Lucene search
K

193 matches found

Trellix
Trellix
added 2021/09/22 12:0 a.m.14 views

Detecting Credential Stealing Attacks Through Active In-Network Defense

ARCHIVED STORY Detecting Credential Stealing Attacks Through Active In-Network Defense By Trellix · September 22, 2021 This blog was written by Chintan Shah Executive Summary Today, enterprises tend to use multiple layers of security defenses, ranging from perimeter defense on network entry point...

8.6AI score
Exploits0
Kitploit
Kitploit
added 2021/09/17 8:30 p.m.55 views

Ntlm_Theft - A Tool For Generating Multiple Types Of NTLMv2 Hash Theft Files

A tool for generating multiple types of NTLMv2 hash theft files. ntlmtheft is an Open Source Python3 Tool that generates 21 different types of hash theft documents. These can be used for phishing when either the target allows smb traffic outside their network, or if you are already inside the...

7AI score
Exploits0References5
Rapid7 Blog
Rapid7 Blog
added 2021/09/01 1:11 p.m.76 views

New Rapid7 MDR Essentials Capability Sees What Attackers See: “It’s Eye-Opening”

The pandemic and remote work shattered your perimeter. Your attack surface has changed — and will keep changing. It’s our mission to help customers strengthen security defenses and stay ahead of evil. As the modern perimeter expands, new and old vulnerabilities emerge as open doors for attackers;...

4.3CVSS0.9AI score0.99999EPSS
Exploits10
ThreatPost
ThreatPost
added 2021/08/23 2:18 p.m.20 views

Managing Privileged Access for a Post-COVID Perimeter

For many, 2021 signifies a year of recovery, reflection and reimagining. After the whirlwind year of 2020, we witnessed all aspects and facets of our lives and businesses turn upside down as our communities and economies adapted to the disruptions of the COVID-19 pandemic. As we all know, the...

7.9AI score
Exploits0References4
ICS
ICS
added 2021/08/20 12:0 p.m.103 views

Top Routinely Exploited Vulnerabilities

Summary This Joint Cybersecurity Advisory was coauthored by the U.S. Cybersecurity and Infrastructure Security Agency CISA, the Australian Cyber Security Centre ACSC, the United Kingdom’s National Cyber Security Centre NCSC, and the U.S. Federal Bureau of Investigation FBI. This advisory provides...

10CVSS9.8AI score0.99999EPSS
Exploits499References181
Huntr
Huntr
added 2021/08/13 1:6 p.m.18 views

Server-Side Request Forgery (SSRF) in bookstackapp/bookstack

✍️ Description User with "Editor" rights can create a special book page containing tag with "src" property pointing to any external or internal resource. Exporting this page using default domPdf will result in firing request from server side. 🕵️‍♂️ Proof of Concept Updating page with malicious...

4CVSS0.1AI score0.008EPSS
Exploits1
ThreatPost
ThreatPost
added 2021/07/29 6:39 p.m.770 views

CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer

In a perfect world, CISA would laminate cards with the year’s top 30 vulnerabilities: You could whip it out and ask a business if they’ve bandaged these specific wounds before you hand over your cash. This is not a perfect world. There are no laminated vulnerability cards. But at least we have th...

10CVSS10AI score0.99999EPSS
Exploits330References19
ThreatPost
ThreatPost
added 2021/06/25 4:8 p.m.496 views

Cisco ASA Bug Now Actively Exploited as PoC Drops

Researchers have dropped a proof-of-concept PoC exploit on Twitter for a known cross-site scripting XSS vulnerability in the Cisco Adaptive Security Appliance ASA. The move comes as reports surface of in-the-wild exploitation of the bug. Researchers at Positive Technologies published the PoC for...

7.5CVSS7.5AI score0.99992EPSS
Exploits26References16
Rapid7 Blog
Rapid7 Blog
added 2021/06/23 6:50 p.m.61 views

CVE-2021-20025: SonicWall Email Security Appliance Backdoor Credential

The virtual, on-premises version of the SonicWall Email Security Appliance ships with an undocumented, static credential, which can be used by an attacker to gain root privileges on the device. This is an instance of CWE-798: Use of Hard-coded Credentials, and has an estimated CVSSv3 score of 9.1...

6.9CVSS1.1AI score0.00356EPSS
Exploits0
The Hacker News
The Hacker News
added 2021/05/26 4:57 a.m.156 views

Critical RCE Vulnerability Found in VMware vCenter Server — Patch Now!

VMware has rolled out patches to address a critical security vulnerability in vCenter Server that could be leveraged by an adversary to execute arbitrary code on the server. Tracked as CVE-2021-21985 CVSS score 9.8, the issue stems from a lack of input validation in the Virtual SAN vSAN Health...

10CVSS1AI score0.99999EPSS
Exploits58
Akamai Blog
Akamai Blog
added 2021/04/30 6:0 p.m.265 views

CISA Emergency Directive 21-03: VPN Vulnerabilities Actively Exploited

On April 20, 2021, the Department of Homeland Security Cybersecurity and Infrastructure Security Agency CISA released an alert on the exploitation of Pulse Connect Secure Vulnerabilities with Alert AA21-110A: Exploitation of Pulse Connect Secure Vulnerabilities, as well as Emergency Directive ED...

1.2AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/04/08 2:1 a.m.65 views

AM Live Vulnerability Management Conference Part 2: What was I talking about there

Hello all! It is the second part about AM Live Vulnerability Management conference. In the first part I made the timecodes for the 2 hours video in Russian. Here I have combined all my lines into one text. What is Vulnerability Management? Vulnerability Management process is the opposite of the...

0.2AI score
Exploits0
Information Security Automation
Information Security Automation
added 2021/04/04 2:33 a.m.81 views

AM Live Vulnerability Management Conference Part 1: Full video in Russian + Timecodes in English

Hello all! 2 weeks ago I participated in the best online event fully dedicated to Vulnerability Management in Russia. It was super fun and exciting. Thanks to all the colleagues and especially to Lev Paley for the great moderation! I have talked out completely. Everything I wanted and the way I...

6.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/03/31 4:0 p.m.49 views

Zero Trust: 7 adoption strategies from security leaders

Microsoft considers Zero Trust an essential component of any organization’s security plan. We have partnered with Cloud Security Alliance, a not-for-profit organization that promotes cloud computing best practices, to bring together executive security leaders to discuss and share insights about...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/06 7:42 p.m.155 views

Campari Site Suffers Ransomware Hangover

Italian spirits brand Campari has restored its company website following a recent ransomware attack. According to the ransom note, the group behind the breach used Ragnar Locker to encrypt most of Campari’s servers and was holding the data hostage for $15 million in Bitcoin. Campari Group is behi...

0.2AI score
Exploits0References11
ThreatPost
ThreatPost
added 2020/09/29 5:16 p.m.19 views

The Network Perimeter: This Time, It’s Personal

In the rear-view mirror of history, the state of cybersecurity will not take top billing away from the COVID-19 pandemic. However, the one has been significantly affected by the other, and only time will tell what the full fallout will be. The first six months of 2020 saw significant developments...

7.7AI score
Exploits0References3
Malwarebytes
Malwarebytes
added 2020/09/24 5:0 p.m.34 views

Sandbox in security: what is it, and how it relates to malware

To better understand modern malware detection methods, it’s a good idea to look at sandboxes. In cybersecurity, the use of sandboxes has gained a lot of traction over the last decade or so. With the plethora of new malware coming our way every day, security researchers needed something to test ne...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2020/09/04 12:30 p.m.82 views

SNIcat - Server Name Indication Concatenator

SNIcat is a proof of concept tool that performs data exfiltration, utilizing a covert channel method via. Server Name Indication , a TLS Client Hello Extension. The tool consists of an agent which resides on the compromised internal host, and a Command &Control Server which controls the agent and...

7.5AI score
Exploits0References2
Carbon Black Blog
Carbon Black Blog
added 2020/07/24 7:53 p.m.36 views

Fact vs. Fiction: 10 Endpoint Security Myths Debunked

Simply defined, endpoint security protects desktops, laptops, servers, and fixed-function devices from malicious internal and external threats. Endpoint security combines various threat detection, response and prevention technologies to help organizations disrupt cyberattacks. Despite the clear-c...

0.3AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2020/07/01 3:28 p.m.22 views

6 Best Practices to Fight a New Breed of Insider Threats

The current global pandemic has disrupted how organizations work. Some businesses quickly adapt while other organizations are still figuring out the new landscape. Unfortunately, criminals are exploiting vulnerabilities during this challenging time. There has been an 238% increase in cyberattacks...

0.3AI score
Exploits0
Rows per page
Query Builder