Lucene search
K

693 matches found

Securelist
Securelist
added 2023/03/30 10:0 a.m.23 views

Selecting the right MSSP: Guidelines for making an objective decision

Managed Security Service Providers MSSPs have become an increasingly popular choice for organizations nowadays following the trend to outsource security services. Meanwhile, with the growing number of MSSPs in the market, it can be difficult for organizations to determine which provider will fit ...

6.5AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2023/02/20 6:14 a.m.11 views

Finding forensics breadcrumbs in Android image storage

Introduction Our digital forensics work is wide and varied. Often there’s very little that we can talk about in the public domain, so when I find something that we can share I get a bit excited. In this post I’ll be talking about image scanning apps, and how to reverse engineer them to pinpoint...

6.5AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.3 views

SUSE CVE-2012-5619

The Sleuth Kit TSK 4.0.1 does not properly handle "." dotfile file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame...

2.1CVSS6.3AI score0.00353EPSS
Exploits0References3
CNVD
CNVD
added 2022/11/25 12:0 a.m.23 views

SolarWinds Security Event Manager Information Disclosure Vulnerability

SolarWinds Security Event Manager SolarWinds SEM is an American SolarWinds Inc. for forensics and troubleshooting, as well as a tool to help you manage log data. An information disclosure vulnerability exists in SolarWinds Security Event Manager versions prior to 2022.4, which stems from the...

5.3CVSS4.9AI score0.00651EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2022/11/10 3:18 p.m.10 views

An Untrustworthy TLS Certificate in Browsers

The major browsers natively trust a whole bunch of certificate authorities, and some of them are really sketchy: Googles Chrome, Apples Safari, nonprofit Firefox and others allow the company, TrustCor Systems, to act as whats known as a root certificate authority, a powerful spot in the internets...

2.8AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/10/04 3:3 p.m.20 views

Velociraptor Version 0.6.6: Multi-Tenant Mode and More Let You Dig Deeper at Scale Like Never Before

Rapid7 is excited to announce the release of version 0.6.6 of Velociraptor – an advanced, open-source digital forensics and incident response DFIR tool that enhances visibility into your organization’s endpoints. After several months of development and testing, we are excited to share its powerfu...

Exploits0
The Hacker News
The Hacker News
added 2022/09/20 9:21 a.m.66 views

Uber Blames LAPSUS$ Hacking Group for Recent Security Breach

Uber on Monday disclosed more details related to the security incident that happened last week, pinning the attack on a threat actor it believes is affiliated to the notorious LAPSUS$ hacking group. "This group typically uses similar techniques to target technology companies, and in 2022 alone ha...

7.5AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/09/08 1:45 p.m.19 views

VeloCON 2022: Digging Deeper Together!

September 15, 2022 | Live at 9 am EDT | Virtual and Free Join the open-source digital forensics and incident response DFIR community for a day-long, virtual summit as we DIG DEEPER TOGETHER! Have you ever wanted to share your passion and interest in Velociraptor with the rest of the community?...

0.5AI score
Exploits0
NVD
NVD
added 2022/09/06 11:15 p.m.34 views

CVE-2022-1522

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 3354 and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that show the password as having been changed when it is not, complicating forensics...

5.3CVSS0.00461EPSS
Exploits0References1
Prion
Prion
added 2022/09/06 11:15 p.m.16 views

Input validation

The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 3354 and prior is vulnerable to CWE-117: Improper Output Neutralization for Logs, which allows an attacker to create false logs that show the password as having been changed when it is not, complicating forensics...

5CVSS6.4AI score0.00461EPSS
Exploits0References1Affected Software1
The Hacker News
The Hacker News
added 2022/08/26 9:10 a.m.49 views

Hackers Breach LastPass Developer System to Steal Source Code

Password management service LastPass confirmed a security incident that resulted in the theft of certain source code and technical information. The security breach is said to have occurred two weeks ago, targeting its development environment. No customer data or encrypted passwords were accessed,...

1.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/12 9:0 p.m.13 views

Anti-tracking tool tells you if you're being followed

If there is one thing we know about the people around us, even the perfect strangers, it's that they almost all have smartphones. And those smartphones aren't merely passive receivers, they're broadcasting constantly, looking for things you might want to connect to. Advertisers have exploited the...

7.6AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/08/09 12:45 p.m.17 views

Twilio breached after social engineering attack on employees

Cloud-based communication platform provider Twilio has announced a breach via a social engineering attack on employees. On August 4, 2022, Twilio says it became aware of unauthorized access to information related to a limited number of Twilio customer accounts, through the social engineering atta...

7.2AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/06/24 2:11 p.m.16 views

Velociraptor Version 0.6.5: Table Transformations, Multi-Lingual Support, and Better VQL Error-Handling Let You Dig Deeper Than Ever

Rapid7 is pleased to announce the release of Velociraptor version 0.6.5 – an advanced, open-source digital forensics and incident response DFIR tool that enhances visibility into your organization’s endpoints. This release has been in development and testing for several months now, and we are...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2022/06/22 12:49 p.m.42 views

Gamification of Ethical Hacking and Hacking Esports

While ethical hacking is by no means a new or groundbreaking practice, the scale at which organizations and individuals are undertaking such initiatives continues to intensify, especially considering recent events such as the log4j vulnerability. Traditionally, ethical hacking is undertaken by...

7.3AI score
Exploits0References4
ThreatPost
ThreatPost
added 2022/06/07 1:25 p.m.33 views

Cyber Risk Retainers: Not Another Insurance Policy

The one-two punch of a cyberattack can be devastating. There is the breach and then the related mitigation costs. Implementing a comprehensive Incident Response IR gameplan into a worst-case-scenario should not be a post-breach scramble. And when that IR strategy includes insurance, it also must...

7.1AI score
Exploits0References2
Rapid7 Blog
Rapid7 Blog
added 2022/05/23 2:42 p.m.18 views

DFIR Without Limits: Moving Beyond the “Sucker's Choice” of Today’s Breach Response Services

Three-quarters of CEOs and their boards believe a major breach is “inevitable.” And those closest to the action? Like CISOs? They’re nearly unanimous. Gartner is right there, too. Their 2021 Market Guide for Digital Forensics and Incident Response DFIR Services recommends you “operate under the...

7.5AI score
Exploits0
OSV
OSV
added 2022/05/12 8:15 p.m.3 views

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

7.8CVSS7.1AI score0.04076EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2022/05/12 8:15 p.m.6 views

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

7.8CVSS7.1AI score0.04076EPSS
Exploits0References4
Cvelist
Cvelist
added 2022/05/12 7:23 p.m.36 views

CVE-2022-23742

Check Point Endpoint Security Client for Windows versions earlier than E86.40 copy files for forensics reports from a directory with low privileges. An attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links...

8.7AI score0.04076EPSS
Exploits0References2
Rows per page
Query Builder