EUVD-2023-50897

Malicious code in bioql PyPI...

CVE-2023-46713

An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may allow an attacker to forge traffic logs via a crafted URL of the web application...

CVE-2023-46713

An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may allow an attacker to forge traffic logs via a crafted URL of the web application...

CVE-2023-46713

An improper output neutralization for logs in Fortinet FortiWeb 6.2.0 - 6.2.8, 6.3.0 - 6.3.23, 7.0.0 - 7.0.9, 7.2.0 - 7.2.5 and 7.4.0 may allow an attacker to forge traffic logs via a crafted URL of the web application...

CVE-2022-38374

A improper neutralization of input during web page generation 'cross-site scripting' in Fortinet FortiADC 7.0.0 - 7.0.2 and 6.2.0 - 6.2.4 allows an attacker to execute unauthorized code or commands via the URL and User fields observed in the traffic and event logviews...

Red Team’s SIEM: RedELK

Red Team’s SIEM – easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. When performing multi-month, multi-C2teamserver and multi-scenario red team operations, you are working with an...

Contain Attacks in Real Time with Live Response in Cb Defense

Endpoint security is broken. Yes, you’ve heard it before - traditional, signature-based antivirus AV can’t keep up with the volume of new malware and advanced attack methods being developed by cyber criminals every day. And that’s absolutely true. But a report published last year highlights an ev...

XcodeGhost iOS App Malware Contained

Concern over the so-called XcodeGhost malware has put the security of Apple’s App Store on the front page. While the App Store was not hacked, attackers did manage to append malicious code to a number of popular apps—most of those developed in China—and find a loophole in Apple’s code-scanning to...

Accidentally invented - Dos attack using Google Spreadsheets

Panos Ipeirotis, a computer scientists working at New York University,attack on his Amazon web service using Google Spreadsheets and Panos Ipeirotis checked his Amazon Web Services bill last week - its was $1,177.76 ! He had accidentally invented a brand new type of internet attack, thanks to an...