Fish | Hunt Fl Security Vulnerabilities
Microsoft announces new solutions for threat intelligence and attack surface management
Uncover adversaries with new Microsoft Defender threat intelligence products The threat landscape is more sophisticated than ever and damages have soared—the Federal Bureau of Investigation's 2021 IC3 report found that the cost of cybercrime now totals more than USD6.9 billion.1 To counter these...
0.2AI Score
7.8CVSS
-0.4AI Score
0.001EPSS
...
9.8CVSS
-0.4AI Score
0.975EPSS
fl-y.com Cross Site Scripting vulnerability OBB-2815816
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
-0.1AI Score
Two client-side risks dominate the problems with data loss and data exfiltration: improperly placed trackers on websites and web applications and malicious client-side code pulled from third-party repositories like NPM. Client-side security researchers are finding that improperly placed trackers,.....
-0.1AI Score
9.8CVSS
-0.3AI Score
0.226EPSS
With global cybercrime costs expected to reach $10.5 trillion annually by 2025, it comes as little surprise that the risk of attack is companies' biggest concern globally. To help businesses uncover and fix the vulnerabilities and misconfigurations affecting their systems, there is an...
0.1AI Score
9.8CVSS
-0.3AI Score
0.975EPSS
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and...
AI Score
A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and...
AI Score
Insecure password leads to Mangatoon data breach
The hugely popular Manga comics platform Mangatoon has fallen victim to a data breach. No fewer than 23 million user accounts could be at risk, thanks to a poorly secured database. Worse still, Mangatoon doesn't seem to be responding to messages from the breacher, or people notifying it that the...
-0.4AI Score
Scanning for security.txt files
Introduction RFC 9116 was written by E. Foudil and Y. Shafranovich and left draft status in April 2022. This RFC formally defines the unofficial security.txt file that has been an unofficial standard for many years, initially created back in 2017 and documented at https://securitytxt.org/. The...
-0.4AI Score
The SessionManager IIS backdoor
Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules within IIS, a popular web server edited by Microsoft. And we didn't come back empty-handed… In 2021, we noticed a trend among several threat actors for deploying a...
0.7AI Score
Microsoft at RSA 2022: Envisioning the future of security
Like most of you, I was glad to see the 2022 RSA Conference return to its in-person roots after a two-year digital hiatus. This year’s event was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in...
-0.3AI Score
Microsoft at RSA 2022: Envisioning the future of security
Like most of you, I was glad to see the 2022 RSA Conference return to its in-person roots after a two-year digital hiatus. This year’s event was a great success, drawing 26,000 attendees to three days of cutting-edge security sessions, tutorials, seminars, and special events at Moscone Center in...
-0.3AI Score
New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators
Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using...
0.3AI Score
7.8CVSS
-0.3AI Score
0.076EPSS
Rapid7 is pleased to announce the release of Velociraptor version 0.6.5 – an advanced, open-source digital forensics and incident response (DFIR) tool that enhances visibility into your organization’s endpoints. This release has been in development and testing for several months now, and we are...
-0.3AI Score
Office 365 Config Loophole Opens OneDrive, SharePoint Data to Ransomware Attack
Researchers are warning attackers can abuse Microsoft Office 365 functionality to target files stored on SharePoint and OneDrive in ransomware attacks. Those files, stored via “auto-save” and backed-up in the cloud, typically leave end users with the impression data is shielded from a ransomware...
0.8AI Score
Malicious code in emoji-scavenger-hunt (npm)
-= Per source details. Do not edit below this line.=- Source: ghsa-malware (1eea9ce3ac136ab2fbd72f398588a5eec9104d217877b1fed180ddac1ec2fd15) Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
7AI Score
Hunt-Sleeping-Beacons - Aims To Identify Sleeping Beacons
The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process. To do so, I make use of the observation that beacons tend to call Sleep between their callbacks. A call to sleep sets the state of the thread to DelayExecution which is taken....
0.4AI Score
10CVSS
-0.3AI Score
0.976EPSS
9.8CVSS
10AI Score
0.975EPSS
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of...
9.8CVSS
-0.1AI Score
0.973EPSS
Exposing POLONIUM activity and infrastructure targeting Israeli organizations
Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM. The associated indicators and tactics were used by the OneDrive team to improve detection of...
9.8CVSS
-0.1AI Score
0.973EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
CVE-2022-30190 This Repository Talks about the Follina MSDT...
7.8CVSS
8.6AI Score
0.961EPSS
Exploit for Externally Controlled Reference to a Resource in Another Sphere in Microsoft
MSDT_CVE-2022-30190 This Repository Talks about the Follina...
7.8CVSS
8.6AI Score
0.961EPSS
EnemyBot Malware Targets Web Servers, CMS Tools and Android OS
A rapidly evolving IoT malware dubbed “EnemyBot” is targeting content management systems (CMS), web servers and Android devices. Threat actor group “Keksec” is believed behind the distribution of the malware, according to researchers. “Services such as VMware Workspace ONE, Adobe ColdFusion,...
10CVSS
0.6AI Score
0.976EPSS
IT threat evolution in Q1 2022 IT threat evolution in Q1 2022. Non-mobile statistics IT threat evolution in Q1 2022. Mobile statistics Targeted attacks MoonBounce: the dark side of UEFI firmware Late last year, we became aware of a UEFI firmware-level compromise through logs from our firmware...
-0.2AI Score
ChromeLoader targets Chrome Browser users with malicious ISO files
If you’re on the hunt for cracked software or games, be warned. Rogue ISO archive files are looking to infect your systems with ChromeLoader. If you think campaigns such as this only target Windows users, you’d sadly be very much mistaken. The attack sucks in several operating systems and even...
0.3AI Score
Are You in the 2.5% Who Meet This Cybersecurity Job Requirement?
Of course you’re special. (So are we.) But decades of research tells us humans believe they’re good multitaskers – and we are really, seriously not. It seems a measly 2.5% of us can multitask well. The rest of us are best when we focus on a single goal, allowing the left and right sides of our...
-0.4AI Score
Grafiki - Threat Hunting Tool About Sysmon And Graphs
Grafiki is a Django project about Sysmon and graphs, for the time being. In my opinion EventViewer, Elastic and even Kibana, are not graphic enough. The current threats are complicated and if attackers think in graphs, defenders also must do it. This is a proof of concept, the code was not...
-0.7AI Score
Fake Clickjacking Bug Bounty Reports: The Key Facts
Are you aware of fake clickjacking bug bounty reports? If not, you should be. This article will get you up to speed and help you to stay alert. What are clickjacking bug bounty reports? If we start by breaking up the term into its component parts, a bug bounty is a program offered by an...
-0.7AI Score
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes. Author: @bohops License: MIT Project: https://github.com/bohops/RogueAssemblyHunter Background .NET is a very powerful and capable development platform and runtime framework for building and...
0.1AI Score
AMD Gave Google Cloud Rare Access to Its Tech to Hunt Chip Flaws
By working together, the companies say they’re better able to find security flaws in Google Cloud’s Confidential Computing...
1AI Score
Microsoft security experts outline next steps after compromise recovery
Who is CRSP? The Microsoft Compromise Recovery Security Practice (CRSP) is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the.....
0.2AI Score
Microsoft security experts outline next steps after compromise recovery
Who is CRSP? The Microsoft Compromise Recovery Security Practice (CRSP) is a worldwide team of cybersecurity experts operating in most countries, across both public and private organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the.....
0.2AI Score
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Microsoft processes 24 trillion signals every 24 hours, and we have blocked billions of attacks in the last year alone. Microsoft Security tracks more than 35 unique ransomware families and 250 unique threat actors across observed nation-state, ransomware, and criminal activities. That depth of...
10CVSS
0.4AI Score
0.976EPSS
Building a safer world together with our partners—introducing Microsoft Security Experts
More threats—not enough defenders The security landscape has become increasingly challenging and complex for our customers. Threats have grown at an alarming rate over the last year, and cybercrime is now expected to cost the world USD10.5 trillion annually by 2025, up from USD3 trillion a decade.....
-0.1AI Score
Building a safer world together with our partners—introducing Microsoft Security Experts
More threats—not enough defenders The security landscape has become increasingly challenging and complex for our customers. Threats have grown at an alarming rate over the last year, and cybercrime is now expected to cost the world USD10.5 trillion annually by 2025, up from USD3 trillion a decade.....
-0.1AI Score
Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself
Microsoft processes 24 trillion signals every 24 hours, and we have blocked billions of attacks in the last year alone. Microsoft Security tracks more than 35 unique ransomware families and 250 unique threat actors across observed nation-state, ransomware, and criminal activities. That depth of...
10CVSS
0.4AI Score
0.976EPSS
Constrained environment breakout. .NET Assembly exfiltration via Internet Options
It’s not uncommon for developers to find that they need to help their end users. For starter, the business requirements for software can be highly convoluted and technical. Working with banking systems, insurance firms, actuarial services etc, most developers aren’t going to understand the process....
0.2AI Score
Unsung Security Superheroes: You’re Now Sung
**Get your copy of Rapid7’s first comic: XDR vs. Exploito. Available now! ** We’re all more connected than ever, and security practitioners keep everyone – governments, organizations, businesses, and 4.95 billion people – as safe as they can be. “XDR vs Exploito” isn’t “Dr. Strange and the...
-0.2AI Score
VHD Ransomware Linked to North Korea’s Lazarus Group
Cryptocurrency thief Lazarus Group appears to be widening its scope into using ransomware as a way to rip off financial institutions and other targets in the Asia-Pacific (APAC) region, researchers have found. Financial transactions and similarities to previous malware in its source code link a...
0.3AI Score
8.8CVSS
-0.3AI Score
0.002EPSS
HackerOne: Blind XSS in app.pullrequest.com/████████ via /reviews/ratings/{uuid}
Summary: Hi, While researching PullRequest yesterday, I saw some "review" endpoints in web archive of "app.pullrequest.com". (http://web.archive.org/cdx/search/cdx?url=app.pullrequest.com/*&output=text&fl=original&collapse=urlkey) One of them was...
-0.1AI Score
The Hermit Kingdom’s Ransomware Play
The Hermit Kingdom’s Ransomware play By Trellix · May 3, 2022 (With a special thanks to @ValidHorizon who helped and shared information) In February 2016, news broke about what is now known as the ‘Bangladesh Bank Heist’. Hackers attempted to transfer nearly one billion USD through the SWIFT...
7.6AI Score
The Hermit Kingdom’s Ransomware Play
The Hermit Kingdom’s Ransomware play By Trellix · May 3, 2022 (With a special thanks to @ValidHorizon who helped and shared information) In February 2016, news broke about what is now known as the ‘Bangladesh Bank Heist’. Hackers attempted to transfer nearly one billion USD through the SWIFT...
0.9AI Score
7.5CVSS
-0.3AI Score
0.001EPSS
9.8CVSS
-0.3AI Score
0.002EPSS