Lucene search
+L

151 matches found

CISA
CISA
added 2021/11/19 12:0 a.m.75 views

Updated: APT Exploitation of ManageEngine ADSelfService Plus Vulnerability

The Federal Bureau of Investigation FBI, CISA, and Coast Guard Cyber Command CGCYBER have updated the Joint Cybersecurity Advisory CSA published on September 16, 2021, which details the active exploitation of an authentication bypass vulnerability CVE-2021-40539 in Zoho ManageEngine ADSelfService...

7.5CVSS9.3AI score0.9896EPSS
In wildExploits8References4
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/10/25 4:0 p.m.76 views

Microsoft Digital Defense Report shares new insights on nation-state attacks

Microsoft is proud to promote Cybersecurity Awareness Month as part of our ongoing commitment to security for all. Year-round, Microsoft tracks nation-state threat activities to help protect organizations and individuals from these advanced persistent actors. We’re constantly improving our...

7.2CVSS8.7AI score0.06255EPSS
Exploits0
CNVD
CNVD
added 2021/08/13 12:0 a.m.20 views

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-88197)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

6.5CVSS6.2AI score0.00852EPSS
Exploits0References1
Malwarebytes
Malwarebytes
added 2021/06/17 6:41 p.m.75 views

Polazert Trojan using poisoned Google Search results to spread

Trojan.Polazert aka SolarMarker has gone back and fine-tuned an old tactic known as SEO-poisoning to plant their Remote Access Trojan RAT on as many systems as possible. This RAT runs in memory and is used by attackers to install additional malware on affected systems. Trojan.Polazert...

7AI score
Exploits0
CNVD
CNVD
added 2021/06/04 12:0 a.m.9 views

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-40756)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

7.5CVSS6.1AI score0.01443EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2021/05/21 8:46 a.m.32 views

Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware

Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...

1.4AI score
Exploits0
CNVD
CNVD
added 2021/05/14 12:0 a.m.8 views

IBM QRadar SIEM Cross-Site Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A cross-site...

6.1CVSS6.2AI score0.00653EPSS
Exploits0References1
CNVD
CNVD
added 2021/05/14 12:0 a.m.9 views

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2021-34726)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An information...

7.5CVSS6.2AI score0.01443EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2021/05/11 12:0 a.m.187 views

CVE-2021-26419

Scripting Engine Memory Corruption Vulnerability Recent assessments: architect00 at May 14, 2021 10:33am UTC reported: Details The vulnerability affects Internet Explorer 11 on all Windows Versions. It is located in the jscript9.dll library, which is used to execute javascript. Possible attack...

8.8CVSS9AI score0.24188EPSS
In wildExploits3References3
CNVD
CNVD
added 2021/05/06 12:0 a.m.6 views

IBM QRadar SIEM Arbitrary Command Execution Vulnerability

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A security...

9.8CVSS6.9AI score0.01604EPSS
Exploits0References1
Akamai Blog
Akamai Blog
added 2021/03/31 11:0 a.m.49 views

2021: Volumetric DDoS Attacks Rising Fast

In our 2020 DDoS retrospective, we highlighted the twists and turns of a very, very active threat landscape. As a quick refresher, we mitigated some of the largest attacks ever seen 1.44 Tbps and 809 Mpps; saw more attacks on customers across more diverse industries than ever before; and observed...

7.2AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/03/18 10:0 p.m.259 views

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...

7.5CVSS0.6AI score0.99999EPSS
Exploits63
Microsoft Secure
Microsoft Secure
added 2021/03/18 10:0 p.m.241 views

Automatic on-premises Exchange Server mitigation now in Microsoft Defender Antivirus

As cybercriminals continue to exploit unpatched on-premises versions of Exchange Server 2013, 2016, and 2019, we continue to actively work with customers and partners to help them secure their environments and respond to associated threats. To date, we have released a comprehensive Security Updat...

7.5CVSS0.6AI score0.99999EPSS
Exploits63
CNVD
CNVD
added 2021/02/07 12:0 a.m.9 views

IBM QRadar SIEM Denial of Service Vulnerability (CNVD-2021-10821)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A denial of servic...

4.3CVSS6.5AI score0.00518EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/02/03 12:0 a.m.8 views

IBM Security Identity Governance and Intelligence Security Breach

IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment, and identity management. A security vulnerability exists in IBM Security Identity...

5.7AI score
Exploits0References1
CNVD
CNVD
added 2021/01/28 12:0 a.m.9 views

IBM QRadar SIEM Directory Traversal Vulnerability (CNVD-2021-10826)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A directory...

6.5CVSS6.5AI score0.02553EPSS
Exploits0References1
CNVD
CNVD
added 2021/01/28 12:0 a.m.7 views

IBM QRadar SIEM Server-Side Request Forgery Vulnerability (CNVD-2021-10824)

IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. A server-side...

4.2CVSS6.4AI score0.0029EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2021/01/13 12:0 a.m.515 views

Envira Gallery Lite 1.8.3.2 Cross Site Scripting

==== Tempest Security Intelligence - ADV-12/2020 ============================= Envira Gallery - Lite Edition - Version 1.8.3.2 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil ===== Table of Contents ================================================ • Overview •...

0.01343EPSS
Exploits3
ThreatPost
ThreatPost
added 2020/10/06 3:51 p.m.139 views

Microsoft Zerologon Flaw Under Attack By Iranian Nation-State Actors

Microsoft is warning that an Iranian nation-state actor is now actively exploiting the Zerologon vulnerability CVE-2020-1472, adding fuel to the fire as the severe flaw continues to plague businesses. The advanced persistent threat APT actor, which Microsoft calls MERCURY also known as MuddyWater...

9.3CVSS0.2AI score0.99913EPSS
Exploits104References18
CNVD
CNVD
added 2020/05/28 12:0 a.m.3 views

IBM Security Identity Governance and Intelligence Input Validation Error Vulnerability

IBM Security Identity Governance and Intelligence IGI is a suite of identity governance solutions from IBM in the United States. The product includes features such as lifecycle management, access risk assessment and identity management. An input validation error vulnerability exists in IBM Securi...

6.5CVSS6.9AI score0.00814EPSS
Exploits0References1
Rows per page
Query Builder