SimuLand: Understand adversary tradecraft and improve detection strategies

At Microsoft, we continuously collaborate with customers and the InfoSec community to learn more about the latest adversary tradecraft so that we can improve our detection strategies across all our security services. Even though those detections are already built into our products, and protecting...

Protecting SAP applications with the new Azure Sentinel SAP threat monitoring solution

As one of the leading solution providers for applications that manage business processes, SAP is the custodian for massive amounts of sensitive data in many of the biggest organizations in the world. Since these applications are business-critical, an SAP security breach can be catastrophic. Yet,...

Protecting SAP applications with the new Azure Sentinel SAP threat monitoring solution

As one of the leading solution providers for applications that manage business processes, SAP is the custodian for massive amounts of sensitive data in many of the biggest organizations in the world. Since these applications are business-critical, an SAP security breach can be catastrophic. Yet,...

IBM Cloud Pak for Security Logic Vulnerability

IBM Cloud Pak for Security is an application from IBM America, Inc. An open security platform that connects to your existing data sources to generate deeper insights and enables you to take automated action faster. A logic vulnerability exists in IBM Cloud Pak for Security versions 1.4.0.0,...

The Coronavirus Pandemic Is Widening the Cybersecurity Skills Gap

While there are undoubtedly many major challenges within the world of cybersecurity, one of the principal roadblocks to the implementation of effective data security is the lack of skilled cybersecurity practitioners. In a November 2019 report, the International Information System Security...

CVE-2021-1732

creationtimestamp| type| source ---|---|--- 2021-02-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=550 2021-02-10 09:42:00+00:00| exploited| https://t.me/truesecator/1419 2021-02-15 11:00:19+00:00| seen| https://t.me/CyberSecurityTechnologies/2708 2021-02-19...

Manage, govern, and get more value out of your data with Azure Purview

Data is the currency of today’s economy. Data is being created faster than ever in more locations than organizations can track. In fact, IDC has predicted that global data will grow to more than 175 zettabytes by 2025. To put that into context, that’s 175 trillion 1GB USB drives. At the same time...

Grafana Cross-Site Scripting Vulnerability (CNVD-2020-59697)

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A cross-site scripting vulnerability exists in Grafana versions prior to 7.1.0-beta 1...

CVE-2017-11317

creationtimestamp| type| source ---|---|--- 2020-10-20 15:57:21+00:00| seen| MISP/42d04e94-bf5b-427d-acc8-f5d740675941 2020-10-20 15:58:04+00:00| seen| MISP/d925a2ee-e7cf-46f6-bec1-ad8e19122730 2020-10-20 18:32:21+00:00| seen|...

CVE-2020-25213

creationtimestamp| type| source ---|---|--- 2020-10-17 20:40:27+00:00| published-proof-of-concept| Telegram/J3Kzjmqj5pPlG74kxHdsiWLaPeG9AVF-vRkTJhPTnOPVg 2020-11-10 15:03:25+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wpfilemanagerrce.rb...

UBUNTU-CVE-2019-19499

Grafana = 6.4.3 has an Arbitrary File Read vulnerability, which could be exploited by an authenticated attacker that has privileges to modify the data source configurations...

FreeBSD : adns -- multiple vulnerabilities (08de38d2-e2d0-11ea-9538-0c9d925bbbc0)

Ian Jackson and the adns project reports : Vulnerable applications: all adns callers. Exploitable by: the local recursive resolver. Likely worst case: Remote code execution. Vulnerable applications: those that make SOA queries. Exploitable by: upstream DNS data sources. Likely worst case: DoS cra...

Description of the security update for SharePoint Server 2010: July 14, 2020

Description of the security update for SharePoint Server 2010: July 14, 2020 Note: After you install this update, the default setting for a trusted data source and trusted content locations in PerformancePoint Services will change from trust all to trust none. For more information, see KB 4571413...

SCANdalous! (External Detection Using Network Scan Data and Automation)

Real Quick In case you’re thrown by that fantastic title, our lawyers made us change the name of this project so we wouldn’t get sued. SCANdalous—a.k.a. Scannah Montana a.k.a. Scanny McScanface a.k.a. “Scan I Kick It? Yes You Scan”—had another name before today that, for legal reasons, we’re...

Making Azure Sentinel work for you

Microsoft Azure Sentinel is the first Security Incident and Event Management SIEM solution built into a major public cloud platform that delivers intelligent security analytics across enterprise environments and offers automatic scalability to meet changing needs. This new white paper outlines be...

Cloud Lookup (and Bypass)

This module can be useful if you need to test the security of your server and your website behind a solution Cloud based. By discovering the origin IP address of the targeted host. More precisely, this module uses multiple data sources in order ViewDNS.info, DNS enumeration and Censys to collect...

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data returning decrypted credentials

Summary IBM Watson Discovery for IBM Cloud Pak for Data returns decrypted credentials for data soruces in JSON response of internal API for processing settings. Vulnerability Details Third Party Entry: PSIRT-ADV0022492 DESCRIPTION: Created from Advisory: ADV0022492 CVSS Base score: 4.9 CVSS Vecto...

Information Disclosure

github.com/grafana/grafana is vulnerable to information disclosure. The attack is possible because it does not securely store the passwords for data sources, allowing a user with administrative privilege to disclose the passwords by pressing the "Save and test" button within a data source's...

DEBIAN-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

UBUNTU-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...