ZeroDayBench: Evaluating LLM Agents on Unseen Zero-Day Vulnerabilities for Cyberdefense

Large language models LLMs are increasingly being deployed as software engineering agents that autonomously contribute to repositories. A major benefit these agents present is their ability to find and patch security vulnerabilities in the codebases they oversee. To estimate the capability of...

AIs Are Getting Better at Finding and Exploiting Security Vulnerabilities

From an Anthropic blog post: In a recent evaluation of AI models’ cyber capabilities, current Claude models can now succeed at multistage attacks on networks with dozens of hosts using only standard, open-source tools, instead of the custom tools needed by previous generations. This illustrates h...

Defense Lessons From the Black Basta Ransomware Playbook

The cybersecurity world was rocked last week by a massive leak of Black Basta’s internal communications that emerged from the group’s chat logs. Triggered by internal conflicts and a retaliatory data dump following attacks on Russian banks, the exposed records offer a rare glimpse into Black...

coolmathgameskids.com Cross Site Scripting vulnerability OBB-3932228

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Known Indicators of Compromise Associated with Androxgh0st Malware

Actions to take today to mitigate malicious cyber activity: 1. Prioritize patching known exploited vulnerabilities in internet-facing systems. 2. Review and ensure only necessary servers and services are exposed to the internet. 3. Review platforms or services that have credentials listed in .env...

FBI issues advisory over Play ransomware

The Federal Bureau of Investigation FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Australian Signals Directorate’s Australian Cyber Security Centre ACSC have released a joint Cybersecurity Advisory CSA about Play ransomware. According to the FBI, Play made around 300 victims...

Medical research data Advarra stolen after SIM swap

Clinical research company Advarra has reportedly been compromised after a SIM swap on one of their executives. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods involv...

Social Security Numbers leaked in ransomware attack on Ohio History Connection

The Ohio History Connection OHC has posted a breach notification in which it discloses that a ransomware attack successfully encrypted internal data servers. During the attack, the cybercriminals may have had access to names, addresses, and Social Security Numbers SSNs of current and former OHC...

Warning issued over increased activity of TrueBot malware

In a joint advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the Multi-State Information Sharing and Analysis Center MS-ISAC, and the Canadian Centre for Cyber Security CCCS have warned about newly identified TrueBot malware variants use...

Solar monitoring systems exposed: Secure your devices

Researchers who go looking for devices exposed to the Internet report "tens of thousands" of solar photovoltaic PV monitoring and diagnostic systems can be found on the web. The systems are used for everything from system optimization to performance monitoring and troubleshooting. No fewer than...

Warning issued over Royal ransomware

As part of its StopRansomware effort, the Cybersecurity and Infrastructure Security Agency CISA has published a Cybersecurity Advisory CSA about Royal ransomware. Royal ransomware is a Ransomware-as-a-service Raas that first made an appearance in January 2022. In September of that year, it began...

New Incident Report Reveals How Hive Ransomware Targets Organizations

A recent Hive ransomware attack carried out by an affiliate involved the exploitation of "ProxyShell" vulnerabilities in the Microsoft Exchange Server that were disclosed last year to encrypt an unnamed customer's network. "The actor managed to achieve its malicious goals and encrypt the...

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

The U.S. Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have released a joint advisory warning that Russia-backed threat actors hacked the network of an unnamed non-governmental entity by exploiting a combination of flaws. "As early as May 2021,...

Understanding and Mitigating Russian State-Sponsored Cyber Threats to U.S. Critical Infrastructure

Summary Actions Critical Infrastructure Organizations Should Implement to Immediately Strengthen Their Cyber Posture. • Patch all systems. Prioritize patching known exploited vulnerabilities. • Implement multi-factor authentication. • Use antivirus software. • Develop internal contact lists and...

SonicWall patches multiple SMA100 affected vulnerabilities

SonicWall has verified and patched vulnerabilities of critical and medium severity CVSS 5.3-9.8 in SMA 100 series appliances, which include SMA 200, 210, 400, 410 and 500v products. SMA 100 series appliances with WAF enabled are also impacted by the majority of these vulnerabilities.SonicWall...

All Vulnerabilities for readysetgo.mn.gov Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ki.fo Cross Site Scripting vulnerability OBB-1225647

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

kob.com Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1157275 Security Researcher Sprachlos Helped patch 21 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting kob.com website and its users. Following coordinated a...

4geo.me Open Redirect vulnerability

Open Bug Bounty ID: OBB-1153984 Security Researcher hacker22385 Helped patch 18 vulnerabilities Received 1 Coordinated Disclosure badges , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting 4geo.me website and its users. Following coordinated...

fallenfruits.co.uk Cross Site Scripting vulnerability

Open Bug Bounty ID: OBB-1153617 Security Researcher roker Helped patch 48 vulnerabilities Received 1 Coordinated Disclosure badges Received 4 recommendations , a holder of 1 badges for responsible and coordinated disclosure, found a security vulnerability affecting fallenfruits.co.uk website and...