Grid-STIX: A STIX 2.1-Compliant Cyber-Physical Security Ontology for Power Grid

Modern electrical power grids represent complex cyber-physical systems requiring specialized cybersecurity frameworks beyond traditional IT security models. Existing threat intelligence standards such as STIX 2.1 and MITRE ATT&CK lack coverage for grid-specific assets, operational technology...

On Automating Security Policies with Contemporary LLMs

The complexity of modern computing environments and the growing sophistication of cyber threats necessitate a more robust, adaptive, and automated approach to security enforcement. In this paper, we present a framework leveraging large language models LLMs for automating attack mitigation policy...

anitya (=1.8.0), enosimulator (>=0.1.0 <=0.3.4) +4 more potentially affected by CVE-2023-30861 via flask (>=2.3.0 <=2.3.1)

flask PYPI version =2.3.0, =0.1.0, =0.2.0, =0.0.26, =0.0.1, =5.2.0.dev799, =5.2.1 Source cves: CVE-2023-30861 Source advisory: OSV:PYSEC-2023-62...

anitya (=1.8.0), enosimulator (>=0.1.0 <=0.3.4) +4 more potentially affected by CVE-2023-30861 via flask (>=2.3.0 <=2.3.1)

flask PYPI version =2.3.0, =0.1.0, =0.2.0, =0.0.26, =0.0.1, =5.2.0.dev799, =5.2.1 Source cves: CVE-2023-30861 Source advisory: OSV:GHSA-M2QF-HXJV-5GPQ...

CISA Upgrades to TLP 2.0

Today, CISA officially upgraded to Traffic Light Protocol TLP 2.0, which facilitates greater information sharing and collaboration. CISA made this upgrade in accordance with the recommendation from the Forum of Incident Response and Security Teams to upgrade to TLP 2.0 by January 2023. Key TLP 2....

CISA Publishes User Guide to Prepare for Nov. 1 Move to TLP 2.0

CISA has published its Traffic Light Protocol 2.0 User Guide and Traffic Light Protocol: Moving to Version 2.0 fact sheet in preparation for its November 1, 2022 move from Traffic Light Protocol TLP Version 1.0 to TLP 2.0. Managed by the Forum of Incident Response and Security Teams FIRST, TLP is...

new packages: stix-fonts

An update is available for stix-fonts. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Update: Destructive Malware Targeting Organizations in Ukraine

Summary Actions to Take Today: • Set antivirus and antimalware programs to conduct regular scans. • Enable strong spam filters to prevent phishing emails from reaching end users. • Filter network traffic. • Update software. • Require multifactor authentication. Updated April 28, 2022 This advisor...

skinny-stix-low.dostavka2.me Cross Site Scripting vulnerability OBB-2123514

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

This Week in Security News - July 23, 2021

StrongPity APT Group Deploys Android Malware for the First Time and STIX Cyberthreat Sharing Standards Approved...

Update to CISA-FBI Joint Cybersecurity Advisory on DarkSide Ransomware

CISA and the Federal Bureau of Investigation FBI have updated Joint Cybersecurity Advisory AA21-131A: DarkSide Ransomware: Best Practices for Preventing Disruption from Ransomware Attacks, originally released May 11, 2021. This update provides a downloadable STIX file of indicators of compromise...

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

CISA has updated AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations, originally released December 17. This update states that CISA has evidence of, and is currently investigating, initial access vectors in addition to...

Partner Perspectives: Accelerated Alert Handling from Syncurity and Carbon Black

JP Bourget is the Founder and CSO of Syncurity. One of the key Security Orchestration, Automation and Response SOAR use cases I see every day is alert handling. As more and more organizations adopt EDR solutions, like those offered by Carbon Black, Syncurity IR-Flow is able to speed up the alert...

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module --coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Date: 2019-17-02 Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link:...

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module Exploit

Exploit for php platform in category web applications --coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link: https://www.misp-project.org/download/ Version: 2.4.90 - 2.4.99...

MISP 2.4.97 SQL Injection / Command Injection

--coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Date: 2019-17-02 Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link: https://www.misp-project.org/download/ Version: 2.4.90 - 2.4.99 Tested on: 2.4.97 CVE: CVE-2018-19908...

MISP 2.4.97 - SQL Command Execution via Command Injection in STIX Module

--coding:utf-8-- Exploit Title: SQL command execution via command injection in STIX module Date: 2019-17-02 Exploit Author: Tm9jdGlz Vendor Homepage: https://www.misp-project.org/ Software link: https://www.misp-project.org/download/ Version: 2.4.90 - 2.4.99 Tested on: 2.4.97 CVE: CVE-2018-19908...

CVE-2018-19908

An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php the STIX 1 import code, an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filenam...

Command injection

An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php the STIX 1 import code, an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filenam...

CVE-2018-19908

An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php the STIX 1 import code, an unescaped filename string is used to construct a shell command. This vulnerability can be abused by a malicious authenticated user to execute arbitrary commands by tweaking the original filenam...