Lucene search
K

14 matches found

Microsoft Secure
Microsoft Secure
added 2023/04/07 4:0 p.m.82 views

MERCURY and DEV-1084: Destructive attack on hybrid environment

April 2023 update – Microsoft Threat Intelligence has shifted to a new threat actor naming taxonomy aligned around the theme of weather. MERCURY is now tracked as Mango Sandstorm and DEV-1084 is now tracked as Storm-1084. To learn more about the new taxonomy represents the origin, unique traits,...

9.3CVSS10.2AI score0.99999EPSS
Exploits351
The Hacker News
The Hacker News
added 2021/09/07 10:5 a.m.92 views

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

The maintainers of Jenkins—a popular open-source automation server software—have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner. T...

9.8CVSS2.2AI score0.99999EPSS
Exploits45
Rapid7 Blog
Rapid7 Blog
added 2021/09/02 3:44 p.m.179 views

Active Exploitation of Confluence Server & Confluence Data Center: CVE-2021-26084

This attack is ongoing. See the Updates section at the end of this post for new information as it comes to light. On August 25, 2021, Atlassian published details on CVE-2021-26084, a critical remote code execution vulnerability in Confluence Server and Confluence Data Center. The vulnerability...

7.5CVSS0.3AI score0.99999EPSS
Exploits45
Schneier on Security
Schneier on Security
added 2021/02/15 8:50 p.m.63 views

US Cyber Command Valentine’s Day Cryptography Puzzles

The US Cyber Command has released a series of ten Valentines Day "Cryptography Challenge Puzzles." Slashdot thread. Reddit thread. And heres the archived link, in case Cyber Command takes the page down...

1.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2020/09/01 6:17 a.m.12 views

North Korea ATM Hack

The US Cybersecurity and Infrastructure Security Agency CISA published a long and technical alert describing a North Korea hacking scheme against ATMs in a bunch of countries worldwide: This joint advisory is the result of analytic efforts among the Cybersecurity and Infrastructure Security Agenc...

1.2AI score
Exploits0
CISA
CISA
added 2020/08/03 12:0 a.m.15 views

Chinese Malicious Cyber Activity

The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Defense DoD have identified a malware variant—referred as TAIDOOR—used by the Chinese government. In addition, U.S. Cyber Command has released the malware sample to the malwar...

6.9AI score
Exploits0References4
Wired Threat Level
Wired Threat Level
added 2020/07/04 1:0 p.m.15 views

Encryption-Busting EARN IT Act Advances in Senate

Plus: A massive crime bust in Europe, a warning from US Cyber Command, and more of the week's top security news...

1.4AI score
Exploits0
FireEye
FireEye
added 2019/12/04 12:0 a.m.208 views

Breaking the Rules: A Tough Outlook for Home Page Attacks (CVE-2017-11774)

Attackers have a dirty little secret that is being used to conduct big intrusions. We’ll explain how they're "unpatching" an exploit and then provide new Outlook hardening guidance that is not available elsewhere. Specifically, this blog post covers field-tested automated registry processing for...

6.8CVSS7.9AI score0.59893EPSS
Exploits2References39
The Coalfire Blog
The Coalfire Blog
added 2019/03/18 10:26 p.m.66 views

Observations from RSA Conference, 2019

Last week, the 2019 RSA Conference was held with typical energy and exuberance in San Francisco. One of the largest cybersecurity industry conferences, it had over 700 exhibiting vendors not including another 50 in their Early Stage Expo area and over 500 sessions covering a wide range of current...

2.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2019/02/22 11:35 a.m.90 views

Gen. Nakasone on US Cyber Command

Really interesting article by and interview with Paul M. Nakasone Commander of US Cyber Command, Director of the National Security Agency, and Chief of the Central Security Service in the current issue of Joint Forces Quarterly. He talks about the evolving role of US Cyber Command, and its new...

0.8AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/08/22 2:5 p.m.51 views

August 22, 2017 – Morning Cyber Coffee Headlines – “Hamilton” Edition

Good morning! Sit with Carbon Black this morning over a cup of coffee or tea and browse a few industry headlines to get the day started. We’ve got just enough information below to get you through that first cup…enjoy! August 22, 2017 - Headlines The Intelligence Community’s Top 3 Cybersecurity...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2017/08/03 11:29 a.m.30 views

Splitting the NSA and US Cyber Command

Rumor is that the Trump administration will separate the NSA and US Cyber Command. I have long thought this was a good idea. Here's a good discussion of what it does and doesn't mean...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2014/07/10 2:11 a.m.12 views

Chinese Hackers Broke into the Database of U.S. Federal Employees

Chinese hackers broke into the computer systems of United States government agency that keeps the personal information of all federal employees, according to the paper published in the New York Times. The attack occurred on the Office of Personnel Management and Senior American officials believe...

6.6AI score
Exploits0
The Hacker News
The Hacker News
added 2013/02/06 6:40 a.m.7 views

Former military adviser urged Obama to pardon Gary McKinnon

John Arquilla, a professor at the U.S. Naval Academy and former military adviser has urged President Barack Obama to pardon the British computer hacker Gary McKinnon and to recruit master hackers to US Cyber Command. Gary McKinnon faced extradition for hacking into Pentagon and Nasa systems, and...

6.8AI score
Exploits0
Rows per page
Query Builder