From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control C2 framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023...

From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

The Iranian state-sponsored group dubbed MuddyWater has been attributed to a previously unseen command-and-control C2 framework called PhonyC2 that's been put to use by the actor since 2021. Evidence shows that the custom made, actively developed framework has been leveraged in the February 2023...

Israel’s Technion Targeted by DarkBit Ransomware’s Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DarkBit ransomware is a newly emerged threat in the cybersecurity scene that has targeted Technion - Israel Institute of Technology, a prestigious academic institution in Israel. The attackers behind...

moodle.technion.ac.il Open Redirect vulnerability

Open Bug Bounty ID: OBB-646768 Description| Value ---|--- Affected Website:| moodle.technion.ac.il Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| Open Redirect / CWE-601 CVSSv3 Score:| 3.4...

surveys.sni.technion.ac.il XSS vulnerability

Vulnerable URL: http://surveys.sni.technion.ac.il/opinio/admin/confirm.do?confirmMessageKey=%22%3E%3Csvg/onload=prompt/OPENBUGBOUNTY/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa...

Vulnerability in OpenSSL - Side channel attack on modular exponentiation

A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same...

SRTT Vulnerability in BIND Software Puts DNS Protocol Security At Risk

After the Heartbleed bug that exposed half of the Internet vulnerable to hackers thereby marking as one of the largest Internet vulnerability in recent history, the critical flaw in the implementation of the DNS protocol could also represent a serious menace to the Internet security. A Serious...

Israeli Scientists develop advanced biological computer

Researchers at the Technion-Israel Institute of Technology in Haifa have created an advanced biological computer using only bio molecules such as DNA and enzymes. There's no traditional CPU or hard drive powering the bio-computer, no hardware or software, nor is there any tangible interface to th...

Israeli Scientists develop advanced biological computer

Researchers at the Technion-Israel Institute of Technology in Haifa have created an advanced biological computer using only bio molecules such as DNA and enzymes. There's no traditional CPU or hard drive powering the bio-computer, no hardware or software, nor is there any tangible interface to th...

rpi-update - Insecure Temporary File Handling Security Bypass

rpi-update - Insecure Temporary File Handling Security Bypass // source: https://www.securityfocus.com/bid/58292/info rpi-update is prone to an insecure temporary file-handling vulnerability and a security-bypass vulnerability An attacker can exploit this issue to perform symbolic-link attacks,...

rpi-update - Insecure Temporary File Handling / Security Bypass

// source: https://www.securityfocus.com/bid/58292/info rpi-update is prone to an insecure temporary file-handling vulnerability and a security-bypass vulnerability An attacker can exploit this issue to perform symbolic-link attacks, overwriting arbitrary files in the context of the affected...