day in Ubiquitous Apache Log4j Tool Under Active Attack
An excruciating, easily exploited flaw in the ubiquitous Java logging library Apache Log4j could allow unauthenticated remote code execution (RCE) and complete server takeover — and it’s being exploited in the wild. The flaw first turned up on sites that cater to users of the world’s favorite...
10CVSS
-0.4AI Score
0.976EPSS
Widespread Exploitation of Critical Remote Code Execution in Apache Log4j
Table of Contents Overview Affected versions Mitigation and detection guidance Rapid7 customers InsightVM and Nexpose InsightIDR and Managed Detection and Response Velociraptor tCell InsightCloudSec IntSights Attacks and campaigns External resources Updates Need...
10CVSS
0.2AI Score
0.976EPSS
Fake job interviews plague major game developers like Riot Games and Rockstar
If you’re job hunting at the moment, be on your guard. The pandemic is still around. Lots of people are in need of employment. Scammers are all too happy to string folks along with bogus employment offers, as is the case here. How have they managed to snare prospective job hunters? Riding on the...
0.9AI Score
Windows 10 Drive-By RCE Triggered by Default URI Handler
Researchers have discovered a drive-by remote code-execution (RCE) bug in Windows 10 via Internet Explorer 11/Edge Legacy – the EdgeHTML-based browser that’s currently the default browser on Windows 10 PCs – and Microsoft Teams. According to a report posted Tuesday by Positive Security, the...
8.8CVSS
-0.2AI Score
0.192EPSS
Windows 10 Drive-By RCE Triggered by Default URI Handler
Researchers have discovered a drive-by remote code-execution (RCE) bug in Windows 10 via Internet Explorer 11/Edge Legacy – the EdgeHTML-based browser that’s currently the default browser on Windows 10 PCs – and Microsoft Teams. According to a report posted Tuesday by Positive Security, the...
8.8CVSS
-0.2AI Score
0.192EPSS
Crawpy - Yet Another Content Discovery Tool
Yet another content discovery tool written in python. What makes this tool different than others: It is written to work asynchronously which allows reaching to maximum limits. So it is very fast. Calibration mode, applies filters on its own Has bunch of flags that helps you fuzz in detail...
-0.3AI Score
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense
Today's threat landscape is incredibly fast-paced. New campaigns surface all the time, and the amount of damage that they can cause is not always immediately apparent. Security operations centers (SOCs) must be equipped with the tools and insight to identify and resolve potentially high-impact...
0.6AI Score
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense
Today's threat landscape is incredibly fast-paced. New campaigns surface all the time, and the amount of damage that they can cause is not always immediately apparent. Security operations centers (SOCs) must be equipped with the tools and insight to identify and resolve potentially high-impact...
0.6AI Score
Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack
This is the third in a four-part __blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. __Microsoft’s four-part video series “Decoding NOBELIUM”.....
-0.5AI Score
Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack
This is the third in a four-part __blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. __Microsoft’s four-part video series “Decoding NOBELIUM”.....
-0.5AI Score
Panasonic's Data Breach Leaves Open Questions
Consumer electronics giant Panasonic’s data breach raises questions, researchers say – given that more than two weeks after the incident was discovered, it’s unclear if customers’ personal information has been impacted. On Friday, Panasonic confirmed that its “network was illegally accessed by a...
0.3AI Score
The End of the Cybersecurity Skills Crisis (Maybe?)
In just 4 years, you can learn to be fluent in Mandarin. In 2 years, NASA can get you through astronaut training. But the cybersecurity skills gap? It's dire and dead-stuck in its fifth straight year of zero progress. Globally, 3.5 million cybersecurity jobs remain unfilled, and of those...
6.6AI Score
New Updates to Guardicore Centra Boost Zero Trust Posture and Enhance Ransomware Protection
In our update to Guardicore Hunt see how you can enhance your ransomware protections as well as Zero...
1.2AI Score
Top 10 Cybersecurity Best Practices to Combat Ransomware
If you’re like most IT professionals, the threat of a ransomware attack might keep you up at night. And you have a valid reason to worry — ransomware doesn’t discriminate. Organizations across every industry, public or private, are potential victims, if they haven’t been victims already. In fact,.....
7.6AI Score
0.001EPSS
9CVSS
-0.4AI Score
0.971EPSS
The hunt for NOBELIUM, the most sophisticated nation-state attack in history
This is the second in a four-part __blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. _Microsoft’s four-part video series “Decoding...
6.8AI Score
The hunt for NOBELIUM, the most sophisticated nation-state attack in history
This is the second in a four-part __blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. _Microsoft’s four-part video series “Decoding...
6.8AI Score
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is...
7.5CVSS
0.001EPSS
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate...
4.8CVSS
5.1AI Score
0.001EPSS
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate...
4.8CVSS
0.001EPSS
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is...
7.5CVSS
7.6AI Score
0.001EPSS
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate...
4.8CVSS
5.1AI Score
0.001EPSS
CVE-2021-34598 Phoenix Contact: FL MGUARD lack of memory release in remote logging functionality
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 the remote logging functionality is impaired by the lack of memory release for data structures from syslog-ng when remote logging is...
7.5CVSS
7.8AI Score
0.001EPSS
CVE-2021-34582 Phoenix Contact: FL MGUARD XSS through web-based management and REST API
In Phoenix Contact FL MGUARD 1102 and 1105 in Versions 1.4.0, 1.4.1 and 1.5.0 a user with high privileges can inject HTML code (XSS) through web-based management or the REST API with a manipulated certificate...
4.8CVSS
5.4AI Score
0.001EPSS
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group...
9.6AI Score
0.975EPSS
Threat actor DEV-0322 exploiting ZOHO ManageEngine ADSelfService Plus
Microsoft has detected exploits being used to compromise systems running the ZOHO ManageEngine ADSelfService Plus software versions vulnerable to CVE-2021-40539 in a targeted campaign. Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to DEV-0322, a group...
9.6AI Score
0.975EPSS
Samba AD DC did not do suffienct access and
Description Samba as an Active Directory Domain Controller has to take care to protect a number of sensitive attributes, and to follow a security model from Active Directory that relies totally on the intersection of NT security descriptors and the underlying X.500 Directory Access Protocol (as...
8.8CVSS
-0.1AI Score
0.002EPSS
Hashdb-Ida - HashDB API Hash Lookup Plugin For IDA Pro
HashDB IDA Plugin Malware string hash lookup plugin for IDA Pro. This plugin connects to the OALABS HashDB Lookup Service. Adding New Hash Algorithms The hash algorithm database is open source and new algorithms can be added on GitHub here. Pull requests are mostly automated and as long as our...
6.9AI Score
7.1AI Score
7.1AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS