Lucene search
K

40 matches found

Microsoft Secure
Microsoft Secure
added 2026/06/09 5:35 p.m.12 views

Reconstructing AI activity in investigations

AI systems are now part of everyday work. Investigators need a consistent way to reconstruct what happened within them. Security teams are already investigating activity involving Microsoft 365 Copilot and Azure AI services—from prompt injection attempts to unexpected data access. Those signals a...

5.4AI score
Exploits0
The Hacker News
The Hacker News
added 2026/02/17 11:30 a.m.7 views

My Day Getting My Hands Dirty with an NDR System

My objective As someone relatively inexperienced with network threat hunting, I wanted to get some hands-on experience using a network detection and response NDR system. My goal was to understand how NDR is used in hunting and incident response, and how it fits into the daily workflow of a Securi...

6.3AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/10/22 12:0 a.m.10 views

VulnCheck KEV: CVE-2025-6264

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

9.8CVSS7.4AI score0.99962EPSS
In wildExploits26References9
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-29974

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00748EPSS
Exploits0References2
NVD
NVD
added 2025/06/20 3:15 a.m.11 views

CVE-2025-6264

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

5.5CVSS0.00963EPSS
Exploits2References3
OSV
OSV
added 2025/06/20 3:15 a.m.5 views

CVE-2025-6264

Velociraptor allows collection of VQL queries packaged into Artifacts from endpoints. These artifacts can be used to do anything and usually run with elevated permissions. To limit access to some dangerous artifact, Velociraptor allows for those to require high permissions like EXECVE to launch...

5.5CVSS7.2AI score0.00963EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/06/20 12:0 a.m.7 views

PT-2025-26266

Name of the Vulnerable Software and Affected Versions Velociraptor affected versions not specified Description The issue concerns the Velociraptor's artifact collection feature, which allows users to collect and execute VQL queries packaged into artifacts from endpoints. These artifacts typically...

5.5CVSS6.8AI score0.00963EPSS
Exploits2References29
RedhatCVE
RedhatCVE
added 2025/05/23 5:38 a.m.4 views

CVE-2023-26101

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem...

7.5CVSS6.5AI score0.00748EPSS
Exploits0References1
Schneier on Security
Schneier on Security
added 2025/01/29 12:4 p.m.10 views

ExxonMobil Lobbyist Caught Hacking Climate Activists

The Department of Justice is investigating a lobbying firm representing ExxonMobil for hacking the phones of climate activists: The hacking was allegedly commissioned by a Washington, D.C., lobbying firm, according to a lawyer representing the U.S. government. The firm, in turn, was allegedly...

7.4AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/07/11 7:58 p.m.9 views

Pressure Grows in Congress to Treat Crypto Investigator Tigran Gambaryan, Jailed in Nigeria, as a Hostage

A new resolution echoes what 16 members of Congress have already said to the White House: It must do more to free one of the most storied crypto-focused federal agents in history...

7.3AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2024/03/12 4:3 a.m.17 views

Binance’s Top Crypto Crime Investigator Is Being Detained in Nigeria

Tigran Gambaryan, a former crypto-focused US federal agent, and a second Binance executive, Nadeem Anjarwalla, have been held in Abuja without passports for two weeks...

7.5AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/11/16 7:32 p.m.9 views

privateinvestigator.com.au Improper Access Control vulnerability OBB-3782784

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.9AI score
Exploits0
OSV
OSV
added 2023/04/21 12:15 p.m.2 views

CVE-2023-26101

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem...

7.5CVSS7.2AI score0.00748EPSS
Exploits0References2
NVD
NVD
added 2023/04/21 12:15 p.m.12 views

CVE-2023-26101

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem...

7.5CVSS7.3AI score0.00748EPSS
Exploits0References2
Prion
Prion
added 2023/04/21 12:15 p.m.15 views

Path traversal

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem...

5CVSS7.3AI score0.00748EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/04/21 12:0 a.m.48 views

CVE-2023-26101

CVE-2023-26101 concerns a path-traversal flaw in Flowmon Packet Investigator prior to 12.1.0. A user with access to Flowmon Packet Investigator can retrieve files from the appliance’s local filesystem due to this vulnerability. Documents consistently reference Flowmon Packet Investigator versions...

7.5CVSS7.3AI score0.00748EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2023/04/21 12:0 a.m.15 views

CVE-2023-26101

In Progress Flowmon Packet Investigator before 12.1.0, a Flowmon user with access to Flowmon Packet Investigator could leverage a path-traversal vulnerability to retrieve files on the Flowmon appliance's local filesystem...

7.5AI score0.00748EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/21 12:0 a.m.4 views

PT-2023-20488 · Flowmon · Flowmon Packet Investigator

Name of the Vulnerable Software and Affected Versions: Flowmon Packet Investigator versions prior to 12.1.0 Description: A path-traversal issue allows a Flowmon user with access to Flowmon Packet Investigator to retrieve files on the Flowmon appliance's local filesystem. Recommendations: For...

7.5CVSS7.4AI score0.00748EPSS
Exploits0References4
Kitploit
Kitploit
added 2023/04/06 12:30 p.m.50 views

Seekr - A Multi-Purpose OSINT Toolkit With A Neat Web-Interface

A multi-purpose toolkit for gathering and managing OSINT-Data with a neat web-interface. Introduction Seekr is a multi-purpose toolkit for gathering and managing OSINT-data with a sleek web interface. The backend is written in Go and offers a wide range of features for data collection,...

6.9AI score
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:21 a.m.3 views

SUSE CVE-2023-0290

Rapid7 Velociraptor did not properly sanitize the client ID parameter to the CreateCollection API, allowing a directory traversal in where the collection task could be written. It was possible to provide a client id of "../clients/server" to schedule the collection for the server as a server...

4.3CVSS4.7AI score0.00744EPSS
Exploits0References3
Rows per page
Query Builder