Lucene search
K

21 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/04/03 1:0 p.m.42 views

CVE-2024-0394: Rapid7 Minerva Armor Privilege Escalation (FIXED)

Rapid7 is disclosing CVE-2024-0394, a privilege escalation vulnerability in Rapid7 Minerva’s Armor product family. Minerva uses the open-source OpenSSL library for cryptographic functions and to support secure communications. The root cause of this vulnerability is Minerva’s implementation of...

4.3CVSS8.1AI score0.00234EPSS
Exploits0
MSRC
MSRC
added 2023/02/07 12:24 a.m.37 views

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center MSRC, BlueHat is where the security research community, and Microsoft security professionals, come...

1.1AI score
Exploits0
MSRC
MSRC
added 2023/02/06 8:0 a.m.13 views

BlueHat 2023: Connecting the security research community with Microsoft

We’re excited to welcome more than 400 members of the security research community from around the world to Redmond, Washington for BlueHat 2023. Hosted by the Microsoft Security Response Center MSRC, BlueHat is where the security research community, and Microsoft security professionals, come...

6.8AI score
Exploits0
MSRC
MSRC
added 2022/10/13 2:0 p.m.24 views

BlueHat 2023 Call for Papers is Now Open!

For nearly 20 years, BlueHat has been where the security research community, and Microsoft security professionals come together as peers, to share, debate, challenge, learn, and exchange ideas in the interest of creating a safer and more secure world for all. We are extremely excited to announce...

2AI score
Exploits0
MSRC
MSRC
added 2022/10/13 7:0 a.m.19 views

BlueHat 2023 Call for Papers is Now Open!

For nearly 20 years, BlueHat has been where the security research community, and Microsoft security professionals come together as peers, to share, debate, challenge, learn, and exchange ideas in the interest of creating a safer and more secure world for all. We are extremely excited to announce...

1.8AI score
Exploits0
CISA
CISA
added 2021/07/30 12:0 a.m.35 views

CISA Announces Vulnerability Disclosure Policy (VDP) Platform

CISA has announced the establishment of its Vulnerability Disclosure Policy VDP Platform for the federal civilian enterprise, which will allow the Federal Civilian Executive Branch to coordinate with the civilian security research community in a streamlined fashion. The VDP Platform provides a...

7AI score
Exploits0References1
ThreatPost
ThreatPost
added 2021/03/25 8:4 p.m.35 views

Microsoft Offers Up To $30K For Teams Bugs

Microsoft wants to send the message the company is serious about the security of its popular Teams desktop application and it’s willing to put some cash behind the talk. A new bug-bounty program offers up to $30,000 for security vulnerabilities, with top payouts going to those with the most...

Exploits0References9
Microsoft Secure
Microsoft Secure
added 2021/01/28 5:0 p.m.162 views

ZINC attacks against security researchers

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private offensive securit...

8.5AI score
Exploits0
Krebs on Security
Krebs on Security
added 2020/10/02 6:20 p.m.20 views

Attacks Aimed at Disrupting the Trickbot Botnet

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/08/08 12:30 p.m.34 views

PhishingKitTracker - Let's Track Phishing Kits To Give To Research Community Raw Material To Stud

An extensible and freshly updated collection of phishingkits for forensics and future analysis topped with simple stats Disclaimer This repository holds a collection of Phishing Kits used by criminals to steal user information. Almost every file into the raw folder is malicious so I strongly...

7AI score
Exploits0References2
ThreatPost
ThreatPost
added 2020/08/06 11:18 a.m.65 views

U.S. Offers Reward of $10M for Info Leading to Discovery of Election Meddling

The U.S. government is concerned about foreign interference in the 2020 election, so much so that it will offer a reward of up to $10 million for anyone providing information that could lead to tracking down potential cybercriminals aiming to sabotage the November vote. The U.S. Department of...

0.5AI score
Exploits0References14
MSRC
MSRC
added 2020/07/24 7:0 a.m.12 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

1.4AI score
Exploits0
MSRC
MSRC
added 2020/07/24 7:0 a.m.11 views

Updates to the Windows Insider Preview Bounty Program

Partnering with the research community is an important part of Microsoft’s holistic approach to defending against security threats. Bounty programs are one part of this partnership, designed to encourage and reward vulnerability research focused on the highest impact to customer security. The...

6.9AI score
Exploits0
Trellix
Trellix
added 2019/10/14 12:0 a.m.10 views

McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money

ARCHIVED STORY McAfee ATR Analyzes Sodinokibi aka REvil Ransomware-as-a-Service – Follow The Money By John Fokker · October 14, 2019 Episode 3: Follow the Money This is the third installment of the McAfee Advanced Threat Research ATR analysis of Sodinokibi and its connections to GandCrab, the mos...

6.6AI score
Exploits0
ThreatPost
ThreatPost
added 2019/04/04 11:0 a.m.71 views

SAS 2019 to Tackle APTs, Supply Chains and More

Kaspersky Lab’s Security Analyst Summit kicks off in Singapore next week, where elite researchers, top cybersecurity firms and global law-enforcement agencies will discuss today’s biggest cybersecurity threats and how best to squash them. This year marks the first time the global security...

0.1AI score
Exploits0References3
MSRC
MSRC
added 2018/06/12 7:0 a.m.5 views

Draft of Microsoft Security Servicing Commitments for Windows

Updated September 10, 2018 The Servicing Criteria for Windows has transitioned to an official document and can be found at the link below. Microsoft thanks the members of the research community who provided feedback on the draft copy. Microsoft Security Servicing Criteria for Windows...

3.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/03/14 11:58 p.m.34 views

Sharing research and discoveries at PWN2OWN

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate world-class skills and vie for...

7.1AI score
Exploits0
ThreatPost
ThreatPost
added 2017/03/15 4:59 p.m.11 views

Intel, Microsoft Announce New Bug Bounties

Intel announced its first bug bounty program, offering up to $30,000 to researchers who find critical vulnerabilities in its hardware. The invite-only program, which is being run on the HackerOne platform, was announced today at the CanSecWest conference in Vancouver. Intel said its software,...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/08/02 9:0 a.m.12 views

Kaspersky Lab Bug Bounty Program Launches

LAS VEGAS – Kaspersky Lab today at Black Hat USA 2016 announced the launch of a public bug bounty, one of the few offered by a software vendor in the computer security industry. The bounty begins tomorrow on the HackerOne platform, and the first phase will run for six months. The company said tha...

8.3AI score
Exploits0References2
ThreatPost
ThreatPost
added 2014/04/21 3:45 p.m.8 views

CloudFlare Launches Bug Bounty Program

As the OpenSSL heartbleed saga unfolded over the last couple of weeks, one of the companies that was at the forefront of figuring out the scope and effects of the problem was CloudFlare. The company put up a challenge server, asking researchers to hit it with the heartbleed exploit to determine...

0.3AI score
Exploits0References4
Rows per page
Query Builder