Lucene search
+L

424 matches found

packetstorm
packetstorm
added 2024/05/23 12:0 a.m.438 views

FleetCart 4.1.1 Information Disclosure

Exploit Title: FleetCart 4.1.1 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 13/05/2024 Vendor: EnvaySoft Vendor Homepage: https://codecanyon.net/item/fleetcart-laravel-ecommerce-system/23014826 Software Demo Link: https://demo.fleetcart.envaysoft.com/en Tested on: Window...

5CVSS7.2AI score0.18768EPSS
Exploits2
qualysblog
qualysblog
added 2024/05/09 12:41 a.m.31 views

Assess, Remediate, and Prevent the Top 10 MITRE ATT&CK Techniques for Ransomware, Mapped to Misconfigurations

In cybersecurity, the battle against ransomware is a pivotal challenge for organizations worldwide. Attackers are consistently refining their methods, highlighting the critical need for businesses to remain proactive in their defense strategies. To effectively address this threat, it is essential...

7.6AI score
Exploits0
thn
thn
added 2024/04/25 11:13 a.m.67 views

Network Threats: A Step-by-Step Attack Demonstration

Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally...

8AI score
Exploits0
kitploit
kitploit
added 2024/04/05 11:30 a.m.46 views

Attackgen - Cybersecurity Incident Response Testing Tool That Leverages The Power Of Large Language Models And The Comprehensive MITRE ATT&CK Framework

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details. Star the...

7.4AI score
Exploits0References3
openbugbounty
openbugbounty
added 2024/04/02 6:12 a.m.8 views

ck-modelcars.de Cross Site Scripting vulnerability OBB-3895224

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2024/04/01 6:4 a.m.19 views

ck-modelcars.de Cross Site Scripting vulnerability OBB-3891953

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2024/03/28 4:8 a.m.5 views

ck-modelcars.de Cross Site Scripting vulnerability OBB-3889292

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
qualysblog
qualysblog
added 2024/03/25 3:44 p.m.62 views

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt Threat-Informed Defense to Reduce Risk

There are so many vulnerabilities disclosed daily that no one can patch all of them. Unfortunately, attackers can exploit them while you are still in the process of reviewing, prioritizing, and patching. Effective risk-based prioritization focuses your limited resources and remediation efforts...

7.5CVSS10AI score0.99999EPSS
Exploits58
openbugbounty
openbugbounty
added 2024/03/25 12:34 p.m.8 views

ck-modelcars.de Cross Site Scripting vulnerability OBB-3885132

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
openbugbounty
openbugbounty
added 2024/03/21 2:11 a.m.5 views

ck-modelcars.de Cross Site Scripting vulnerability OBB-3881829

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
rapid7blog
rapid7blog
added 2024/01/12 2:0 p.m.16 views

2023 Ransomware Stats: A Look Back To Plan Ahead

Last year was not a year for the faint of heart. Organizations of every size found themselves faced with ransomware attacks at varying levels of sophistication, yet every one of them was damaging. And as we step into 2024, the first victims of ransomware attacks are already being reported. What c...

6.9AI score
Exploits0
trellix
trellix
added 2023/12/13 12:0 a.m.32 views

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR

Detecting and Visualizing Lateral Movement Attacks with Trellix XDR By Chintan Shah, Maulik Maheta, Ajeeth S · December 13, 2023 Executive summary With Organizations deploying multiple security controls and solutions on their network and endpoints, there is a significant gap in the way threat...

8.5AI score
Exploits0
wallarmlab
wallarmlab
added 2023/11/22 12:27 p.m.21 views

What is the MITRE ATT&CK Framework?

The Unfolding Complexity of the MITRE ATT&CK System The domain of cybersecurity is akin to an ever-evolving ocean filled with intricacies. In these stormy waters, the MITRE ATT&CK System stands as a beacon of light. It brings some order, serving as a universally available repository storing vario...

8AI score
Exploits0
ics
ics
added 2023/11/16 12:0 p.m.116 views

Scattered Spider

SUMMARY The Federal Bureau of Investigation FBI and Cybersecurity and Infrastructure Security Agency CISA are releasing this joint Cybersecurity Advisory CSA in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subsectors. This advisory...

10AI score
Exploits0References134
securelist
securelist
added 2023/11/09 8:0 a.m.52 views

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This...

7AI score
Exploits0
githubexploit
githubexploit
added 2023/10/31 5:35 a.m.189 views

Exploit for Incorrect Authorization in Atlassian Confluence_Data_Center

CVE-2023-22518 Improper Authorization Vulnerability in Conflue...

10CVSS9.8AI score0.99999EPSS
Exploits48
malwarebytes
malwarebytes
added 2023/10/09 1:0 a.m.13 views

A week in security (October 2 - October 8)

Last week on Malwarebytes Labs: Multi-factor authentication has proven it works, so what are we waiting for? Amazon Prime email scammer snatches defeat from the jaws of victory 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions...

7.1AI score
Exploits0
malwarebytes
malwarebytes
added 2023/10/05 12:0 p.m.54 views

2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions

MITRE Engenuity released its 2023 ATT&CK Evaluation results, with Malwarebytes blocking initial malware executions and earning high marks for detection. The evaluation tested 30 vendor solutions against Turla, a sophisticated Russia-based advanced persistent threat APT group with victims in over ...

6.9AI score
Exploits0
talosblog
talosblog
added 2023/09/29 4:40 p.m.19 views

Threat Roundup for September 22 to September 29

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between Sept. 22 and Sept. 29. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

6.6AI score
Exploits0
qualysblog
qualysblog
added 2023/09/26 1:4 p.m.165 views

Qualys Survey of Top 10 Exploited Vulnerabilities in 2023

The Qualys Threat Research Unit TRU has thoroughly analyzed vulnerabilities reported in 2023. Our comprehensive study assesses factors including weaponization status, existence in the CISA KEV, instances or usage of malware and ransomware, trending vulnerabilities, various scoring metrics, and...

7.5CVSS9.8AI score0.99999EPSS
Exploits94
Rows per page
Query Builder