Share

RSS

More Articles…

• From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company
• NIS: what it is and how it protects cybersecurity
• Advanced persistent threats (APTs): what they are and how to defend yourself
• Penetration Testing and MFA: A Dual Strategy to Maximize Security
• Penetration Testing: Where to Strike to Protect Your IT Network
• Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
• Why IT audit and log management are important for Cybersecurity
• Red Team, Blue Team and Purple Team: what are the differences?

Categories …

• Backup as a Service (18)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• Cyberfero (15)
• ICT Monitoring (5)
• Log Management (2)
• News (25)
• ownCloud (4)
• Privacy (7)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Deception (4)
  • Ethical Phishing (11)
  • Netwrix Auditor (2)
  • Penetration Test (11)
  • Posture Guard (3)
  • SOCaaS (65)
    • EDR (3)
    • SIEM (13)
    • SOAR (5)
    • UEBA (10)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

darkreading

• Is a CPO Still a CPO? The Evolving Role of Privacy Leadership October 17, 2024
  Has the role of chief privacy officer become something more than it was? And is it still a role that just one person can handle?
• Iran's APT34 Abuses MS Exchange to Spy on Gulf Gov'ts October 17, 2024
  A MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data from Gulf-state government agencies.
• Chinese Researchers Tap Quantum to Break Encryption October 16, 2024
  But the time when quantum computers pose a tangible threat to modern encryption is likely still several years away.
• 71% of Hackers Believe AI Technologies Increase the Value of Hacking October 16, 2024
• Port Raises $35M for its End-to-End Internal Developer Portal October 16, 2024
• Bad Actors Manipulate Red-Team Tools to Evade Detection October 16, 2024
  By using EDRSilencer, threat actors are able to prevent security alerts and reports getting generated.
• Hybrid Work Exposes New Vulnerabilities in Print Security October 16, 2024
  The shift to a distributed work model has exposed organizations to new threats, and a low but continuing stream of printer-related vulnerabilities isn't helping.
• Cyber Gangs Aren't Afraid of Prosecution October 16, 2024
  Challenges with cybercrime prosecution are making it easier for attackers to act with impunity. Law enforcement needs to catch up.
• What Cybersecurity Leaders Can Learn From the Game of Golf October 16, 2024
  As in golf, security requires collaboration across the entire organization, from individual contributors in each department to the executive level and the board.
• Sidewinder Casts Wide Geographic Net in Latest Attack Spree October 16, 2024
  The long-active, India-sponsored cyber-threat group targeted multiple entities across Asia, Africa, the Middle East, and even Europe in a recent attack wave that demonstrated the use of a previously unknown post-exploit tool called StealerBot.

Full Disclosure

• SEC Consult SA-20241009-0 :: Local Privilege Escalation via MSI installer in Palo Alto Networks GlobalProtect (CVE-2024-9473) October 10, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 09>
• APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1 October 8, 2024
  Posted by Apple Product Security via Fulldisclosure on Oct 07APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1 iOS 18.0.1 and iPadOS 18.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/121373. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Media Session Available for: iPhone […]
• Some SIM / USIM card security (and ecosystem) info October 4, 2024
  Posted by Security Explorations on Oct 04Hello All, Those interested in SIM / USIM card security might find some information at our spin-off project page dedicated to the topic potentially useful: https://security-explorations.com/sim-usim-cards.html We share there some information based on the experiences gained in the SIM / USIM card security space, all in a hope this […]
• SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288) October 1, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 30>
• Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/88922242e8805bfbc5981e55fdfadd71.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Benju.a Vulnerability: Unauthenticated Remote Command Execution Family: Benju Type: PE32 MD5: 88922242e8805bfbc5981e55fdfadd71 SHA256: 7d34804173e09d0f378dfc8c9212fe77ff51f08c9d0b73d00a19b7045ddc1f0e Vuln ID: MVID-2024-0700...
• Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Prorat.jz Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The RAT listens on TCP ports 51100,5112,5110 and runs an FTP service. Prorat uses a vulnerable component in a secondary malware […]
• Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Amatu.a Vulnerability: Remote Arbitrary File Write (RCE) Family: Amatu Type: PE32 MD5: 1e2d0b90ffc23e00b743c41064bdcc6b SHA256: 77fff9931013ab4de6d4be66ca4fda47be37b6f706a7062430ee8133c7521297 Vuln ID: MVID-2024-0698 Dropped...
• Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Agent.pw Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The malware listens on TCP port 21111. Third-party attackers who can reach an infected machine can send specially crafted sequential packetz […]
• Backdoor.Win32.Boiling / Remote Command Execution September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Boiling Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 4369. Third party adversaries who can reach an infected host, can issue single OS commands to […]
• Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73 September 29, 2024
  Posted by Stefan Kanthak on Sep 28Hi @ll, CWE-73: External Control of File Name or Path is a well-known and well-documented weakness. as well as demonstrate how to (ab)use just one instance of this weakness (introduced about 7 years ago with Microsoft Defender, so-called "security software") due to...