Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

Strategies, tools, and frameworks for building an effective threat intelligence team

How to think about building a threat intelligence program The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia...

pyWhat - Identify Anything. Easily Lets You Identify Emails, IP Addresses, And More...

The easiest way to identify anything pip3 install pywhat && pywhat --help What is this? Imagine this: You come across some mysterious text 5f4dcc3b5aa765d61d8327deb882cf99 and you wonder what it is. What do you do? Well, with what all you have to do is ask what "5f4dcc3b5aa765d61d8327deb882cf99"...

SUSE SLES11 Security Update : supportutils (SUSE-SU-2019:13976-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:13976-1 advisory. - Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker...

Kill chains: Part 2→Strategic and tactical use cases

Let’s redefine In our new blog series, we want to contextualize the term “kill chain” as much as possible. Make sure to read the first entry in this series, Kill chains: Part 1→Strategic and operational value, for a general overview of kill chains and the specific frameworks we’ve discussed. We...

Kill chains: Part 1→Strategic and operational value

It really is a good thing The term “kill chain” sounds extremely harsh. Almost as if after something is killed, it gets moved down the chain to be killed again. How dramatic! Indeed, the original definition was to describe how an enemy combatant of the military might attack; that is, the steps th...

PT-2024-11202 · Linux +6 · Linux Kernel +6

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the i2c-i801 driver in the Linux kernel, which supports interrupts. When the KILL bit is set to recover from a timed out transaction, it triggers an interrupt...

K8tools

It is an offensive tool for web application exploitation. The repository, K8tools, contains a collection of tools for various purposes, including internal penetration, privilege escalation, remote overflow, vulnerability exploitation, scanning, password cracking, and anti-kill tools. The primary...

GHSA-V2JV-33GH-XX29 Command Injection in ps-visitor

This affects all versions up to and including version 0.0.2 of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

GHSA-M8FM-MV5W-33PV Command Injection in psnode

This affects all current versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23375

This affects all versions of package psnode. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

CVE-2021-23374

This affects all versions of package ps-visitor. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Arbitrary Command Injection

Overview ps-visitor is a Node.js visit command ps aux and kill. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands. This is due to use of the...

Arbitrary Command Injection

Overview psnode is an A Node.js KISS module to list and kill process on OSX and Windows. Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the kill function, it is possible for an attacker to execute arbitrary commands...

GHSA-MM4F-47CH-F7HX Arbitrary code execution in kill-by-port

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

Arbitrary code execution in kill-by-port

This affects the package kill-by-port before 0.0.2. If attacker-controlled user input is given to the killByPort function, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input sanitization...

OS Command Injection

kill-by-port is vulnerable to OS command injection. An attacker is able to inject and execute arbitrary OS commands due to the passing of untrusted user input to the childprocess.exec function...