Bloodhound walkthrough. A Tool for Many Tradecrafts

A walkthrough on how to set up and use BloodHound BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors whic...

Authorization Bypass

Linux kernel is vulnerable to authorization bypass attacks. This is due to disabled external interrupts in Linux kernel built with the KVM visualization support CONFIGKVM, with nested visualization nVMX feature enabled nested=1. A local guest attacker could obtain read and write access to the...

EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1513)

According to the versions of the kernel packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the USB-MIDI Linux kernel driver: a double-free error could be triggered for the 'umidi' object. A...

Pacbot - Platform For Continuous Compliance Monitoring, Compliance Reporting And Security Automation For The Cloud

Policy as Code Bot PacBot is a platform for continuous compliance monitoring, compliance reporting and security automation for the cloud. In PacBot, security and compliance policies are implemented as code. All resources discovered by PacBot are evaluated against these policies to gauge policy...

Exploring botnets in VR

By Asaf Nadler & Lior Lahav Botnets often use domain generation algorithms DGAs to select a domain name, which bots use to establish communication channels with their command and control servers C2. Since Akamai analyzes over 2.2 trillion DNS requests per day, and detects thousands of active...

DOGE - Darknet Osint Graph Explorer

DOGE Darknet Osint Graph Explorer Still in dev, works right. You should use this in addtion to Darknet OSINT Transform Pay attention here Query prototype: SELECT DISTINCT customcolumnname AS input, anothercustomname AS output FROM sometable, obviously you can add other options as WHERE, ORDER BY,...

Open Positioner: my new project for tracking IT and security jobs

The idea of my new project is to retrieve the data from job-searching websites and provide better filtering, searching and visualization. I think for the most people who read this, searching for a job in Internet is a pretty common activity. Even if you are not going to change job right now, it...

Splunk Discovery Day Moscow 2018

Today I attended the Splunk Discovery Day 2018 conference. It is something like a local equivalent of the famous Splunk .conf. More than 200 people have registered. The event was held in the luxury Baltschug Kempinski hotel in the very center of Moscow with a beautiful view of the Red Square and...

What You Should Look For in a Next-Generation Security Solution

Today’s businesses face a unique set of challenges. They want security that works and is easy to implement and manage but, frequently, are working with a limited budget and resources. Many organizations know their current antivirus solution has gaps, but don’t know where to begin in the search fo...

The vulnerability of the encryption module for internal data in Philips e-Alert Unit software solutions allows a intruder to gain full access to the device’s data.

The vulnerability of the encryption module for internal data in Philips e-Alert Unit medical visualization systems arises from the rigid encoding of the cryptographic key used for encrypting internal data. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full...

Researchers Shine Light on Smart-Bulb Data Theft

Lightbulbs were invented to do one thing: illuminate a room or a space. Cybercriminals, however, may find that these glass miracles can be used to shed light in a more metaphorical sense – to spy on users’ private data and preferences. The light emitted by modern smart bulbs can be used in two...

Subdomain Enumeration Tool: Amass

Amass is the subdomain enumeration tool with the greatest number of disparate data sources that performs analysis of the resolved names in order to deliver the largest number of quality results. Amass performs scraping of data sources, recursive brute forcing, crawling of web archives, permuting...

LogonTracer - Investigate Malicious Windows Logon By Visualizing And Analyzing Windows Event Log

Investigate malicious logon by visualizing and analyzing Windows active directory event logs. Concept LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occur...

CloudMapper - Tool To Analyze Your Amazon Web Services (AWS) Environments

CloudMapper helps you analyze your Amazon Web Services AWS environments. The original purpose was to generate network diagrams and display them in your browser. It now contains more functionality. Demo:https://duo-labs.github.io/cloudmapper/ Intro...

Akamai Welcomes Girls Who Code

Akamai employees in Cambridge have started to see some new faces around the office for the summer - 20+ high school juniors to be specific! For the fourth consecutive year, Akamai is partnering with Girls Who Code to host a seven-week long summer immersion program dedicated to closing the gender...

Visualizing Windows Active Directory Event Logs: LogonTracer

Investigate malicious logon by visualizing and analyzing Windows active directory event logs. LogonTracer associates a host name or an IP address and account name found in logon-related events and displays it as a graph. This way, it is possible to see in which account login attempt occurs and...

Satellite Tracking Application: Gpredict

Gpredict is a real-time satellite tracking and orbit prediction application. It can track a large number of satellites and display their position and other data in lists, tables, maps, and polar plots radar view. Gpredict can also predict the time of future passes for a satellite, and provide you...

Security Bulletin: A security vulnerability has been identified in IBM Rational Application Developer shipped with IBM Business Modeler (CVE-2015-7439)

Summary IBM Rational Application Developer is shipped as a component of IBM Business Modeler. Information about a security vulnerability affecting IBM Rational Application Developer has been published in a security bulletin. Vulnerability Details Consult the security bulletin Cross-Site Scripting...

Oracle Fusion Middleware Data Visualization Desktop Component Denial of Service Vulnerability

Oracle Fusion Middleware is a suite of business innovation platforms for enterprise and cloud environments from Oracle that provides middleware, software collections, and more.Data Visualization Desktop is one of a suite of visual data exploration desktop tools for quickly analyzing and...

CVE-2018-2834

Vulnerability in the Oracle Data Visualization Desktop component of Oracle Fusion Middleware subcomponent: Security. The supported version that is affected is 12.2.4.1.1. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Data...