Share

RSS

More Articles…

• From Secure Online Desktop to Cyberfero: rebranding of the leading cybersecurity company
• NIS: what it is and how it protects cybersecurity
• Advanced persistent threats (APTs): what they are and how to defend yourself
• Penetration Testing and MFA: A Dual Strategy to Maximize Security
• Penetration Testing: Where to Strike to Protect Your IT Network
• Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.
• Why IT audit and log management are important for Cybersecurity
• Red Team, Blue Team and Purple Team: what are the differences?

Categories …

• Backup as a Service (18)
  • Acronis Cloud Backup (11)
  • Veeam Cloud Connect (4)
• Cloud Conference (3)
• Cloud CRM (1)
• Cloud Server/VPS (22)
• Conferenza Cloud (4)
• Cyberfero (15)
• ICT Monitoring (5)
• Log Management (2)
• News (25)
• ownCloud (4)
• Privacy (7)
• Security (203)
  • Cyber Threat Intelligence (CTI) (8)
  • Deception (4)
  • Ethical Phishing (11)
  • Netwrix Auditor (2)
  • Penetration Test (11)
  • Posture Guard (3)
  • SOCaaS (65)
    • EDR (3)
    • SIEM (13)
    • SOAR (5)
    • UEBA (10)
  • Vulnerabilities (84)
• Web Hosting (15)

Tags

darkreading

• Ex-Oracle, Google Engineers Raise $7m From Accel for Public Launch of Simplismart to Empower AI Adoption October 17, 2024
• Illinois Joins CoSN's Trusted Learning Environment (TLE) State Partnership Program for Student Data Privacy October 17, 2024
• Swift to Launch AI-Powered Fraud Defence to Enhance Cross-Border Payments October 17, 2024
• Hong Kong Crime Ring Swindles Victims Out of $46M October 17, 2024
  The scammers used real-time deepfakes in online dating video calls to convince the victims of their legitimacy.
• Internet Archive Slowly Revives After DDoS Barrage October 17, 2024
  Days after facing a major breach, the site is still struggling to get fully back on its feet.
• 4 Ways to Address Zero-Days in AI/ML Security October 17, 2024
  As the unique challenges of AI zero-days emerge, the approach to managing the accompanying risks needs to follow traditional security best practices but be adapted for AI.
• Anonymous Sudan Unmasked as Leaders Face Life in Prison October 17, 2024
  US officials disrupted the group's DDoS operation and arrested two individuals behind it, who turned out to be far less intimidating than they were made out to be in the media.
• Is a CPO Still a CPO? The Evolving Role of Privacy Leadership October 17, 2024
  Has the role of chief privacy officer become something more than it was? And is it still a role that just one person can handle?
• Iran's APT34 Abuses MS Exchange to Spy on Gulf Gov'ts October 17, 2024
  A MOIS-aligned threat group has been using Microsoft Exchange servers to exfiltrate sensitive data from Gulf-state government agencies.
• Chinese Researchers Tap Quantum to Break Encryption October 16, 2024
  But the time when quantum computers pose a tangible threat to modern encryption is likely still several years away.

Full Disclosure

• SEC Consult SA-20241009-0 :: Local Privilege Escalation via MSI installer in Palo Alto Networks GlobalProtect (CVE-2024-9473) October 10, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 09>
• APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1 October 8, 2024
  Posted by Apple Product Security via Fulldisclosure on Oct 07APPLE-SA-10-03-2024-1 iOS 18.0.1 and iPadOS 18.0.1 iOS 18.0.1 and iPadOS 18.0.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/121373. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. Media Session Available for: iPhone […]
• Some SIM / USIM card security (and ecosystem) info October 4, 2024
  Posted by Security Explorations on Oct 04Hello All, Those interested in SIM / USIM card security might find some information at our spin-off project page dedicated to the topic potentially useful: https://security-explorations.com/sim-usim-cards.html We share there some information based on the experiences gained in the SIM / USIM card security space, all in a hope this […]
• SEC Consult SA-20240930-0 :: Local Privilege Escalation via MSI Installer in Nitro PDF Pro (CVE-2024-35288) October 1, 2024
  Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Sep 30>
• Backdoor.Win32.Benju.a / Unauthenticated Remote Command Execution September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/88922242e8805bfbc5981e55fdfadd71.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Benju.a Vulnerability: Unauthenticated Remote Command Execution Family: Benju Type: PE32 MD5: 88922242e8805bfbc5981e55fdfadd71 SHA256: 7d34804173e09d0f378dfc8c9212fe77ff51f08c9d0b73d00a19b7045ddc1f0e Vuln ID: MVID-2024-0700...
• Backdoor.Win32.Prorat.jz / Remote Stack Buffer Overflow (SEH) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/277f9a4db328476300c4da5f680902ea.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Prorat.jz Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The RAT listens on TCP ports 51100,5112,5110 and runs an FTP service. Prorat uses a vulnerable component in a secondary malware […]
• Backdoor.Win32.Amatu.a / Remote Arbitrary File Write (RCE) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/1e2d0b90ffc23e00b743c41064bdcc6b.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Amatu.a Vulnerability: Remote Arbitrary File Write (RCE) Family: Amatu Type: PE32 MD5: 1e2d0b90ffc23e00b743c41064bdcc6b SHA256: 77fff9931013ab4de6d4be66ca4fda47be37b6f706a7062430ee8133c7521297 Vuln ID: MVID-2024-0698 Dropped...
• Backdoor.Win32.Agent.pw / Remote Stack Buffer Overflow (SEH) September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/68dd7df213674e096d6ee255a7b90088.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Agent.pw Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The malware listens on TCP port 21111. Third-party attackers who can reach an infected machine can send specially crafted sequential packetz […]
• Backdoor.Win32.Boiling / Remote Command Execution September 29, 2024
  Posted by malvuln on Sep 28Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/80cb490e5d3c4205434850eff6ef5f8f.txt Contact: malvuln13 () gmail com Media: x.com/malvuln Threat: Backdoor.Win32.Boiling Vulnerability: Unauthenticated Remote Command Execution Description: The malware listens on TCP port 4369. Third party adversaries who can reach an infected host, can issue single OS commands to […]
• Defense in depth -- the Microsoft way (part 88): a SINGLE command line shows about 20, 000 instances of CWE-73 September 29, 2024
  Posted by Stefan Kanthak on Sep 28Hi @ll, CWE-73: External Control of File Name or Path is a well-known and well-documented weakness. as well as demonstrate how to (ab)use just one instance of this weakness (introduced about 7 years ago with Microsoft Defender, so-called "security software") due to...