Lucene search
K

1675 matches found

The Hacker News
The Hacker News
added 2021/10/21 7:3 a.m.43 views

Hackers Stealing Browser Cookies to Hijack High-Profile YouTube Accounts

Since at least late 2019, a network of hackers-for-hire have been hijacking the channels of YouTube creators, luring them with bogus collaboration opportunities to broadcast cryptocurrency scams or sell the accounts to the highest bidder. That's according to a new report published by Google's...

0.4AI score
Exploits0
ThreatPost
ThreatPost
added 2021/10/06 6:11 p.m.47 views

ESPecter Bootkit Malware Haunts Victims with Persistent Espionage

A rare Windows UEFI bootkit malware has been discovered, offering attackers a path to cyber-espionage, researchers are warning. According to ESET, the bootkit’s goal is to install a full featured backdoor on a target PC, which “supports a rich set of commands and contains various automatic data...

7.7AI score
Exploits0References5
Gitee
Gitee
added 2021/09/27 3:6 p.m.5 views

Red-Teaming-Toolkit

This is a collection of open source and commercial tools that aid in red team operations. The repository includes tools for reconnaissance, weaponization, delivery, command and control, lateral movement, establishing a foothold, escalating privileges, data exfiltration, and miscellaneous...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/20 5:7 a.m.31 views

Numando: A New Banking Trojan Targeting Latin American Users

A newly spotted banking trojan has been caught leveraging legitimate platforms like YouTube and Pastebin to store its encrypted, remote configuration and commandeer infected Windows systems, making it the latest to join the long list of malware targeting Latin America LATAM after Guildma, Javali,...

0.3AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/17 11:2 a.m.25 views

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2021/09/13 2:15 p.m.98 views

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Researchers on Monday took the wraps off a newly discovered Linux and Windows re-implementation of Cobalt Strike Beacon that's actively set its sights on government, telecommunications, information technology, and financial institutions in the wild. The as-yet undetected version of the penetratio...

0.3AI score
Exploits0
ThreatPost
ThreatPost
added 2021/09/08 5:3 p.m.28 views

TeamTNT’s New Tools Target Multiple OSes

The TeamTNT malware pushers have a slew of new toys with which to wreak havoc – multiple shell/batch scripts, open-source tools, a cryptocurrency miner, an IRC and more – that have inflicted more than 5,000 infections globally as antivirus AV tools struggle to catch up with the newest malware...

6.7AI score
Exploits0References14
The Hacker News
The Hacker News
added 2021/09/08 8:8 a.m.30 views

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group

Cybersecurity researchers on Tuesday released new findings that reveal a year-long mobile espionage campaign against the Kurdish ethnic group to deploy two Android backdoors that masquerade as legitimate apps. Active since at least March 2020, the attacks leveraged as many as six dedicated Facebo...

1.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/08/25 12:0 a.m.37 views

Cisco Web Security Appliance (WSA) Server Name Identification Data Exfiltration (cisco-sa-sni-data-exfil-mFgzXqLN)

According to its self-reported version, Cisco Web Security Appliance WSA is affected by a vulnerability in Server Name Identification SNI request filtering that allows an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from a compromised...

8.6CVSS6.7AI score0.01684EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2021/08/20 3:44 p.m.30 views

ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups

ShadowPad, an infamous Windows backdoor that allows attackers to download further malicious modules or steal data, has been put to use by five different Chinese threat clusters since 2017. "The adoption of ShadowPad significantly reduces the costs of development and maintenance for threat actors,...

1.7AI score
Exploits0
ThreatPost
ThreatPost
added 2021/08/19 9:13 p.m.31 views

How Ready Are You for a Ransomware Attack?

Determining how hard a target you present for the current wave of human-driven ransomware involves multiple considerations. There are four steps to analyzing how prepared you are for a ransomware attack. Such analysis roughly breaks down as follows: 1 How easy it is to break into your environment...

7.7AI score
Exploits0References3
The Hacker News
The Hacker News
added 2021/08/19 10:30 a.m.43 views

Researchers Find New Evidence Linking Diavol Ransomware to TrickBot Gang

Cybersecurity researchers have disclosed details about an early development version of a nascent ransomware strain called Diavol that has been linked to threat actors behind the infamous TrickBot syndicate. The latest findings from IBM X-Force show that the ransomware sample shares similarities t...

0.9AI score
Exploits0
NVD
NVD
added 2021/08/18 8:15 p.m.24 views

CVE-2021-34749

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

8.6CVSS0.01684EPSS
Exploits0References3
OSV
OSV
added 2021/08/18 8:15 p.m.3 views

CVE-2021-34749

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

8.6CVSS6.3AI score0.01684EPSS
Exploits0References3
Prion
Prion
added 2021/08/18 8:15 p.m.32 views

Command injection

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

5CVSS8.5AI score0.01684EPSS
Exploits0References3Affected Software3
CVE
CVE
added 2021/08/18 7:40 p.m.97 views

CVE-2021-34749

CVE-2021-34749 affects Cisco WSA/FTD and the Snort detection engine. The issue stems from inadequate filtering of the SSL handshake in the SNI data path, allowing an unauthenticated remote attacker to bypass filters and exfiltrate data from a compromised host, potentially enabling command-and-con...

8.6CVSS7AI score0.01684EPSS
Exploits0References3Affected Software3
Cvelist
Cvelist
added 2021/08/18 7:40 p.m.33 views

CVE-2021-34749 Multiple Cisco Products Server Name Identification Data Exfiltration Vulnerability

A vulnerability in Server Name Identification SNI request filtering of Cisco Web Security Appliance WSA, Cisco Firepower Threat Defense FTD, and the Snort detection engine could allow an unauthenticated, remote attacker to bypass filtering technology on an affected device and exfiltrate data from...

5.8CVSS8.8AI score0.01684EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2021/08/18 12:0 a.m.2 views

PT-2021-3823 · Cisco · Snort +2

Name of the Vulnerable Software and Affected Versions: Cisco Web Security Appliance affected versions not specified Cisco Firepower Threat Defense affected versions not specified Snort detection engine affected versions not specified Description: A vulnerability in Server Name Identification SNI...

8.6CVSS5.9AI score0.02367EPSS
Exploits0References42
OSV
OSV
added 2021/08/09 1:15 p.m.2 views

CVE-2021-36798

A Denial-of-Service DoS vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it...

7.5CVSS7.2AI score0.04292EPSS
Exploits1References2
ThreatPost
ThreatPost
added 2021/08/06 2:44 p.m.75 views

Angry Affiliate Leaks Conti Ransomware Gang Playbook

An apparently vengeful affiliate of the Conti Gang has leaked the playbook of the ransomware group after alleging that the notorious cybercriminal organization underpaid him for doing its dirty work. A security researcher shared a comment from an online forum allegedly posted by someone who did...

7AI score
Exploits0References13
Rows per page
Query Builder