Analysis of active exploitation of SolarWinds Web Help Desk

The Microsoft Defender Research Team observed a multi‑stage intrusion where threat actors exploited internet‑exposed SolarWinds Web Help Desk WHD instances to get an initial foothold and then laterally moved towards other high-value assets within the organization. However, we have not yet confirm...

Abuse of the Service Location Protocol May Lead to DoS Attacks

The Service Location Protocol SLP, RFC 2608link is external allows an unauthenticated remote attacker to register arbitrary services. This could allow an attacker to use spoofed UDP traffic to conduct a denial-of-service DoS attack with a significant amplification factor. Researchers from Bitsigh...

Smogcloud - Find Cloud Assets That No One Wants Exposed

Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to any capable security program. We made smogcloud to enable security engineers, penetration testers, and AWS administrators to monitor the collective changes that create dynamic and ephemeral...

GALLIUM: Targeting global telecom

Microsoft Threat Intelligence Center MSTIC is raising awareness of the ongoing activity by a group we call GALLIUM, targeting telecommunication providers. When Microsoft customers have been targeted by this activity, we notified them directly with the relevant information they need to protect...

Exploit for OS Command Injection in Gnu Bash

Shellshock exploit + vulnerable envir...

Fedora Core 1 : coreutils-5.0-34.1 (2004-091)

An updated coreutils package is available fixing an issue in the ls1 utility, described at : https://vulners.com/cve/CVE-2003-0853 Note that this vulnerability affects Internet-facing services which execute ls1 with user-supplied input, and although wu-ftpd is one such service it is not supplied...