Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

ThreatPost
ThreatPostadded 2018/11/09 9:16 p.m.40 views

Recently-Patched Adobe ColdFusion Flaw Exploited By APT

An Adobe ColdFusion vulnerability, patched two months ago, was being exploited in the wild by a China-linked APT group, researchers found. The vulnerability, CVE-2018-15961, is a critical unrestricted file upload bug that could also lead to arbitrary code-execution, researchers at Volexity, who...

10CVSS10AI score0.94393EPSS
Exploits11References2
ThreatPost
ThreatPostadded 2018/05/21 1:1 p.m.49 views

Wicked Botnet Uses Passel of Exploits to Target IoT

Yet another variant of the Mirai botnet has appeared on the scene, but this one has a twist: The code is integrated with at least three exploits that target unpatched IoT devices, including closed-circuit cameras and Netgear routers. It also has ties to a web of other botnets, made for DDoS...

9.3CVSS9.8AI score0.94257EPSS
Exploits15References7
Talos Blog
Talos Blogadded 2018/01/15 9:57 p.m.2147 views

Korea In The Crosshairs

This blog post is authored by Warren Mercer and Paul Rascagneres and with contributions from Jungsoo An. A one year review of campaigns performed by an actor with multiple campaigns mainly linked to South Korean targets. Executive Summary This article exposes the malicious activities of Group 123...

9.3CVSS8.4AI score0.94302EPSS
Exploits29
Talos Blog
Talos Blogadded 2017/11/02 8:55 a.m.96 views

Poisoning the Well: Banking Trojan Targets Google Search Results

This blog post was authored by Edmund Brumaghin, Earl Carter and Emmanuel Tacheau.SummaryIt has become common for users to use Google to find information that they do not know. In a quick Google search you can find practically anything you need to know. Links returned by a Google search, however,...

7.2AI score
Exploits0
0day.today
0day.todayadded 2013/10/31 12:0 a.m.82 views

TP-Link Cross Site Request Forgery Vulnerability

This write up goes into detail about how real world cross site request forgery attacks can be used to hijack DNS on TP-Link routers. I. Introduction Today the majority of wired Internet connections is used with an embedded NAT router, which allows using the same Internet connection with several...

6.6AI score0.00442EPSS
Exploits1
ThreatPost
ThreatPostadded 2013/01/29 1:0 p.m.7 views

Multilayer DDoS Attacks Have Reset Stage for Network Attacks

Back in the dark days of dial-up connectivity, attackers wouldn’t bother compromising home computers as bots to be used in distributed denial-of-service. The lack of bandwidth made PCs persona non grata in the DDoS world. Instead, attackers targeted Web servers, the only machines with the...

0.3AI score
Exploits0References2
ThreatPost
ThreatPostadded 2009/02/26 4:8 p.m.14 views

76% of phishing sites hosted on hacked servers

ZDNet’s Dancho Danchev is pointing to a new research paper .pdf that shows that 75.8% of the phishing sites analyzed 2486 sites were hosted on compromised web servers to which the phishers obtained access through Google hacking techniques search engine reconnaissance. Dancho writes: The research...

1.4AI score
Exploits0References2
Rows per page
Query Builder