127 matches found
Exploit for CVE-2020-1472
ZeroLogon-CVE-2020-1472 Explicação e demonstração da vulnerabi...
Exploit for CVE-2020-1472
ZeroLogon testing script A Python script that uses the Impacket library to test vulnerability for the Zerologon exploit CVE-2020-1472. It attempts to perform the Netlogon authentication bypass. The script will immediately terminate when successfully performing the bypass, and not perform any...
Linux Distros Unpatched Vulnerability : CVE-2020-1472
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the...
CVE-2020-1472 affecting package samba for versions less than 4.18.3-1
CVE-2020-1472 affecting package samba for versions less than 4.18.3-1. An upgraded version of the package is available that resolves this issue...
CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub
The threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small- and medium-sized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously...
Netlogon Weak Cryptographic Authentication
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'windowserror' class MetasploitModule 'Netlogon Weak Cryptographic Authentication', 'Description' = %q A vulnerability exists within the Netlogon authentication...
CISA, FBI, and MS-ISAC Release Advisory on Rhysida Ransomware
Today, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Multi-State Information Sharing and Analysis Center MS-ISAC released a joint Cybersecurity Advisory CSA, StopRansomware: Rhysida Ransomware, to disseminate known Rhysida ransomware...
Attacks, Vulnerabilities and Actors 19 June to 25 June 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, taking advantage of seventeen different vulnerabilities ...
Cuba Ransomware Extorted Over $60 Million in Ransom Fees from More than 100 Entities
The threat actors behind Cuba aka COLDDRAW ransomware have received more than $60 million in ransom payments and compromised over 100 entities across the world as of August 2022. In a new advisory shared by the U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of...
Exploit for CVE-2020-1472
ZeroLogon CVE-2020-1472 C++ version. This tool directly re...
AlmaLinux 8 : samba (ALSA-2021:1647)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2021:1647 advisory. - An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, usin...
Mageia: Security Advisory (MGASA-2020-0380)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: samba security, bug fix and enhancement update
Updated samba packages that fix several bugs with added enhancement are now available for Red Hat Gluster Storage 3.5 on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...
Top CVEs Trending with Cybercriminals
Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures CVEs threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for. An analysis of such chatter, by Cognyte, examined 15 cybercrime forums...
Exploit for CVE-2020-1472
PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows authentication bypass. The exploit uses the Impacket library to test the vulnerability and attempt to perform a Netlogon authentication bypass. It targets the Netlogon service on a domain controller and sen...
SUSE: Security Advisory (SUSE-SU-2020:2722-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2730-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: samba security, bug fix, and enhancement update
Samba is an open-source implementation of the Server Message Block SMB protocol and the related Common Internet File System CIFS protocol, which allow PC-compatible machines to share files, printers, and various information. The following packages have been upgraded to a later upstream version:...
SUSE: Security Advisory (SUSE-SU-2020:2719-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:2721-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...