Lucene search
K

694 matches found

CNVD
CNVD
added 2018/06/05 12:0 a.m.1 views

RSA Web Threat Detection SQL Injection Vulnerability

EMC RSA Web Threat Detection is a big data and security analytics solution from EMC. The solution detects cybercrime using Web session intelligence and real-time behavioral analysis. An SQL injection vulnerability exists in the Administration and Forensics applications in EMC RSA Web Threat...

8.8CVSS8.2AI score0.01997EPSS
Exploits0References1
Metasploit
Metasploit
added 2018/05/28 1:39 p.m.79 views

IBM QRadar SIEM Unauthenticated Remote Code Execution

IBM QRadar SIEM has three vulnerabilities in the Forensics web application that when chained together allow an attacker to achieve unauthenticated remote code execution. The first stage bypasses authentication by fixating session cookies. The second stage uses those authenticated sessions cookies...

8.8CVSS0.4AI score0.56952EPSS
Exploits7
n0where
n0where
added 2018/05/24 6:52 p.m.25 views

Windows Packer Project for Defenders: DARKSURGEON

Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...

Exploits0References1
Richard Bejtlich's blog
Richard Bejtlich's blog
added 2018/05/15 6:20 p.m.41 views

Bejtlich Joining Splunk

Since posting Bejtlich Moves On I've been rebalancing work, family, and personal life. I invested in my martial arts interests, helped more with home duties, and consulted through TaoSecurity. Today I'm pleased to announce that, effective Monday May 21st 2018, I'm joining the Splunk team. I will ...

7AI score
Exploits0
n0where
n0where
added 2018/04/08 3:0 p.m.21 views

Network Security Monitoring: Security Onion

Network Security Monitoring NSM is, put simply, monitoring your network for security related events. It might be proactive, when used to identify vulnerabilities or expiring SSL certificates, or it might be reactive, such as in incident response and network forensics. Whether you’re tracking an...

7AI score
Exploits0References2
The Coalfire Blog
The Coalfire Blog
added 2018/04/04 6:23 p.m.11 views

Sleuthing the Cloud: The Challenges of Forensics in Cloud Environments

More and more companies are embracing Cloud computing for the practicality, efficiency, and economy of outsourcing the housing, maintenance, and monitoring of applications and their associated infrastructure to a third-party provider. As the Cloud becomes more the norm than the exception, there i...

1.9AI score
Exploits0
Kitploit
Kitploit
added 2018/04/03 8:39 p.m.21 views

GRR Rapid Response - Remote Live Forensics For Incident Response

GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR...

7.3AI score
Exploits0References1
Imperva Blog
Imperva Blog
added 2018/03/07 3:0 p.m.20 views

2018 Cyberthreat Defense Report: Where IT Security Is Going

What keeps you awake at night? We asked IT security professionals the same question and found that these issues are top of mind: malware and spear phishing, securing mobile devices, employee security awareness and new technologies that detect threats capable of bypassing traditional signature-bas...

6.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2018/02/20 7:30 p.m.78 views

Essays from 7 Experts on Moving to a Cloud-Based Endpoint Security Platform

Carbon Black recently published a series of essays about the experiences of experts in the field on information security as they moved their endpoint security program to the cloud; this is one of those essays. To read the full series check out 7 Experts on Moving to a Cloud-Based Endpoint Securit...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2018/02/18 1:22 p.m.16 views

PcapXray - A Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram

PcapXray is a Network Forensics Tool To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction. PcapXray Design Specification Goal: Given a Pcap File, plot a network diagram displaying hosts in the network,...

6.6AI score
Exploits0References1
Kitploit
Kitploit
added 2018/02/15 8:49 p.m.45 views

APTSimulator - A toolset to make a system look as if it was the victim of an APT attack

APT Simulator is a Windows Batch script that uses a set of tools and output files to make a system look as if it was compromised. Use Cases 1. POCs: Endpoint detection agents / compromise assessment tools 2. Test your security monitoring's detection capabilities 3. Test your SOCs response on a...

7.6AI score
Exploits0References8
Carbon Black Blog
Carbon Black Blog
added 2018/02/13 4:4 p.m.29 views

February 13, 2018 – Morning Cyber Coffee Headlines – “Abraham Lincoln” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! February 13, 2018 - Headlines Carbon Black in the News: MSSPs Wasting Time on...

6.7AI score
Exploits0
Kitploit
Kitploit
added 2018/01/21 1:10 p.m.20 views

SwishDbgExt - Incident Response & Digital Forensics Debugging Extension

SwishDbgExt is a Microsoft WinDbg debugging extension that expands the set of available commands by Microsoft WinDbg, but also fixes and improves existing commands. This extension has been developed by Matt Suiche @msuiche – feel free to reach out on [email protected] ask for more features,...

7.2AI score
Exploits0References2
Securelist
Securelist
added 2017/12/28 11:56 a.m.54 views

Happy IR in the New Year!

At the end of last year Mr. Jake Williams from aka @MalwareJake asked a very important question about Lack of visibility during detecting APT intrusions in twitter. Results show us that endpoint analysis is the most important part of any research connected with APTs. Also, for sure endpoint...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2017/12/11 12:51 p.m.23 views

Linux Expl0rer - Easy-To-Use Live Forensics Toolbox For Linux Endpoints

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask. Capabilities ps View full process list Inspect process memory map & fetch memory strings easly Dump process memory in one click Automaticly search hash in public services VirusTotal AlienVault OTX users users list...

7.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2017/11/15 1:29 a.m.11 views

Forever 21 Warns Shoppers of Payment Card Breach at Some Stores

Another day, another data breach. This time a fast-fashion retailer has fallen victim to payment card breach. American clothes retailer Forever 21 announced on Tuesday that the company had suffered a security breach that allowed unknown hackers to gain unauthorized access to data from payment car...

7.3AI score
Exploits0
Kitploit
Kitploit
added 2017/11/08 9:37 p.m.36 views

Parrot Security 3.9 - Security GNU/Linux Distribution Designed with Cloud Pentesting and IoT Security in Mind

Security GNU/Linux distribution designed with cloud pentesting and IoT security in mind. It includes a full portable laboratory for security and digital forensics experts, but it also includes all you need to develop your own softwares or protect your privacy with anonymity and crypto tools...

7.3AI score
Exploits0
CNVD
CNVD
added 2017/11/01 12:0 a.m.4 views

IBM QRadar SIEM and QRadar Incident Forensics Input Validation Vulnerabilities

IBM QRadar SIEM and QRadar Incident Forensics are both products of IBM USA. The former is a suite of solutions that utilize security intelligence to protect assets and information from advanced threats; the latter is a suite of security forensic investigation software. An input validation...

9CVSS8.9AI score0.02343EPSS
Exploits0References1
Kitploit
Kitploit
added 2017/10/11 9:30 p.m.32 views

psad - Intrusion Detection and Log Analysis with iptables

The Port Scan Attack Detector psad is a lightweight system daemon written in is designed to work with Linux iptables/ip6tables/firewalld firewalling code to detect suspicious traffic such as port scans and sweeps, backdoors, botnet command and control communications, and more. It features a set o...

7.8AI score
Exploits0References2
Kitploit
Kitploit
added 2017/10/10 2:13 p.m.79 views

OSXAuditor - Free Mac OS X Computer Forensics Tool

OS X Auditor is a free Mac OS X computer forensics tool. OS X Auditor parses and hashes the following artifacts on the running system or a copy of a system you want to analyze: the kernel extensions the system agents and daemons the third party's agents and daemons the old and deprecated system a...

6.8AI score
Exploits0References3
Rows per page
Query Builder