Turning threat reports into detection insights with AI

Security teams routinely need to transform unstructured threat knowledge, such as incident narratives, red team breach-path writeups, threat actor profiles, and public reports into concrete defensive action. The early stages of that work are often the slowest. These include extracting tactics,...

LLMs, You Can Evaluate It! Design of Multi-Perspective Report Evaluation for Security Operation Centers

Security operation centers SOCs often produce analysis reports on security incidents, and large language models LLMs will likely be used for this task in the near future. We postulate that a better understanding of how veteran analysts evaluate reports, including their feedback, can help produce...

EUVD-2022-15248

Malicious code in bioql PyPI...

CVE-2024-57776

creationtimestamp| type| source ---|---|--- 2025-01-16 17:55:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113839317489246649 2025-01-16 17:55:33+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/1981 2025-01-16 18:16:10+00:00| seen|...

CVE-2024-8474

creationtimestamp| type| source ---|---|--- 2025-01-06 14:37:13+00:00| seen| https://infosec.exchange/users/cve/statuses/113781914545129480 2025-01-06 15:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf3gh2e3sl2m 2025-01-06 15:36:33+00:00| seen|...

CVE-2024-50559

creationtimestamp| type| source ---|---|--- 2024-11-12 14:22:00+00:00| seen| https://infosec.exchange/users/cve/statuses/113470427614824827 2024-11-12 14:41:32+00:00| seen| https://t.me/cvedetector/10600 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user input sanitization. An attacker can manipulate scripts in the user's browser by injecting malicious code into editable content areas. Exploiting this vulnerability is possible if the user ha...

CVE-2024-47815 Cross-site Scripting in IncidentReporting

IncidentReporting is a MediaWiki extension for moving incident reports from wikitext to database tables. There are a variety of Cross-site Scripting issues, though all of them require elevated permissions. Some are available to anyone who has the editincidents right, some are available to those w...

Okta: Breach Affected All Customer Support Users

When KrebsOnSecurity broke the news on Oct. 20, 2023 that identity and authentication giant Okta had suffered a breach in its customer support department, Okta said the intrusion allowed hackers to steal sensitive data from fewer than one percent of its 18,000+ customers. But today, Okta revised...

CVE-2023-37554

creationtimestamp| type| source ---|---|--- 2023-08-03 16:40:18+00:00| seen| https://t.me/cibsecurity/67676 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-04 2025-04-03 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-093-...

CVE-2017-12234

creationtimestamp| type| source ---|---|--- 2023-06-14 21:10:03+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05 03:53:53+00:00| seen| https://t.me/arpsyndicate/1383 2024-12-24 20:27:33+00:00| seen| https://feedsin.space/feed/CISAKevBot/items/2971320 2025-02-23 02:10:14+00:00|...

CVE-2023-24932

creationtimestamp| type| source ---|---|--- 2023-05-09 05:00:00+00:00| seen| https://msrc.microsoft.com/blog/2023/05/guidance-related-to-secure-boot-manager-changes-associated-with-cve-2023-24932/ 2023-05-09 22:12:11+00:00| exploited| https://t.me/ctinow/110762 2023-05-09 22:39:11+00:00| seen|...

IoC detection experiments with ChatGPT

ChatGPT is a groundbreaking chatbot powered by the neural network-based language model text-davinci-003 and trained on a large dataset of text from the Internet. It is capable of generating human-like text in a wide range of styles and formats. ChatGPT can be fine-tuned for specific tasks, such a...

DHS says to update your Emergency Alert Systems immediately

The Department of Homeland Security has issued an advisory after vulnerabilities were found in its Emergency Alert Systems EAS. EAS technology is designed to fire out warning messages during times of national emergency. It can be used to warn of coastal flooding, earthquakes, child abduction,...

CVE-2022-31953

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/viewreport.php?id=...

CVE-2022-31956

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/managereport.php?id=...

CVE-2022-31956

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/managereport.php?id=...

Sql injection

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/viewreport.php?id=...

Sql injection

Rescue Dispatch Management System v1.0 is vulnerable to SQL Injection via /rdms/admin/incidentreports/managereport.php?id=...

Rescue Dispatch Management System SQL注入漏洞

Rescue Dispatch Management System is a rescue dispatch management system from Carlo Montero's personal developer. v1.0 of Rescue Dispatch Management System is vulnerable to SQL injection, which originates from /rdms/admin/ incidentreports/viewreport.php?id=The page lacks validation for external...