Lucene search
K

226 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/08/06 5:0 p.m.11 views

Details Matter: Pentesting a single device to guarantee security

Rapid7’s penetration testing services regularly assess internal networks of various sizes. For this particular engagement, however, Rapid7 was tasked with performing a penetration test of just one device on an internal network. The device was being piloted for future deployment and the customer h...

8.2AI score
Exploits0
CISA
CISA
added 2024/07/11 12:0 p.m.4 views

CISA Releases Advisory Detailing Red Team Activity During Assessment of US FCEB Organization, Highlighting Necessity of Defense-in-Depth

Today, CISA released CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth in coordination with the assessed organization. This Cybersecurity Advisory CSA details key findings and lessons learned from a 2023 assessment,...

6.9AI score
Exploits0References3
GithubExploit
GithubExploit
added 2024/07/02 2:51 a.m.1800 views

Exploit for Race Condition in Openbsd Openssh

OpenSSH CVE-2024-6387 Vulnerability Checker This Python script c...

9.3CVSS8.8AI score0.99506EPSS
Exploits68
ICS
ICS
added 2024/06/13 6:0 a.m.20 views

Rockwell Automation FactoryTalk View SE

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.2 ATTENTION : Exploitable remotely/Low attack complexity Vendor : Rockwell Automation Equipment : FactoryTalk View SE Vulnerability : Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an outside attacker...

8.2CVSS7.7AI score0.00498EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/05/06 12:0 a.m.5 views

PT-2024-3325

Name of the Vulnerable Software and Affected Versions DHCP affected versions not specified Description The issue is related to a lack of authentication in the DHCP protocol, specifically with the classless static route option 121. This allows an attacker to manipulate routes and potentially...

7.6CVSS7.2AI score0.04063EPSS
Exploits1References124
GithubExploit
GithubExploit
added 2024/04/13 11:55 a.m.379 views

Exploit for Improper Input Validation in Paloaltonetworks Pan-Os

This repo contains a script to set up the safe environment for e...

10CVSS9.9AI score0.99999EPSS
Exploits43
NVD
NVD
added 2024/04/04 7:15 p.m.23 views

CVE-2024-30252

Livemarks is a browser extension that provides RSS feed bookmark folders. Versions of Livemarks prior to 3.7 are vulnerable to cross-site request forgery. A malicious website may be able to coerce the extension to send an authenticated GET request to an arbitrary URL. An authenticated request is ...

2.6CVSS3.5AI score0.00263EPSS
Exploits0References5
CVE
CVE
added 2024/04/04 6:57 p.m.61 views

CVE-2024-30252

Livemarks up to version 3.7 is affected by a CSRF vulnerability where a malicious site can coerce the extension to perform an authenticated GET to an arbitrary URL via subscribe.js; this is possible because subscribe.html is a web_accessible_resource. The issue can compromise data integrity on pr...

2.6CVSS3.5AI score0.00263EPSS
Exploits0References5
Malwarebytes
Malwarebytes
added 2024/04/04 4:14 p.m.16 views

Jackson County hit by ransomware, declares state of emergency

On April 2, 2024, Jackson County tweeted that it had identified significant disruptions within its IT systems, "potentially attributable to a ransomware attack". Jackson County is one of 114 counties in Missouri, with a population of approximately 718,000 people, mostly in Kansas City. We have...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2024/03/28 12:0 a.m.4 views

PT-2024-23613 · Unknown · Zephyr Rtos

Name of the Vulnerable Software and Affected Versions: Zephyr RTOS versions prior to 3.6 Description: The issue allows a malicious BLE device to crash a BLE victim device by sending a malformed gatt packet. This can be exploited for local attacks. Network segmentation can help mitigate the risk...

6.8CVSS7.1AI score0.00469EPSS
Exploits1References6
CISA
CISA
added 2024/03/07 12:0 p.m.8 views

CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

Today, CISA and the National Security Agency NSA released five joint Cybersecurity Information Sheets CSIs to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environments. Use Secure Cloud Identity and Access Management Practices Use...

7AI score
Exploits0References7
Malwarebytes
Malwarebytes
added 2024/02/28 11:41 a.m.23 views

Change Healthcare outages reportedly caused by ransomware

On Wednesday February 21, 2024, Change Healthcare—a subsidiary of UnitedHealth Group—experienced serious system outages due to a cyberattack. In a Form 8-K filing the company said it: “identified a suspected nation-state associated cyber security threat actor had gained access to some of the Chan...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/05 9:59 p.m.13 views

Clorox counts the cost of cyberattack

Cleaning products maker Clorox has reported losses of $49 million in connection to a cyberattack it suffered in August of last year. On Monday, August 14, 2023, Clorox disclosed it had identified unauthorized activity on some of its IT systems. Despite a business continuity plan, the incident...

7.4AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2024/01/11 3:26 p.m.19 views

What Is Network Segmentation

Unearthing the Basics: Your Guide to Understanding Network Partitioning A fundamental tenet of network partitioning is its critical role in digital defense. But, what does this truly embody? If you were to break it down, network partitioning refers to an approach that segregates a digital system...

7.2AI score
Exploits0
Github Security Blog
Github Security Blog
added 2024/01/03 9:28 p.m.15 views

Withdrawn Advisory: Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users

Withdrawn Advisory This advisory has been withdrawn because the vulnerability affects a binary, not a library in a supported ecosystem. Therefore, users of the library should not receive alerts. This link is maintained to preserve external references. Original Description Impact An authenticated...

7AI score
Exploits0References4Affected Software1
Malwarebytes
Malwarebytes
added 2023/12/06 2:15 p.m.36 views

Adobe Coldfusion vulnerability used in attacks on government servers

The Cybersecurity and Infrastructure Security Agency CISA put out a Cybersecurity Advisory CSA to alert government agencies about cybercriminals using a vulnerability in Adobe Coldfusion to gain initial access to servers. Adobe ColdFusion is a platform for building and deploying web and mobile...

5CVSS8.2AI score0.97115EPSS
Exploits13
ICS
ICS
added 2023/12/05 12:0 p.m.71 views

Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers

Actions to take today to mitigate malicious cyber activity: 1. Prioritize remediating known exploited vulnerabilities. 2. Employ proper network segmentation. 3. Enable multifactor authentication MFA for all services to the extent possible, particularly for webmail, VPN, and accounts that access...

9.8CVSS8.8AI score0.97115EPSS
Exploits13References98
Wallarm Lab
Wallarm Lab
added 2023/10/30 7:46 p.m.20 views

What is a Cloud Workload Protection Platform ? (CWPP)

Diving into the Depths of Cloud Workload Defense Framework CWDF Mysteries Setting out to understand cloud security, one frequently encounters the term - Cloud Workload Defense Framework CWDF. What exact role does CWDF play? Let's decode this riddle. At its core, the Cloud Workload Defense Framewo...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/10/05 3:0 a.m.12 views

Sony was attacked by two ransomware operators

On September 25, newcomer ransomware group RansomedVC claimed to have successfully compromised the computer systems of entertainment giant Sony. Then, on October 4, news leaked that Sony had told current and former employees and their family members about another cybersecurity breach that exposed...

7.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/08/09 2:0 a.m.30 views

Cloudflare Tunnel increasingly abused by cybercriminals

Cloudflare Tunnel provides you with a secure way to connect your resources to Cloudflare without a publicly routable IP address. Cybercriminals are increasingly using this service to keep their activities from being detected. Cloudflare Tunnel, also known by its executable name, Cloudflared,...

7.3AI score
Exploits0
Rows per page
Query Builder