Lucene search
K

31 matches found

The Hacker News
The Hacker News
added 2026/01/30 11:30 a.m.12 views

Badges, Bytes and Blackmail

Behind the scenes of law enforcement in cyber: what do we know about caught cybercriminals? What brought them in, where do they come from and what was their function in the crimescape? Introduction: One view on the scattered fight against cybercrime The growing sophistication and diversification ...

6.1AI score
Exploits0
Packet Storm
Packet Storm
added 2025/05/01 12:0 a.m.92 views

📄 Craft CMS Image Transform Pre-Authenticaton Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 3.x, 4.x, and 5.x prior to 5.6.17 via the image transform endpoint. It injects a PHP Meterpreter payload into the Craft session, then triggers its execution by abusing the Yii behavior...

10CVSS9.4AI score0.99803EPSS
Exploits14
Wired Threat Level
Wired Threat Level
added 2025/01/23 11:0 a.m.17 views

Under Trump, US Cyberdefense Loses Its Head

Chinese hacks, rampant ransomware, and Donald Trump’s budget cuts all threaten US security. In an exit interview with WIRED, former CISA head Jen Easterly argues for her agency’s survival...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/08/01 6:32 a.m.22 views

Facebook Ads Lead to Fake Websites Stealing Credit Card Information

Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the...

7.1AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/06 2:1 p.m.18 views

Known ransomware attacks up 68% in 2023

Today, Malwarebytes released its 2024 State of Malware report, detailing six cyberthreats that resource-constrained IT teams should pay attention to in 2024. Top of the list is "Big Game" ransomware, the most serious cyberthreat to businesses all around the world. Big game attacks extort vast...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/02 12:14 p.m.20 views

FBI removes malware from hundreds of routers across the US

The FBI has used a court order to remove malware from hundreds of routers across the US, and alter the routers’ settings to prevent reinfection. The routers are malware-infected NetGear and Cisco small office/home office SOHO devices that no longer receive updates because they have reached their...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/14 11:17 a.m.24 views

Reimagining Network Pentesting With Automation

Network penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making. This blog acts as a quick guide on network...

7.5AI score
Exploits0
0day.today
0day.today
added 2023/08/21 12:0 a.m.727 views

Jorani Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...

9.8CVSS8.2AI score0.81918EPSS
Exploits5
Schneier on Security
Schneier on Security
added 2021/01/05 12:42 p.m.57 views

Latest on the SVR’s SolarWinds Hack

The New York Times has an in-depth article on the latest information about the SolarWinds hack not a great name, since its much more far-reaching than that. Interviews with key players investigating what intelligence agencies believe to be an operation by Russia’s S.V.R. intelligence service...

1.2AI score
Exploits0
ThreatPost
ThreatPost
added 2020/11/23 5:15 p.m.139 views

Manchester United: IT Systems Disrupted in Cyberattack

The Manchester United football club in the U.K. has confirmed that the team fell victim to a cyberattack on its systems. Man U., one of the most popular soccer teams in the world, said that it was suffering ongoing IT disruptions. “The club has taken swift actions to contain the attack and is...

7.1AI score
Exploits0References6
Microsoft Secure
Microsoft Secure
added 2020/07/23 8:0 p.m.33 views

Afternoon Cyber Tea: Peak, Plateau, or Plummet? Cyber security trends that are here to stay and how to detect and recover from ransomware attacks

The rapidity of change in the cyberthreat landscape can be daunting for today’s cyber defense teams. Just as they perfect the ability to block one attack method, adversaries change their approach. Tools like artificial intelligence and machine learning allow us to pivot quickly, however, knowing...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2020/05/12 12:0 a.m.218 views

Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting

Exploit Title: Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Date: 2020-04-16 Exploit Author: Dylan Garnaud & Benoit Malaboeuf - Pentesters from Orange Cyberdefense France Vendor Homepage:...

5.4CVSS5.2AI score0.0312EPSS
Exploits4
0day.today
0day.today
added 2020/05/12 12:0 a.m.71 views

Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Vulnerability

Exploit for java platform in category web applications Exploit Title: Cisco Digital Network Architecture Center 1.3.1.4 - Persistent Cross-Site Scripting Exploit Author: Dylan Garnaud & Benoit Malaboeuf - Pentesters from Orange Cyberdefense France Vendor Homepage:...

0.1AI score0.0312EPSS
Exploits4
exploitpack
exploitpack
added 2020/03/27 12:0 a.m.177 views

rConfig 3.9.4 - searchField Unauthenticated Root Remote Code Execution

rConfig 3.9.4 - searchField Unauthenticated Root Remote Code Execution Exploit Title: rConfig 3.9.4 - 'searchField' Unauthenticated Root Remote Code Execution Exploit Author: vikingfr Greetz : Orange Cyberdefense - team CSR-SO https://cyberdefense.orange.com Date: 2020-03-12 CVE-2019-19509 +...

9CVSS0.6AI score0.99683EPSS
Exploits20
0day.today
0day.today
added 2020/03/03 12:0 a.m.127 views

Alfresco 5.2.4 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link:...

3.5CVSS5.8AI score0.0317EPSS
Exploits7
Exploit DB
Exploit DB
added 2020/03/03 12:0 a.m.608 views

Alfresco 5.2.4 - Persistent Cross-Site Scripting

Exploit Title: Alfresco 5.2.4 - Persistent Cross-Site Scripting Date: 2020-03-02 Exploit Author: Romain LOISEL & Alexandre ZANNI https://pwn.by/noraj - Pentesters from Orange Cyberdefense France Vendor Homepage: https://www.alfresco.com/ Software Link: https://www.alfresco.com/ecm-software Versio...

5.4CVSS5.5AI score0.0317EPSS
Exploits7
Kitploit
Kitploit
added 2020/02/19 8:30 p.m.79 views

Rabid - A CLI Tool And Library Allowing To Simply Decode All Kind Of BigIP Cookies

RA pid B ig I P D ecoder What it is A CLI tool and library allowing to simply decode all kind of BigIP cookies. Features Support all 4 cookie formats CLI tool & library Hackable References Homepage / Documentation: https://orange-cyberdefense.github.io/rabid/ Author Made by Alexandre ZANNI @noraj...

7.3AI score
Exploits0References3
ThreatPost
ThreatPost
added 2019/06/05 11:54 a.m.52 views

Infosecurity Europe: Easing the Clash Between IT and Industrial Worlds

LONDON, UK – Information technology and operational technology are like two sides of the same coin. Their objectives are the same, but too often they don’t see eye-to-eye when it comes to priorities, according to cybersecurity experts. Information technology IT teams are tasked with securing and...

6.9AI score
Exploits0References3
0day.today
0day.today
added 2018/03/23 12:0 a.m.226 views

Wordpress Site Editor 1.1.1 Plugin - Local File Inclusion Vulnerability

Exploit for php platform in category web applications Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for...

0.63102EPSS
Exploits7
exploitpack
exploitpack
added 2018/03/23 12:0 a.m.89 views

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion

Wordpress Plugin Site Editor 1.1.1 - Local File Inclusion Product: Site Editor Wordpress Plugin - https://wordpress.org/plugins/site-editor/ Vendor: Site Editor Tested version: 1.1.1 CVE ID: CVE-2018-7422 CVE description A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1...

5CVSS7.7AI score0.63102EPSS
Exploits7
Rows per page
Query Builder