375 matches found
TikTok: Privilege Escalation on TikTok for Business
An IDOR Insecure Direct Object Reference vulnerability was found on the "orgid" and "accountid" parameters on a Business.TikTok.com endpoint, which could have resulted in an authenticated user with "Analyst" level permissions to close another user's ads accounts. We thank @naaash for reporting th...
Ex-Gumshoe Nabs Cybercrooks with FBI Tactics
Crooks are crooks, right? Whatever motivates serial violent offenders doesn’t switch off when they stop mugging people and instead pick up a keyboard to transform into cyber actors who craft cyber threats. At least, that was the thinking behind the 2012 creation of the FBI’s Cyber Behavioral...
Exploit for Deserialization of Untrusted Data in H2Database H2
CVE-2021-42392-Detect About The script detects vulnerable H2...
What's New in InsightIDR: Q4 2021 in Review
More context and customization around detections and investigations, expanded dashboard capabilities, and more. This post offers a closer look at some of the recent releases in InsightIDR, our extended detection and response XDR solution, from Q4 2021. Over the past quarter, we delivered updates ...
Exploit for Deserialization of Untrusted Data in Apache Log4J
This is a proof-of-concept PoC exploit for CVE-2021-44228, a v...
The final report on NOBELIUM’s unprecedented nation-state attack
This is the final post in a four-part series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. Microsoft’s four-part video series “Decoding NOBELIUM” pul...
ESG Economic Value Validation of XDR
Hear leading analyst firm ESG and Chase Renes, system administrator at Vision Bank, discuss the operational, business, and financial value of Trend Micro’s industry-leading XDR solution...
SAS 2021: FinSpy Surveillance Kit Re-Emerges Stronger Than Ever
The FinSpy surveillance kit has been driven from its hiding place following an eight-month investigation by Kaspersky researchers. Detections of the spyware trojan have dwindled since 2018, but it turns out that it hasn’t gone away – it’s simply been hiding behind various first-stage implants tha...
WordPress Malware Camouflaged As Code
In today’s post we discuss emerging techniques that attackers are using to hide the presence of malware. In the example we discuss below, the attacker’s goal is to make everything look routine to an analyst so that they do not dig deeper and discover the presence of malware and what it is doing. ...
An expert discussion on XDR
Discover why industry veteran and former Gartner analyst, Greg Young, believes that XDR is the most exciting thing that has happened in cybersecurity in the last 20 years...
CVE-2021-29767
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681...
CVE-2021-29770
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771...
CVE-2021-29769
IBM i2 Analyst's Notebook Premium IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie...
CVE-2021-20431
IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342...
Vulnerabilities fixed in IBM i2 Analyst's Notebook
Vulnerabilities have been fixed in the IBM i2 Analyst's Notebook. A malicious party could exploit the vulnerabilities to obtain system data and sensitive information. IBM has released updates to fix the vulnerabilities. For more information, see: https://www.ibm.com/support/pages/node/6474861...
IBM i2 Analyze安全漏洞
IBM i2 Analyst's Notebook Premium is an intuitive analysis environment that combines data storage, analysis tools, visualization and dissemination capabilities. i2 Analyst's Notebook Premium contains a security vulnerability that could be exploited by remote attackers to obtain sensitive...
IBM i2 Analysts Notebook Premium 安全漏洞
IBM i2 Analyst's Notebook Premium is a premium version of IBM i2 Analyst's Notebook from IBM USA. IBM i2 Analyst's Notebook Premium has an information disclosure vulnerability that could be exploited by an attacker to obtain sensitive information...
IBM i2 Analysts Notebook Premium 安全漏洞
IBM i2 Analyst's Notebook Premium is a premium version of IBM i2 Analyst's Notebook from IBM of America. IBM i2 Analyst's Notebook Premium is vulnerable to an information disclosure vulnerability that could be exploited by an attacker to obtain cookie values by listening to traffic...
Rapid7 + XDR: Security that Moves as Fast as Your Business
Since launching InsightIDR almost six years ago, our mission has remained constant: make it possible for any security team to achieve fast, sophisticated threat detection and response programs that scale with their business. Making threat detection and response as agile and simple as possible...
Why MTTR is Bad for SecOps
Mean time to resolution MTTR is a commonly used metric in the security industry. While it has utility to a business’s risk function, it does not belong in security operations SecOps. First, let us level-set on what reporting is versus metrics. Reporting measures activity and does not drive specif...