Intro to forensics in the cloud: A container was compromised. What’s next?

Learn what tools and data sources you need to use in cloud forensics investigation and how they come into practice in a real-life example...

Sorting Through Haystacks to Find CTI Needles

Clouded vision CTI systems are confronted with some major issues ranging from the size of the collection networks to their diversity, which ultimately influence the degree of confidence they can put on their signals. Are they fresh enough and sufficiently reliable to avoid any false positives or...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

CVE-2023-26360

creationtimestamp| type| source ---|---|--- 2023-03-15 07:54:44+00:00| exploited| https://t.me/kasperskyb2b/516 2023-03-16 06:41:59+00:00| exploited| https://t.me/KomunitiSiber/65 2023-03-16 06:47:18+00:00| exploited| https://t.me/thehackernews/3153 2023-04-04 15:51:44+00:00| seen|...

SUSE CVE-2017-1000032

Cross-Site scripting XSS vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the parentid parameter to tree.php and drpaction parameter to datasources.php...

SUSE CVE-2018-9258

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by preserving valid data sources...

SUSE CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

SUSE CVE-2022-39050

An attacker who is logged into OTRS as an admin user may manipulate customer URL field to store JavaScript code to be run later by any other agent when clicking the customer URL link. Then the stored JavaScript is executed in the context of OTRS. The same issue applies for the usage of external...

[SECURITY] Fedora 36 Update: opusfile-0.12-9.fc36

libopusfile provides a high-level API for decoding and seeking within .opus files. It includes: Support for all files with at least one Opus stream including multichannel files or Ogg files where Opus is muxed with something else. Full support, including seeking, for chained files. A simple stere...

IBM Cloud Pak for Security Information Disclosure Vulnerability (CNVD-2023-07678)

IBM Cloud Pak for Security is an application from International Business Machines IBM, Inc. an open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated actions faster.IBM Cloud Pak for Security CP4S versions 1.10.0.0 through...

[SECURITY] Fedora 37 Update: mingw-opusfile-0.12-9.fc37

libopusfile provides a high-level API for decoding and seeking within .opus files. It includes: Support for all files with at least one Opus stream including multichannel files or Ogg files where Opus is muxed with something else. Full support, including seeking, for chained files. A simple stere...

CVE-2022-41561

The CVE-2022-41561 issue affects the JNDI Data Sources component of TIBCO JasperReports Server and related editions, allowing a privileged attacker with network access to achieve Remote Code Execution and obtain a reverse shell on the affected system. Affected products/versions include JasperRepo...

CVE-2022-42856

creationtimestamp| type| source ---|---|--- 2022-12-13 19:34:15+00:00| exploited| https://t.me/alexmakus/4871 2022-12-14 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=933 2022-12-14 08:28:58+00:00| seen| https://t.me/itsecnews/1920 2022-12-14 15:50:08+00:00| exploited|...

CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

UBUNTU-CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

Design/Logic Flaw

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

CVE-2022-41561

The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS...

TIBCO Software Jaspersoft JasperReports Server 安全漏洞

TIBCO Software Jaspersoft JasperReports Server is a report generation tool from TIBCO Software, USA. The product supports PDF, HTML, XLS, CSV and XML file output formats. A security vulnerability exists in TIBCO Software Jaspersoft JasperReports Server, which stems from its JNDI Data Sources...