Lucene search
+L

638 matches found

Cvelist
Cvelist
added 2020/06/04 3:24 a.m.26 views

CVE-2020-10547

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.9AI score0.36114EPSS
Exploits1References2
CVE
CVE
added 2020/06/04 3:24 a.m.112 views

CVE-2020-10548

rConfig 3.9.4 and earlier are affected by unauthenticated SQL injection in devices.inc.php. Multiple sources (NVD, Nuclei template, OpenVAS, CNVD, Red Hat advisory) describe an SQL injection that can be exploited without authentication, with node passwords stored in plaintext by default, enabling...

9.8CVSS9.8AI score0.37325EPSS
In wildExploits1References2Affected Software1
Cvelist
Cvelist
added 2020/06/04 3:24 a.m.17 views

CVE-2020-10548

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices...

9.9AI score0.37325EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.21 views

CVE-2020-10546

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.46 views

CVE-2020-10548

rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at June 04, 202...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.19 views

CVE-2020-10547

rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: thegul...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
ATTACKERKB
ATTACKERKB
added 2020/06/04 12:0 a.m.26 views

CVE-2020-10549

rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at June 04, 20...

9.8CVSS4.1AI score0.99683EPSS
Exploits15References3
ThreatPost
ThreatPost
added 2020/06/03 8:51 p.m.54 views

Sophisticated Info-Stealer Targets Air-Gapped Devices via USB

The Cycldek APT group has added a previously unknown malware dubbed USBCulprit to its arsenal, aimed at reaching air-gapped devices. Cycldek a.k.a. Goblin Panda, APT 27 and Conimes has been targeting governments in Southeast Asia since 2013, according to analysis from Kaspersky, and has been...

0.2AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/05/29 7:58 p.m.51 views

Steganography Anchors Pinpoint Attacks on Industrial Targets

A targeted series of attacks on suppliers of equipment and software for industrial enterprises is playing out globally, researchers said, hinging on phishing and a steganography tactic to hide malware on public, legitimate image resources. According to Kaspersky ICS CERT, the attacks seem bent on...

7.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2020/05/28 3:59 p.m.37 views

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

A Java-based ransomware known as PonyFinal has galloped onto the scene, targeting enterprise systems management servers as an initial infection vector. According to a warning on Twitter from Microsoft Security Intelligence on Wednesday, PonyFinal is not an automated threat, but rather has humans...

0.2AI score
Exploits0References7
Kitploit
Kitploit
added 2020/05/07 12:30 p.m.66 views

HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host

This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM registry hives and once copied to the attacker machines provides an option to delete these files to clear the trace. Often, this i...

7.2AI score
Exploits0References3
ThreatPost
ThreatPost
added 2020/04/14 5:55 p.m.44 views

TA505 Crime Gang Deploys SDBbot for Corporate Network Takeover

The TA505 cybercrime group has ramped up its attacks lately, with a set of campaigns bent on spreading the persistent SDBbot remote-access trojan RAT laterally throughout an entire corporate environment, researchers said. SDBbot RAT is a custom job that has been observed in TA505 attacks since at...

0.1AI score
Exploits0References12
The Hacker News
The Hacker News
added 2020/04/14 1:52 p.m.5 views

Dell Releases A New Cybersecurity Utility To Detect BIOS Attacks

Computer manufacturing giant Dell has released a new security tool for its commercial customers that aims to protect their computers from stealthy and sophisticated cyberattacks involving the compromise of the BIOS. Dubbed 'SafeBIOS Events & Indicators of Attack' IoA, the new endpoint security...

5.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/04/02 4:0 p.m.194 views

Attack matrix for Kubernetes

Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their workloads to...

0.4AI score
Exploits0
FireEye
FireEye
added 2020/04/01 12:0 a.m.15 views

Kerberos Tickets on Linux Red Teams

At FireEye Mandiant, we conduct numerous red team engagements within Windows Active Directory environments. Consequently, we frequently encounter Linux systems integrated within Active Directory environments. Compromising an individual domain-joined Linux system can provide useful data on its own...

0.4AI score
Exploits0References10
FireEye
FireEye
added 2020/03/31 12:0 a.m.16 views

It’s Your Money and They Want It Now — The Cycle of Adversary Pursuit

When we discover new intrusions, we ask ourselves questions that will help us understand the totality of the activity set. How common is this activity? Is there anything unique or special about this malware or campaign? What is new and what is old in terms of TTPs or infrastructure? Is this being...

7.1AI score
Exploits0References5
Gitee
Gitee
added 2020/03/28 4:57 p.m.4 views

shadowbroker-1

This repository, fengzihk/shadowbroker-1, contains a collection of exploits and tools leaked by the Shadow Brokers, a group known for releasing sensitive information. The repository includes a README file that lists various exploits, such as EARLYSHOVEL, EBBISLAND, ECHOWRECKER, EASYBEE, and...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2020/03/27 9:0 p.m.220 views

Mssqlproxy - A Toolkit Aimed To Perform Lateral Movement In Restricted Environments Through A Compromised Microsoft SQL Server Via Socket Reuse

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. Please read this article carefully before continuing. It consists of three part...

7.9AI score
Exploits0References5
ThreatPost
ThreatPost
added 2020/03/06 9:50 p.m.85 views

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...

1.1AI score
Exploits0References15
ThreatPost
ThreatPost
added 2020/03/06 9:50 p.m.12 views

Next-Gen Ransomware Packs a 'Human' Punch, Microsoft Warns

Researchers are warning that “human operated” ransomware campaigns are growing more sophisticated, adopting new infection tactics and lateral movement techniques that traditional defense teams aren’t equipped to handle. Researchers said that “auto-spreading” ransomware – like WannaCry and NotPety...

1.1AI score
Exploits0References15
Rows per page
Query Builder