ThreatChat ThreatHistory Video Feed

Clop ransomware suspects busted in Ukraine, money and motors seized

“Face of Anonymous” suspect deported from Mexico to face US hacking charges

ALPACA – the wacky TLS security vulnerability with a funky name

S3 Ep36: Trickbot coder busted, passwords cracked, and breaches judged [Podcast]

Chrome zero-day, hot on the heels of Microsoft’s IE zero-day. Patch now!

How could the FBI recover BTC from Colonial’s ransomware payment?

Latvian woman charged with writing malware for the Trickbot Group

How to hack into 5500 accounts… just using “credential stuffing”

S3 Ep35: Apple chip flaw, Have I Been Pwned, and Covid tracker trouble [Podcast]

“Have I Been Pwned” breach site partners with… the FBI!

Peloton Bike+ Bug Gives Hackers Complete Control

Millions of Connected Cameras Open to Eavesdropping

Euros Football Fever Nets Dumb Passwords

Avaddon Ransomware Gang Evaporates Amid Global Crackdowns  

IKEA Fined $1.2M for Elaborate ‘Spying System’

Ransomware Poll: 80% of Victims Don't Pay Up

Takeaways from the Colonial Pipeline Ransomware Attack

5 Tips to Prevent and Mitigate Ransomware Attacks

Researchers: Booming Cyber-Underground Market for Initial-Access Brokers

Microsoft Teams: Very Bad Tabs Could Have Led to BEC

DarkSide Pwned Colonial With Old VPN Password

Mysterious Custom Malware Collects Billions of Stolen Data Points

Steam Gaming Platform Hosting Malware

Microsoft Disrupts Large, Cloud-Based BEC Campaign

Telegram Fraudsters Ramp Up Forged COVID-19 Vaccine Card Sales

Spotlight on Cybercriminal Supply Chains

Breaking Down Joe Biden's $10B Cybersecurity 'Down Payment'

CISOs Prep For COVID-19 Exposure Notification in the Workplace

From Triton to Stuxnet: Preparing for OT Incident Response

Utilities 'Concerningly' at Risk from Active Exploits

Lewd Phishing Lures Aimed at Business Explode

CISOs Struggle to Cope with Mounting Job Stress

Verizon: Pandemic Ushers in ⅓ More Cyber Misery

Insider Risks In the Work-From-Home World

SASE & Zero Trust: The Dream Team

Podcast: The State of Ransomware

Effective Adoption of SASE in 2021

Where Bug Bounty Programs Fall Flat

Podcast: Microsoft Exchange Server Attack Onslaught Continues

Podcast: Ransomware Attacks Exploded in Q4 2020

Chinese Hackers Hijacked NSA-Linked Hacking Tool: Report

National Surveillance Camera Rollout Roils Privacy Activists

Malware Gangs Partner Up in Double-Punch Security Threat

How Email Attacks are Evolving in 2021

Patrick Wardle on Hackers Leveraging 'Powerful' iOS Bugs in High-Level Attacks

Ransomware and IP Theft: Top COVID-19 Healthcare Security Scares

How the Pandemic is Reshaping the Bug Bounty Landscape

Experts Weigh in on E-Commerce Security Amid Snowballing Threats

Cybercriminals Step Up Their Game Ahead of U.S. Elections

A Cyber 'Vigilante' is Sabotaging Emotet's Return

2020 Cybersecurity Trends to Watch

Top Mobile Security Stories of 2019

Facebook Security Debacles: 2019 Year in Review

Biggest Malware Threats of 2019

Top 10 IoT Disasters of 2019

2019 Malware Trends to Watch

Top 2018 Security and Privacy Stories

2019: The Year Ahead in Cybersecurity

2018: A Banner Year for Breaches

Dark Reading | Security | Protect The Business

Dark Reading | Security | Protect The Business

Dark Reading | Security | Protect The Business

Russian National Convicted on Charges Related to ...

Is an Attacker Living Off Your Land?

Keeping Your Organization Secure When Dealing With ...

Don't Get Stymied by Security Indecision

Dark Reading | Security | Protect The Business

Dark Reading | Security | Protect The Business

Security Experts Scrutinize Apple, Amazon IoT Networks

Dark Reading | Security | Protect The Business

Deloitte Buys Terbium Labs to Expand Threat Intel ...

Dark Reading | Security | Protect The Business

How President Biden Can Better Defend the US From ...

Dark Reading | Security | Protect The Business

VPN Attacks Surged in First Quarter

Dark Reading | Security | Protect The Business

Google Workspace Adds Client-Side Encryption

New Top 20 Secure-Coding List Positions PLCs as ...

Know Thy Enemy: Fighting Half-Blind Against ...

Ukraine arrests Clop ransomware gang members, seizes servers

Ukraine arrests Clop ransomware gang members, seizes servers

Microsoft Defender ATP now warns of jailbroken iPhones, iPads

Microsoft Defender ATP now warns of jailbroken iPhones, iPads

Windows 11 Leaked - What we know so far about Microsoft's new OS

Apple fixes ninth zero-day bug exploited in the wild this year

Apple fixes ninth zero-day bug exploited in the wild this year

Windows 11 introduces a revamped windows snapping feature

Microsoft will release future PowerShell updates via Windows Update

Windows 11 brings four new collections of desktop backgrounds

US convicts Russian national behind Kelihos botnet crypting service

US convicts Russian national behind Kelihos botnet crypting service

Windows 11 lets you enable the classic Windows 10 Start Menu, here's how

Windows 10 KB5003698 update fixes VPN bug, blurry text issues

Peloton Bike+ vulnerability allowed complete takeover of devices

Peloton Bike+ vulnerability allowed complete takeover of devices

Avaddon ransomware's exit sheds light on victim landscape

Avaddon ransomware's exit sheds light on victim landscape

Paradise Ransomware source code released on a hacking forum

Paradise Ransomware source code released on a hacking forum

Largest US propane distributor discloses '8-second' data breach

Largest US propane distributor discloses '8-second' data breach

Google Workspace adds new phishing protection, client-side encryption

Google Workspace adds new phishing protection, client-side encryption

Windows 10 KB5001391 update causes News & Interests display issues

REvil ransomware hits US nuclear weapons contractor

REvil ransomware hits US nuclear weapons contractor

G7 leaders ask Russia to hunt down ransomware gangs within its borders

G7 leaders ask Russia to hunt down ransomware gangs within its borders

Microsoft: Scammers bypass Office 365 MFA in BEC attacks

Microsoft: Scammers bypass Office 365 MFA in BEC attacks

Windows 11 may be unveiled next week — Here's what we know

US Convicts Russian Malware-masker

Deloitte Acquires Terbium Labs

IAB Tech Lab Accused of “World’s Largest Data Breach”

Members of Clop Ransomware Gang Arrested in Ukraine

NHS Test and Trace Bolsters its Cybersecurity

Smishing: Analyzing Sophisticated Scam Methods

Football Fever Undermining Password Security

Most Ransomware Victims Hit Again After Paying

Secure Access Management: Modernize your IT Infrastructure by Maximising Productivity and Minimizing Friction

Securing your transition to the cloud

The Challenge of Remote File Transfer Security: Is Centralization the Answer?

How to secure the new world of distributed work

How to Win Cybersecurity Budget and Buy-in from the C-Suite to Mitigate Increased Level of Threat

Data Classification: The Foundation of Effective Cybersecurity

Zero Trust in 2021: How to Seamlessly Protect Your Remote and In-Office Users

How Zero Trust Enables Remote Working and Builds to a SASE Vision

Supply Chain Security: Easing the Headache of Third-Party Risk Assessments

Endpoint Strategies: Balancing Productivity and Security

Securing Remote Employee Devices with Unified Endpoint Management

What You Really Need to Know about MSSP: Busting the Myths, Mistakes and Misconceptions

NATO Warns it Will Consider a Military Response to Cyber-Attacks

REvil Claims Responsibility for Invenergy Hack

IKEA Fined $1.2m for Spying on Employees

VW Vendor Leaves Data Unsecured

No Two REvil Attacks Are the Same, Sophos Warns

“Homeless Hacker” Arrested

Defining the Zero Trust and SASE Relationship

Securing Active Directory in a Hybrid Identity Environment

Building a Privileged Access Management Strategy for the Post-COVID World

How To Navigate the Critical Intersection Between Data Security and Data Privacy

McDonald’s Suffers Data Breach

IoT Supply Chain Bug Hits Millions of Cameras

Marketplace Selling Stolen Credentials Is Dismantled

Fake Online Reviews Linked to $152 Billion in Global Purchases

Third of Staff Use Security Workarounds at Home

Law enforcement raids ransomware group that targeted US universities

Deloitte acquires online antifraud firm Terbium Labs

State and local govts granted free access to timely, in-depth cyber intel

TSA offers peek at second pipeline directive

UChecker tool scans Linux servers for outdated libraries

C-suites adapt to ransomware as a cost of doing business

SW Labs | Overview: Attack Surface Management

SW Labs | Test methodology: Attack Surface Management

SW Labs | Review: RiskIQ PassiveTotal

Cyberattacks threaten big losses and PR crises for financial services firms

‘Devastating’ impact: CRAE Index shows accelerating breach damage

Health care organizations funnel dollars into security amid pandemic

Dawn Cappelli: ‘A CISO needs to bring business value to the company’

CISOs reveal tips for a diverse and inclusive workforce

Cloud Security Task Force to provide guidance for digital transformation

The new normal in cyber threat trends

How to build a zero trust ecosystem

Why enterprises are increasing cybersecurity budgets for 2021

Four ways to shut down cyberattacks following mergers and acquisitions

Leverage automation to streamline compliance and elevate security

A practitioner’s guide to managing and measuring compliance risk

Online map visualizes the widespread presence of automated ransomware

ServiceNow partners with ZScaler for remote access security

One of ransomware's top negotiators would rather you not have to hire him

Motives for ransomware attack against nuclear contractor remain unclear

How far apart are the US and Russia from agreeing to cyber rules?

Notification no-nos: What to avoid when alerting customers of a breach

Nasty Linux systemd root level security bug revealed and patched

Police Bust Major Ransomware Gang Cl0p

Digital ad industry accused of huge data breach

Peloton Bike+ Was Vulnerable to Remote Hacking, McAfee Says

SAP Solution Manager 7.20 Missing Authorization

Red Hat Security Advisory 2021-2439-01

SAP Netweaver JAVA 7.50 Missing Authorization

Red Hat Security Advisory 2021-2417-01

SAP XMII Remote Code Execution

Hashcat Advanced Password Recovery 6.2.2 Source Code

SAP Solution Manager 7.2 Missing Authorization

SAP Solution Manager 7.2 File Disclosure / Denial Of Service

SAP Wily Introscope Enterprise Default Hard-Coded Credentials

Client Management System 1.1 SQL Injection

Client Management System 1.1 Cross Site Scripting

Red Hat Security Advisory 2021-2420-01

IPFire 2.25 Remote Code Execution

HashiCorp Nomad Remote Command Execution

SAP Wily Introscope Enterprise OS Command Injection

Ubuntu Security Notice USN-4988-1

Red Hat Security Advisory 2021-2419-01

Brother BRPrint Auditor 3.0.7 Unquoted Service Path

Red Hat Security Advisory 2021-2286-01

Red Hat Security Advisory 2021-2422-01

SAP Hybris eCommerce Information Disclosure

Red Hat Security Advisory 2021-2416-01

Red Hat Security Advisory 2021-2414-01

Facebook awards $30,000 bounty for exploit exposing private Instagram content

Utilities 'Concerningly' at Risk from Active Exploits

Apple Hurries Patches for Safari Bugs Under Active Attack

Critical remote code execution flaw in thousands of VMWare vCenter servers remains unpatched

TimeCache aims to block side-channel cache attacks – without hurting performance • The Register

Volkswagen, Audi disclose data breach impacting over 3.3 million customers, interested buyers

WhatsApp boss decries attacks on encryption as Orwellian | WhatsApp

Irish police to be given powers over passwords

Ransomware: Russia told to tackle cyber criminals operating from within its borders

Best Buy’s Bogus RTX 3070 Ti Launch? Even Bots Never Saw It Go on Sale | by PCMag | PC Magazine | Jun, 2021 | Medium

Amazon Is Opening Its First Full-Size Grocery Store With ‘Just Walk Out’ Shopping | by PCMag | PC Magazine | Jun, 2021 | Medium

Apple Still Has a Privacy Problem | by PCMag | PC Magazine | Jun, 2021 | Medium

Will “data poisoning” be a particularly dangerous type of computer-made misinformation? | by Christopher Brennan | Deepnews.ai | Jun, 2021 | Medium

Christopher Brennan – Medium

Apple Still Has a Privacy Problem | by PCMag | PC Magazine | Jun, 2021 | Medium

Your stimulus check has been returned 2 times (spam) | by Ruining All My Branding | Infoseconds | Jun, 2021 | Medium

Credit Card Support | Unlock: The Web’s new business model | by Julien Genestoux | Unlock | Jun, 2021 | Medium

Unlock – Medium

React Authentication: How to Store JWT in a Cookie | by Ryan Chenkie | Medium

Don't Have Your Bitcoin Hacked! MyCrypto’s Security Guide For Dummies And Smart People Too | by Taylor Monahan | MyCrypto

Heartland Community College Budgets $1 Million For Cybersecurity After Ransom Attack – NDRdaily

Pwning Home Router - Linksys WRT54G | Elon Gliksberg

Cryptology ePrint Archive: Report 2021/819 - Cryptanalysis of the GPRS Encryption Algorithms GEA-1 and GEA-2

Crwe World | Russian National Convicted of Charges Relating to Kelihos Botnet

Community-Papers/Registry Analysis at master · AXI4L/Community-Papers · GitHub

DEF CON 29 in-person is a Go! -

DEF CON Forums

Andrew Appel on New Hampshire’s Election Audit - Schneier on Security

Geico data breach exposed customers' driver's license numbers

Online sex crimes crisis in South Korea affecting all women, report finds | South Korea | The Guardian

I’m putting a WiFi router into a wall charger (Part 1) | by Ryan Walker | Jun, 2021 | Medium

Woman dies after family pays imposter to perform surgery at Pakistan hospital | The Independent

[45] Mul-T-Lock Interactive 5 Pin In Pins (Serrated) Picked, Gutted & Explained + Lockcam - YouTube

Microsoft ADCS – Abusing PKI in Active Directory Environment - RiskInsight

Detecting SQL and XSS Web Application Attacks with Splunk | TryHackMe Splunk 2 - YouTube

Rescue Your Amazon Dash Buttons – Chris Mullins

Eva DPI padlock picked - YouTube

Abus EC75 padlock picked - YouTube

The origins of social anxiety - YouTube

Hacker's guide to deep-learning side-channel attacks: code walkthrough

Python Cybersecurity— Network Tracking using Wireshark and Google Maps | by Vinsloev | May, 2021 | Medium

Unauthenticated Gitlab SSRF | Vin01’s Blog

What are Evasion Technique and its classification?

How to start a successful phishing simulation program – PhishDeck

Ukraine arrests Clop ransomware gang members, seizes servers

Upcoming Speaking Engagements - Schneier on Security

TikTok Can Now Collect Biometric Data - Schneier on Security

Friday Squid Blogging: Fossil of Squid Eating and Being Eaten - Schneier on Security

FBI/AFP-Run Encrypted Phone - Schneier on Security

Detecting Deepfake Picture Editing - Schneier on Security

Information Flows and Democracy - Schneier on Security

Vulnerabilities in Weapons Systems - Schneier on Security

The Supreme Court Narrowed the CFAA - Schneier on Security

RetroArch for Windows - Versions 1.9.0 - 1.9.4

With Cyber Threat Intelligence, Foresight is 20/20

Finding Privilege Escalation Vulnerabilities in Windows using Process Monitor - Wiki - VulWiki

GitHub - google/fully-homomorphic-encryption: Libraries and tools to perform fully homomorphic encryption operations on an encrypted data set.

Remote Browser Isolation: How does it work? - Instasafe

Adversary emulation with Prelude Operator and Elastic Security | Elastic Blog

virusbtn: We're thrilled that @likethecoins will be giving the opening keynote at #VB2021 #vblocalhost. Katie's goal is to bring threat intel down from the ivory tower and focus on making it accessible and useful for everyone. Register now for free! https://t.co/oAOED8Vgyl https://t.co/0JlgzvYzQG

virusbtn: In celebration of its 10th anniversary, @CERTEU has published its first annual TLP:WHITE threat landscape report - which reviews the 2020 cyber threat landscape. https://t.co/SE3uZpTN7q https://t.co/r0slBQRmFy

virusbtn: Security researcher @BushidoToken writes about a long-running SharePoint phishing campaign. https://t.co/1sQeViD27S https://t.co/OGQFrcEDR6

virusbtn: McAfee researchers urge organizations to take steps to secure not only internet exposed systems, but also internal systems, to minimize the risk of losing precious VMs. https://t.co/hCV3WzvHvZ https://t.co/K1NyEF8PoM

virusbtn: Cisco Talos researchers reveal the most prevalent threats they observed between 4 and 11 June. https://t.co/oNBmFj5SCq https://t.co/ta6c2fOUrm

MITREattack: @Kurt_theTurk If you see evidence of it being used in the wild, it just might be.

MITREattack: ❤️ macOS security? Check out the witty conversation between our very own @coolestcatiknow & the @MacAdmPodcast crew diving into challenges, trends, and opportunities to use ATT&CK to help secure Apple devices. https://t.co/dlorKdmijR

SpecterOps: Our latest post from @zyn3rgy on Proxy Windows Tooling via SOCKS is now live on the blog. Nick covers how routing your Windows tooling through SOCKS can lessen potential pain points in offensive workflows. Read more here: https://t.co/nt42s7IAJR

TalosSecurity: Cisco Talos recently discovered an exploitable information disclosure vulnerability in EIP Stack Group OpENer’s Ethernet/IP UDP handler. Here's why you should update and how @snort can protect you https://t.co/3R7kukreN7 https://t.co/iBVA7n3Poi

TalosSecurity: This Reuters article provides some excellent insight from Talos ahead of #Biden's #ransomware summit https://t.co/X7NrZJO4xY

TalosSecurity: Attackers have targeted US critical infrastructure several times over the past few years, putting at risk electrical grids, pipelines and water supply systems. Here are a few ways in which we feel these organizations can prep for the next #ColonialPipeline https://t.co/r6P8LvFZzy https://t.co/uIH2Ifl71G

MBThreatIntel: Confirmed past Magecart skimmer activity via malicious third-party JavaScript hosted at Sucuri lookalike domain sucuritester[.]com. https://t.co/UbDMFPQvxD https://t.co/Z1OJXl8Gf6

MBThreatIntel: 🚨 Malspam delivering #AgentTesla via malicious PowerPoint. ➡️ Payload: ia801509[.]us[.]archive[.]org/15/items/black3_202106/black1.txt ➡️ Panel: 103.114.107[.]28/master/black/login.php https://t.co/1QEeKOt9qh

MBThreatIntel: ℹ️ #EpsilonRed attempts to uninstall security products via a PowerShell script before launching its #ransomware payload. Malwarebytes Tamper Protection will prevent this: https://t.co/rEVixn5a6R

anyrun_app: @James_inthe_box @nao_sec @ShadowChasing1 👌

anyrun_app: TOP10 last week's threats by uploads ⬆️ #Redline 291 (183) ⬆️ #Njrat 286 (217) ⬆️ #Lokibot 125 (85) ⬆️ #AsyncRAT 108 (103) ⬇️ #Formbook 102 (147) ⬆️ #Nanocore 94 (81) ⬆️ #Vidar 93 (44) ⬆️ #DCrat 70 (69) ⬇️ #Raccoon 60 (108) ⬇️ #AgentTesla 54 (60) https://t.co/98nRpXOxWw

QuoIntelligence: #Microsoft released 49 #patches, including for 6 zero-day #vulnerabilities exploited in the wild. Further, #G7 nations reached a deal on globalized taxation rules for multinationals that might extend to other countries. Read the summary here: https://t.co/vfDOPWHYor

JAMESWT_MHT: #scam #fraud #phishing #italy <Informazioni sulla mancata consegna> news.ricompensaunica.[com/re?l= ❇️hXXps://notizieattendibili.com/pb7tlreq/?ref=it-ec3-eux-8cuujx&source=ec hXXps://my.budgetsupervise[.com/payment/initiate? https://t.co/bxVBzwwLM4

JAMESWT_MHT: "FIRST INTERNATIONAL BANK OF ISRAEL LTD (FIBI)" <Re: message Project -200655> 😱$13,609,000.00USD 😱 #scam #fraud 🔽🔽🔽 https://t.co/VWTsblAA0R

JAMESWT_MHT: @pollo290987 Mentioned Samples https://t.co/rCSevTjjKs #smokeloader https://t.co/FvoUJLsC1L #RedLineStealer https://t.co/PrZxzTrmHT https://t.co/Wu0gCdGICH #Socelars https://t.co/AndTm3c22p #Plugx https://t.co/a7es4lMxIA #Vidar https://t.co/sBqKocyQEi etc cc @verovaleros @felixw3000 https://t.co/OlOcrf5Lar

cyb3rops: Oh my … Win11 doesn’t look for drive A:\ anymore but D:\ instead when you click the „Have Disk..“ button in the driver update menu - the times they are a-changin' https://t.co/Jq7PLmQHOq

cyb3rops: @LibertyLucas26 Um die Menschheit vor der vermeintlichen Ausrottung zu bewahren, ist jedes Mittel recht und kein persönliches Befinden ein Hindernis - die einen erkennen das früher, die anderen erst zu spät

RedDrip7: @ulexec This exploit affects system with CVE-2021-26868 patched. @mavillon1

inj3ct0r: #0daytoday #DiskSorter Server 13.6.12 - (Disk Sorter Server) Unquoted Service Path #Vulnerability https://t.co/41QVPWaHlz

inj3ct0r: #0daytoday #DiskPulse 13.6.14 - (Multiple) Unquoted Service Path #Vulnerability https://t.co/t5dbPcaT8Y

inj3ct0r: #0daytoday #HashiCorp Nomad Remote Command Execution #Exploit #RCE https://t.co/2IGD0xPCKY

inj3ct0r: #0daytoday #IPFire 2.25 Remote Code Execution #Exploit #RCE https://t.co/oDCtfVjbVO

inj3ct0r: #0daytoday #Polkit 0.105-26 0.117-2 - Local Privilege Escalation #Exploit #LPE https://t.co/UtvyeLaaja

malwrhunterteam: @monkeyangel1406 @VK_Intel @bryceabdo @JAMESWT_MHT 0 detection on VT != clean. 😂

malwrhunterteam: @monkeyangel1406 @VK_Intel @bryceabdo @JAMESWT_MHT No, not working for VT. Tweets like that is just sharing hashes / IPs / etc that can be interesting for other researchers...

malwrhunterteam: @iHeartMalware @NamecheapCEO @Namecheap Linked them your tweet. Good luck.

malwrhunterteam: "facebook.apk": 4f5bc915ae1d68732ff49ad6f2c58dfec2650cd4c41ea9a71c1efe6442ab65fd https://t.co/FTjbEChtWX

blackorbird: "PJobRAT" Spyware targeting Indian military personnel, which disguised as the latest version of Indian dating and marriage app Trendbanter.#APT http://XXX/count.php|/XXX/file_handler.php|/XXX/ping.php report: https://t.co/i0ttxavPh9 https://t.co/3l0eVoWxLC https://t.co/nqz22c1aUS https://t.co/ZgnPT3ut0f

blackorbird: iOS WebKit 0day exploit in wild. https://t.co/es9oOsl807 https://t.co/EEburdu5NC

wugeej: [Download URL] hxxps : //www.dropbox.com/s/a3qjawejfkhmnn1/Open%20Data.7z? dl = 0 hxxps : //www.swisstransfer.com/d/5a3e9941-1ec3-4730-938c-cf8433a7ba72 hxxps : //anonfiles.com/57Ia67zdub/Open_Data_7z hxxps : //send.cm/d/331C hxxps : //bayfiles.com/v699z5z6u3/Open_Data_7z https://t.co/YZhgALG3z9

wugeej: Open Data : 1200 data breaches from #January to #June 2021 It contains a list of 1373 domains for each country. Open Data include ID, Password, Contact, E-mail, Address, Site Map information, Corporate Finance, Material Management, etc. https://t.co/C63ambJGh7 https://t.co/myRMwZgARY

malware_traffic: @forensic_x Put the malware in a password-protected zip archive, and email it as an attachment to my blog email address

James_inthe_box: @neonprimetime There you go :)

James_inthe_box: @_antoniopirozzi @SentinelOne @MatanRudis @AmitaiBs3 @juanandres_gs @malwrhunterteam @BleepinComputer @RRBlackRussian Great work!

pmelson: @HackingLZ R32?

pmelson: @moonbas3 @KyleTDavis1 @cocaman https://t.co/kpofYgITr1

pmelson: @tylabs @PJ47596176 It’s just removal tool deployed before attempting decryption in order to prevent the ransomware from re-encrypting files.

pmelson: @jfslowik https://t.co/922LIIrTm6

pmelson: @KyleTDavis1 There’s not a definitive answer. If a whiskey has a heavier wood or spice profile, water or ice will definitely help “open it up” so you can perceive them more accurately. Glassware helps too. But 80° isn’t a hard rule. IMO a great bourbon is delicious both neat and on the rocks.

demonslay335: @jonatanlagos37 @fbgwls245 @BleepinComputer @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT Unreleated tweet dude... go read the FAQ: https://t.co/NORSVwykGo

demonslay335: @fbgwls245 @BleepinComputer @Amigo_A_ @siri_urz @malwrhunterteam @JAMESWT_MHT @cyb3rops https://t.co/wcTXqEyx8r

hackerfantastic: @pry0cc Are you using Windows 11 or just Terminal on 10?

hackerfantastic: @JamesTheMage The thing definitely called out to about 50 IP's when it was put online, I have other stuff going on right now to focus on Enterprise Windows stuff but it's nice to have a Windows 11 build to play on. Windows 11 on aarch64 ETA? :)

hackerfantastic: @Buddy2861 @Jennifer_Arcuri @pplatesrgrate Open with that next time as your comment came across as though it was. She looks great in that picture as she does most days, I am sure she might want to update it at some point - I just set the picture for her and didn't really think much of it until it was bought up.

hackerfantastic: @Buddy2861 @Jennifer_Arcuri @pplatesrgrate She doesn't have her "tits out", she's wearing a bikini and as a matter of fact I picked that photo out when helping her setup the account as I think she looks great there. I'm her husband & I don't see anything wrong with it, maybe you shouldn't be trying to slut shame others?

hackerfantastic: @JamesTheMage You'll notice that "internet connectivity is disabled" ;) It definitely phoned alot of different places when it was connected online, how much malware was packaged into it - is anyones guess. It's on my todo list to investigate that potential.

Cyb3rWard0g: @jamieantisocial @Viking_Sec @OTR_Community Thank you @jamieantisocial 🙏 @Viking_Sec we have a few projects in our public repo 😉 Also, if you arent yet in the @OTR_Community discord, there are a few open collaboration opportunities that you might be interested too 🍻 Looking forward to it! https://t.co/OfVbzRZCLO

Cyb3rWard0g: @ajpc500 @jaredhaight Thank you @ajpc500 🙏 https://t.co/inQBZuIcX9

Cyb3rWard0g: @ajpc500 @jaredhaight Thank you for sharing @ajpc500 ! Happy to see all those references helping others in the community! Very useful! 🙏🙏 https://t.co/EzlRIZde4L

Cyb3rWard0g: @_dirkjan Very interesting read @_dirkjan ! Thank you for sharing 🙏🍻

Cyb3rWard0g: @cnotin @DrAzureAD Happy to help! Also, as you mentioned, if you want to avoid 4662 events on the DC w/ DCSync, you would use a DC account. However, you first have to get the "DC account" context. That "Potentially" increases the detection scope around the main objective (AD FS DKM key extraction)

VK_Intel: @ddd1ms @euroinfosec @y_advintel @Intel471Inc @uuallan I hear their internal question counting cash: "How much money is enough money? 50 Million? 100 Million?"

VK_Intel: 🆕Breaking:🔥"The Rise & Demise of Multi-Million #Ransomware Business Empire" | Victimology from Master Key & @IntelAdvanced Cases 🌐Birth of "#Ransonomics" | #Avaddon Op Salary 1000x Russia's Median Salary | Verifiable Metrics of Intrusion | #YARA v1 https://t.co/sudRYUNBF3 https://t.co/YUWYJwWW2N

VK_Intel: On top of the decryption key development, we (@IntelAdvanced) currently doing analysis on all the known victims of #Avaddon #ransomware. 📌Please reach out to me directly - we are approaching victims as well to help w/ the efforts based on the master key info. Stop ransomware! https://t.co/01qVRqR3Bl

VK_Intel: @cybertotz @avman1995 Your jokes are top notch, cybertotz. Huge fan of your cyber puns. Keep it up!

DrunkBinary: @selenalarson https://t.co/CMFthXaCKm

DrunkBinary: @rickhholland https://t.co/hBFKSQYrZ3

Arkbird_SOLG: @KorbenD_Intel @James_inthe_box Yep @Ledtech3 you can put a vbs for automation with powercfg and so run the commands, that observed in 2018 for drops Monero miners https://t.co/SvdCUbXfTJ also used in the past for remove the Standby Mode with Kriptovo (2015) https://t.co/wAxYPI2K4G

Arkbird_SOLG: cc @cyb3rops @VK_Intel @DrunkBinary @BushidoToken @c3rb3ru5d3d53c @jfslowik @shotgunner101 @JusticeRage @h2jazi @JAMESWT_MHT @James_inthe_box @ShadowChasing1

Arkbird_SOLG: I share the Gelsemine (dropper), Gelsenicine (loader), Gelsevirine (main plug-in) yara rules and the samples of the #Gelsemium group. Samples : https://t.co/1X5qICcjKb Yara rules : https://t.co/NmpQEUoeIA Article : https://t.co/SZHRoe9Vcw

KorbenD_Intel: Cobalt Strike is in the security business too https://t.co/ebz2fw3kWR

KorbenD_Intel: @James_inthe_box @Arkbird_SOLG ever seen pwrcfg used to load malware? Or is this just a stunt? https://t.co/fFPjxvcXUW

KorbenD_Intel: I'll pass https://t.co/yaKiPRpryv

KorbenD_Intel: @malwrhunterteam @RedDrip7 Active Cobalt Strike - /Explode/themes/SA1ZBMUS3R

ShadowChasing1: #test or implant? ITW:fd6789fc8363290a59b3f649dbb48e1a filename:مصداقی.doc https://t.co/5Or6V79q4l

ShadowChasing1: #redteam ? ITW:3bc18ca83976a5efe7094a4c9abd746b filename:Emergency_Teams_meeting_event_Joining_instructions.docm C2:soccerfila[.]com https://t.co/dqMXa86qQ8

ShadowChasing1: @nao_sec @anyrun_app surely maybe i forget this ;-(

ItsReallyNick: @GossiTheDog I prefer to reserve “MFA bypass” for apex threat actors creatively subverting controls. Gotta say… I’m with the @BleepinComputer comments section on this one, but I’m biased 😎 https://t.co/LIrQGHzJUx https://t.co/VaB5NdJbMN

ItsReallyNick: @farhanible @GossiTheDog For the activity explicitly mentioned in that section? Please DM me with IPs and timestamps.

ItsReallyNick: securitybusiness - don't get it twisted

ItsReallyNick: I’m *pretty* sure the BAV2ROPC User-Agent stands for “Business Apps v2 Resource Owner Password Credential" but I’m not guessing in an official blog when the people who wrote it work here somewhere 😅 Anyway M365 Defender Research & MSTIC are hiring. Come be the friction. https://t.co/6SDz6E8eGw

ItsReallyNick: Disrupted a cross-cloud BEC campaign impacting hundreds of victims. Here’s a behind-the-scenes look at their custom tools & techniques https://t.co/ZgDKdtG6fH There’s tons more happening to disrupt cyber crime – credit for this particular write-up goes to my coauthor @Stefan0x531 https://t.co/sQcNEItnQC

cyberwar_15: #북한 #NorthKorea #프로그람 #인차 #북한식표현 #정찰총국 #라자루스 #Lazarus #박진혁 실제 공격은 민감하게 진행됐습니다. Nuri.doc 8192ee65c7cc9c19e8693a6bd29803cd 결의대회초안.doc d5e974a3386fc99d2932756ca165a451 https://t.co/KeMuc4YmY0 https://t.co/kzCMCikKlg

Manu_De_Lucia: @Marco_Ramilli ahah Marco I think it's a joke for sure this stuff. Even the author her/himself wrote "oh ok I ll change the name..." after others told her/him something like "hey, you can't use that name ..." 😄 great reading!

Manu_De_Lucia: strings based #Yara rules for the so called "Ryuk impersonator" (aka #RyukNet,#HetropoRyuk). #ransomware #malware #Ryuk https://t.co/hXMh9aSxX5 https://t.co/H5YDjZTaRN

58_158_177_102: @ken5scal 🐶? と最初。。。

58_158_177_102: @AIR3_ytakeda @waga_tw アクセスするファイル名からもLokiですね

58_158_177_102: 出社昼うどん https://t.co/Eg9QTIUn9o

IntezerLabs: Watch live https://t.co/K0vdZsEIoj Securing containers does not have to be hard when you know your blind spots. Take a journey from vulnerability to protection https://t.co/YBcUtCUO46 https://t.co/GIBtf000oD

IntezerLabs: Highly recommend @TheRecord_Media. Get my news alerts from them daily https://t.co/F8fZeDQMgH

IntezerLabs: This should be fun. Sign up for #SOCstock to watch @AbbyMCH and @Ell_o_Punk live on Jun 15 2:00 pm EDT. Take the edge off your alert fatigue https://t.co/9c8GqmPevP https://t.co/M4TWQy2KDd

aboutsecurity: @reswob10 I don't think you're disagreeing with my statement. Availability is part of security, and architecting for availability requires more than high-level design knowledge. Ransomware campaigns have been proving that point for a while now. You can't separate security from operations.

aboutsecurity: Prove me wrong: security architects must have a solid understanding of how to engineer defensible systems & networks first. Sec architects with no hands-on experience that know high-level designs and use cases ‘only’ add very little real value and often rely on wrong assumptions. https://t.co/O3TnWSTHzy

aboutsecurity: @ssantosv No se si soy culpable pero me doy por contento de haber ayudado a abrir camino! Y espero poder seguir aportando para que continue ese tirón en Málaga. A ver si hacemos esa quedada que tenemos pendiente este verano! @cadirneca @gerardofn @andres_mendez_b @bquintero @NuriaTriguero

kyleehmke: H/t to @DomainTools for the reverse on the email. These registrations may be related to the set of domains in this thread: https://t.co/mqzmEHTXMy

kyleehmke: Suspicious domains registered through MonoVM on 6/10 using michaelpourtman@protonmail[.]com: belowtocheck[.]com (159.65.183[.]215) borderstylers[.]com (165.227.58[.]155) cubicbezierd[.]com keyframesspinner[.]com maximumscaler[.]com positionabsoluter[.]com ticketpowerflow[.]com https://t.co/3LSTE68ivp

kyleehmke: The domain availabilitydesired[.]click (144.202.38[.]129) is also a part of this set. https://t.co/43DqsNNBjl

kyleehmke: Probable UNC1151 domain secure-firewall[.]site was registered on 6/9. Currently using Cloudflare services. https://t.co/sDHSSQZTKG

DissectMalware: Getting grammar is hard! Only a few changes but a major improvement! Need to fix a few more thing before next release Meanwhile update #XLMMacroDeobfuscator https://t.co/Npu8zblT14

Hexacorn: @EricaZeli yeah, thanks my OCX file collection is growing since early 2000s ;)

Hexacorn: @cyb3rops for those who can't read Ukrainian, or too lazy to try https://t.co/2eRH5ptF5J

Hexacorn: @TheRealWover @FuzzySec @dez_ @windsheep_ @GabrielLandau I blame EndGame's article :-D

Hexacorn: @TheRealWover @FuzzySec @dez_ @windsheep_ @GabrielLandau yeah, the good old Windows "rootkit" comes to mind :)

Hexacorn: @cyb3rops *cough* *cough* site:https://t.co/tY7MmYMaJk "инструментарий для пентестов Cobalt Strike" site:https://t.co/tY7MmYMaJk "легітимної комерційної програми Cobalt Strike" site:https://t.co/tY7MmYMaJk "программы для тестирования на проникновение, такие как Metasploit и Cobalt Strike"

JCyberSec_: Some more #grupchatgroup WhatsApp / Facebook #Phishing Site is detected by GSB and doesn't have a TLS cert 😂 Coded by #RAFLIPEDIA 🌐52.231.164.210 https://t.co/40scbuHQ6b

JCyberSec_: @ANeilan @jorgeorchilles @sans_isc @CISAgov Им нот суре. Хелп мёю

JCyberSec_: @ItsReallyNick @Stefan0x531 @MsftSecIntel I think people forget and also underestimate the skills these threat actors have. These are not stupid people or kids. They know what they are doing! Don't underestimate the enemy.

JCyberSec_: @jorgeorchilles @sans_isc @CISAgov I'm so pleased there isn't 'Change your keyboard to Cyrillic'

JCyberSec_: @p0x53 @illegalFawn @malwrhunterteam We see twitter shortener used a lot in phishing, can't necessarily attribute it to this campaign but using Twitter as a redirect is a known TTP for credential phishers. Great find though, will ingest these IoCs later! @n0p1shing

nullcookies: @adrianisawank @CluCoin 100% scam

nullcookies: @cryptosecurit12 @dubstard @MetaMask @MetamaskSupport @Namecheap @SectigoHQ @ActorExpose @CryptoPhishing @CryptoScamDB @JAMESWT_MHT @JCyberSec_ @PhishFort @phishunt_io @sniko_ @Spam404 You suck at this.

nullcookies: @APT_Namecheap @AtomicNicos Best of 2021

nullcookies: https://t.co/2IygyZpMOp

campuscodi: Those who downloaded the malware-laced app were infected with the SMOKEDHAM backdoor. With Darkside having shut down, no Darkside deployments were seen, but Mandiant is now warning companies to scan their networks as the former Darkside operator may pivot to a new RaaS https://t.co/8oCBmHGuG8

campuscodi: A cybercrime group that used to cooperate with the Darkside ransomware gang has breached the website of a CCTV camera vendor and inserted malware in a Windows application the company’s customers were using to configure and control their security feeds https://t.co/TyhNeWXlCW https://t.co/di0xmv8szS

campuscodi: Rachel, you absolute legend 😘 https://t.co/Sypgn6WgPa

campuscodi: Took a few years but people are finally catching up to the idea that extensibility is a core principle in PC design. Remove ports and all you have is an oversized and overpriced phablet. https://t.co/TYVlUqpw1B

campuscodi: @x0rz Doubt it. Why deal your brand reputational damage for an experiment. That's one stupid way to carry out UI research if I've ever seen one.

SBousseaden: you can detect processes created via SharpNamedPipePTH (local pass the hash) by correlating (below e.g. of #EQL) weird logon (Ntlm logontype 3 and srcip localhost) with process creation by logonId https://t.co/LHPN9yzNat https://t.co/8ydLoSy1aa https://t.co/BKJ3WO991u

424f424f: @fastlorenzo @MarcOverIP Nice!

424f424f: @ustayready https://t.co/HPkqR6IgNf

lazyactivist192: @MapboxUnion @Mapbox Congrats!!

lazyactivist192: @TheHack3r4chan Was about time someone else from cryptolaemus joined the million threatfox credit club

lazyactivist192: Thank you @TheHack3r4chan https://t.co/MbaG3yUM3O

lazyactivist192: @Jan0fficial @SecurityJoes @anyrun_app Oh yeah, but neato that they stole the name

FewAtoms: #malware #cybersecurity #opendir #infosecurity #threathunting hxxp://cor-tips.com/ https://t.co/mF8ArxK8A3 @abuse_ch @James_inthe_box @JAMESWT_MHT https://t.co/uTM2VuVCxY

FewAtoms: #malware #threathunting #cybersecurity #opendir #infosecurity hxxp://136.144.41.133/WW/ https://t.co/CxmBoylFsW https://t.co/QVQZitzhGU

reecdeep: #Malware #AgentTesla from #malspam MD5: 84E878FBB17988191CFB1E67EA22443B 🔥 testt[@[hugometallancarjaya[.com mail[.hugometallancarjaya[.com #infosec #CyberSecurity #cybercrime #Security https://t.co/et9xvTFDIf

reecdeep: #Lokibot #malware from #shellcode by CVE 2017-11882 https://t.co/w9XC1m3exD 👉hxxp://107.173.219.35/win/vbc.exe #opendir 🔥c2: hxxp://aft-forge-tw.com/Bn4/fre.php #infosec #CyberSecurity #cybercrime #Security

reecdeep: #Trickbot #Malware targeting #italy 🇮🇹 👉http://185.180.199.125/s1.dll ⚙️https://t.co/KrtJHeD7tW sample & c2 list:⬇️ https://t.co/qZBAoIBIlA #infosec #CyberSecurity #cybercrime #Security @guelfoweb @AgidCert @VirITeXplorer @58_158_177_102 @matte_lodi @D3LabIT https://t.co/tuDmAT0jf8

luc4m: @makflwana They shutted down all the ops, seems. At least for now..

luc4m: @3xp0rtblog Shutdown all the ops🛑

luc4m: #phishing 🇮🇳 guy tries to get some 365 credentials .. s://broomfieldgsco.buzz/secure/office/pdf/ @illegalFawn @phishunt_io @PhishKitTracker @ActorExpose https://t.co/idF5hWnDcY

luc4m: #cobaltstrike http beacon on 80 and 8080 .. EstNOC-Korea VPS. https://t.co/zZ9h8XcuRs CC @bryceabdo https://t.co/0r56KPHhXk

3xp0rtblog: @0x7fff9 @Amigo_A_ @Arkbird_SOLG @Bank_Security @BleepinComputer @JAMESWT_MHT @JRoosen @James_inthe_box @Kangxiaopao @LawrenceAbrams @Xylit0l @campuscodi @demonslay335 @fumik0_ @hasherezade @hexlax @luc4m @malwrhunterteam @pmelson @siri_urz @struppigel

3xp0rtblog: A new Chaos Ransomware, a second version of "Ryuk" with a changed name and some new functions. https://t.co/K6Rupq5dfI https://t.co/FiKolH6lkk https://t.co/U9w8eBww8y https://t.co/C4dx7K0kd7

3xp0rtblog: @campuscodi arcanelogs_bot it's mentioned bot, now it doesn't work. This bot was like a panel for all users.

3xp0rtblog: @campuscodi Court noticed that PERSON_1 created Arcane Stealer and controlled telegram bot «Arcane Logs ВОТ», was selling stealer on primearea[.]biz. 30.03.2021 police searched the home of PERSON_1. Sakari was last online on the day of the search :). https://t.co/60UEs1RqAZ

----Vulners.com High Sev. Last 3 Days----

CVSS: 7.2 Cisco Small Business 220 Series Smart Switches Vulnerabilities

CVSS: 7.4 Cisco Email Security Appliance and Cisco Web Security Appliance Certificate Validation Vulnerability

CVSS: 7.4 Cisco DNA Center Certificate Validation Vulnerability

CVSS: 7.0 Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability

CVSS: 6.5 Cisco Jabber Desktop and Mobile Client Software Vulnerabilities

CVSS: 7.5 BlueZ vulnerabilities

CVSS: 7.5 BlueZ vulnerabilities

CVSS: 7.5 Apple Issues Urgent Patches for 2 Zero-Day Flaws Exploited in the Wild

CVSS: 6.8 ImageMagick vulnerabilities

CVSS: 9.0 SAP Netweaver JAVA 7.50 Missing Authorization

CVSS: 9.0 OpenClinic GA (Update B)

CVSS: 7.2 Unbreakable Enterprise kernel-container security update

CVSS: 7.2 Unbreakable Enterprise kernel security update

CVSS: 10.0 Moobot Milks Tenda Router Bugs for Propagation

CVSS: 9.3 NoxPlayer Supply-Chain Attack is Likely the Work of Gelsemium Hackers

CVSS: 6.5 OpenEMR 5.0.1.3 Shell Upload

CVSS: 6.5 postgresql security update

CVSS: 6.8 Microsoft Paint 3D STL File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

CVSS: 9.0 GLPI 9.4.5 Remote Code Execution

CVSS: 7.5 CVE-2018-14718

CVSS: 6.8 CVE-2021-20198

CVSS: 6.5 CVE-2021-20182

----NVD Last 3 Days----

CVE#: CVE-2021-29702 Published Date: 2021-06-16 CVSS: NO CVSS Description: Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658.

CVE#: CVE-2021-20567 Published Date: 2021-06-16 CVSS: NO CVSS Description: IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239.

CVE#: CVE-2021-20566 Published Date: 2021-06-16 CVSS: NO CVSS Description: IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238.

CVE#: CVE-2021-20488 Published Date: 2021-06-16 CVSS: NO CVSS Description: IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passowrds of other users in the Windows AD enviornemnt when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789.

CVE#: CVE-2021-20483 Published Date: 2021-06-16 CVSS: NO CVSS Description: IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197591.

CVE#: CVE-2020-22201 Published Date: 2021-06-16 CVSS: NO CVSS Description: phpCMS 2008 sp4 allowas remote malicious users to execute arbitrary php commands via the pagesize parameter to yp/product.php.

CVE#: CVE-2020-22200 Published Date: 2021-06-16 CVSS: NO CVSS Description: Directory Traversal vulnerability in phpCMS 9.1.13 via the q parameter to public_get_suggest_keyword.

CVE#: CVE-2020-22199 Published Date: 2021-06-16 CVSS: NO CVSS Description: SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.

CVE#: CVE-2020-35762 Published Date: 2021-06-16 CVSS: NO CVSS Description: bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files.

CVE#: CVE-2020-35761 Published Date: 2021-06-16 CVSS: NO CVSS Description: bloofoxCMS 0.5.2.1 is infected with XSS that allows remote attackers to execute arbitrary JS/HTML Code.

CVE#: CVE-2020-35760 Published Date: 2021-06-16 CVSS: NO CVSS Description: bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files).

CVE#: CVE-2020-35759 Published Date: 2021-06-16 CVSS: NO CVSS Description: bloofoxCMS 0.5.2.1 is infected with a CSRF Attack that leads to an attacker editing any file content (Locally/Remotely).

CVE#: CVE-2020-27339 Published Date: 2021-06-16 CVSS: NO CVSS Description: An issue was discovered in IdeBusDxe in Insyde InsydeH2O 5.x. Code in system management mode calls a function outside of SMRAM in response to a crafted software SMI, aka Inclusion of Functionality from an Untrusted Control Sphere. Modifying the well-known address of this function allows an attacker to gain control of the system with the privileges of system management mode.

CVE#: CVE-2020-24939 Published Date: 2021-06-16 CVSS: NO CVSS Description: Prototype pollution in Stampit supermixer 1.0.3 allows an attacker to modify the prototype of a base object which can vary in severity depending on the implementation.

CVE#: CVE-2020-22198 Published Date: 2021-06-16 CVSS: NO CVSS Description: SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.

CVE#: CVE-2020-20444 Published Date: 2021-06-16 CVSS: NO CVSS Description: Jact OpenClinic 0.8.20160412 allows the attacker to read server files after login to the the admin account by an infected 'file' GET parameter in '/shared/view_source.php' which "could" lead to RCE vulnerability .

CVE#: CVE-2021-34803 Published Date: 2021-06-16 CVSS: NO CVSS Description: TeamViewer before 14.7.48644 on Windows loads untrusted DLLs in certain situations.

CVE#: CVE-2021-34801 Published Date: 2021-06-16 CVSS: NO CVSS Description: Valine 1.4.14 allows remote attackers to cause a denial of service (application outage) by supplying a ua (aka User-Agent) value that only specifies the product and version.

CVE#: CVE-2021-27610 Published Date: 2021-06-16 CVSS: NO CVSS Description: SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be exploited by malicious users to obtain illegitimate access to the system.

CVE#: CVE-2021-22914 Published Date: 2021-06-16 CVSS: NO CVSS Description: Citrix Cloud Connector before 6.31.0.62192 suffers from insecure storage of sensitive information due to sensitive information being stored in the Citrix Cloud Connector installation log files. Such information could be used by an malicious actor to access a Citrix Cloud environment. This issue affects all versions of Citrix Cloud Connector that were installed by passing secure client parameters for installation via the command line. The issue does not affect Citrix Cloud Connector if it was installed using the interactive installer or where a parameter file was used with the command-line installer.

CVE#: CVE-2021-21668 Published Date: 2021-06-16 CVSS: NO CVSS Description: Jenkins Scriptler Plugin 3.1 and earlier does not escape script content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission.

CVE#: CVE-2021-21667 Published Date: 2021-06-16 CVSS: NO CVSS Description: Jenkins Scriptler Plugin 3.2 and earlier does not escape parameter names shown in job configuration forms, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Scriptler/Configure permission.

CVE#: CVE-2020-8300 Published Date: 2021-06-16 CVSS: NO CVSS Description: Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack through a phishing attack to steal a valid user session. Note that Citrix ADC or Citrix Gateway must be configured as a SAML SP or a SAML IdP for this to be possible.

CVE#: CVE-2020-8299 Published Date: 2021-06-16 CVSS: NO CVSS Description: Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3a, 11.1.2c, 10.2.9a suffers from uncontrolled resource consumption by way of a network-based denial-of-service from within the same Layer 2 network segment. Note that the attacker must be in the same Layer 2 network segment as the vulnerable appliance.

CVE#: CVE-2021-32928 Published Date: 2021-06-16 CVSS: NO CVSS Description: The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947.

CVE#: CVE-2021-31857 Published Date: 2021-06-16 CVSS: NO CVSS Description: In Zoho ManageEngine Password Manager Pro before 11.1 build 11104, attackers are able to retrieve credentials via a browser extension for non-website resource types.

CVE#: CVE-2021-31159 Published Date: 2021-06-16 CVSS: NO CVSS Description: Zoho ManageEngine ServiceDesk Plus MSP before 10519 is vulnerable to a User Enumeration bug due to improper error-message generation in the Forgot Password functionality, aka SDPMSP-15732.

CVE#: CVE-2021-27485 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2,The application allows users to store their passwords in a recoverable format, which could allow an attacker to retrieve the credentials from the web browser.

CVE#: CVE-2021-27483 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2,The affected products contain insecure filesystem permissions that could allow a lower privilege user to escalate privileges to an administrative level user.

CVE#: CVE-2021-27479 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users.

CVE#: CVE-2021-34683 Published Date: 2021-06-16 CVSS: NO CVSS Description: An issue was discovered in EXCELLENT INFOTEK CORPORATION (EIC) E-document System 3.0. A remote attacker can use kw/auth/bbs/asp/get_user_email_info_bbs.asp to obtain the contact information (name and e-mail address) of everyone in the entire organization. This information can allow remote attackers to perform social engineering or brute force attacks against the system login page.

CVE#: CVE-2021-33813 Published Date: 2021-06-16 CVSS: NO CVSS Description: An XXE issue in SAXBuilder in JDOM through 2.0.6 allows attackers to cause a denial of service via a crafted HTTP request.

CVE#: CVE-2021-32612 Published Date: 2021-06-16 CVSS: NO CVSS Description: The VeryFitPro (com.veryfit2hr.second) application 3.2.8 for Android does all communication with the backend API over cleartext HTTP. This includes logins, registrations, and password change requests. This allows information theft and account takeover via network sniffing.

CVE#: CVE-2021-32033 Published Date: 2021-06-16 CVSS: NO CVSS Description: Protectimus SLIM NFC 70 10.01 devices allow a Time Traveler attack in which attackers can predict TOTP passwords in certain situations. The time value used by the device can be set independently from the used seed value for generating time-based one-time passwords, without authentication. Thus, an attacker with short-time physical access to a device can set the internal real-time clock (RTC) to the future, generate one-time passwords, and reset the clock to the current time. This allows the generation of valid future time-based one-time passwords without having further access to the hardware token.

CVE#: CVE-2021-30468 Published Date: 2021-06-16 CVSS: NO CVSS Description: A vulnerability in the JsonMapObjectReaderWriter of Apache CXF allows an attacker to submit malformed JSON to a web service, which results in the thread getting stuck in an infinite loop, consuming CPU indefinitely. This issue affects Apache CXF versions prior to 3.4.4; Apache CXF versions prior to 3.3.11.

CVE#: CVE-2021-28979 Published Date: 2021-06-16 CVSS: NO CVSS Description: SafeNet KeySecure Management Console 8.12.0 is vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked.

CVE#: CVE-2021-27489 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2, The web application allows a non-administrative user to upload a malicious file. This file could allow an attacker to remotely execute arbitrary commands.

CVE#: CVE-2021-27487 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products contain credentials stored in plaintext. This could allow an attacker to gain access to sensitive information.

CVE#: CVE-2021-27481 Published Date: 2021-06-16 CVSS: NO CVSS Description: ZOLL Defibrillator Dashboard, v prior to 2.2, The affected products utilize an encryption key in the data exchange process, which is hardcoded. This could allow an attacker to gain access to sensitive information.

CVE#: CVE-2021-20094 Published Date: 2021-06-16 CVSS: NO CVSS Description: A denial of service vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to crash the CodeMeter Runtime Server.

CVE#: CVE-2021-20093 Published Date: 2021-06-16 CVSS: NO CVSS Description: A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.

CVE#: CVE-2021-21441 Published Date: 2021-06-16 CVSS: NO CVSS Description: There is a XSS vulnerability in the ticket overview screens. It's possible to collect various information by having an e-mail shown in the overview screen. Attack can be performed by sending specially crafted e-mail to the system and it doesn't require any user intraction. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions.

CVE#: CVE-2020-9493 Published Date: 2021-06-16 CVSS: NO CVSS Description: A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.

CVE#: CVE-2021-28815 Published Date: 2021-06-16 CVSS: NO CVSS Description: Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. If exploited, this vulnerability allows remote attackers to read sensitive information by accessing the unrestricted storage mechanism. This issue affects: QNAP Systems Inc. myQNAPcloud Link versions prior to 2.2.21 on QTS 4.5.3; versions prior to 2.2.21 on QuTS hero h4.5.2; versions prior to 2.2.21 on QuTScloud c4.5.4.

CVE#: CVE-2021-3535 Published Date: 2021-06-16 CVSS: NO CVSS Description: Rapid7 Nexpose is vulnerable to a non-persistent cross-site scripting vulnerability affecting the Security Console's Filtered Asset Search feature. A specific search criterion and operator combination in Filtered Asset Search could have allowed a user to pass code through the provided search field. This issue affects version 6.6.80 and prior, and is fixed in 6.6.81. If your Security Console currently falls on or within this affected version range, ensure that you update your Security Console to the latest version.

CVE#: CVE-2021-32685 Published Date: 2021-06-16 CVSS: NO CVSS Description: tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.3, the `verifyWithMessage` method of `tEnvoyNaClSigningKey` always returns `true` for any signature that has a SHA-512 hash matching the SHA-512 hash of the message even if the signature was invalid. This issue is patched in version 7.0.3. As a workaround: In `tenvoy.js` under the `verifyWithMessage` method definition within the `tEnvoyNaClSigningKey` class, ensure that the return statement call to `this.verify` ends in `.verified`.

CVE#: CVE-2021-32676 Published Date: 2021-06-16 CVSS: NO CVSS Description: Nextcloud Talk is a fully on-premises audio/video and chat communication service. Password protected shared chats in Talk before version 9.0.10, 10.0.8 and 11.2.2 did not rotate the session cookie after a successful authentication event. It is recommended that the Nextcloud Talk App is upgraded to 9.0.10, 10.0.8 or 11.2.2. No workarounds for this vulnerability are known to exist.

CVE#: CVE-2021-32623 Published Date: 2021-06-16 CVSS: NO CVSS Description: Opencast is a free and open source solution for automated video capture and distribution. Versions of Opencast prior to 9.6 are vulnerable to the billion laughs attack, which allows an attacker to easily execute a (seemingly permanent) denial of service attack, essentially taking down Opencast using a single HTTP request. To exploit this, users need to have ingest privileges, limiting the group of potential attackers The problem has been fixed in Opencast 9.6. There is no known workaround for this issue.

CVE#: CVE-2021-30553 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Network service in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30552 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30551 Published Date: 2021-06-15 CVSS: NO CVSS Description: Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30550 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Accessibility in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30549 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Spell check in Google Chrome prior to 91.0.4472.101 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30548 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Loader in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30547 Published Date: 2021-06-15 CVSS: NO CVSS Description: Out of bounds write in ANGLE in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

CVE#: CVE-2021-30546 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Autofill in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30545 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in Extensions in Google Chrome prior to 91.0.4472.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-30544 Published Date: 2021-06-15 CVSS: NO CVSS Description: Use after free in BFCache in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE#: CVE-2021-28858 Published Date: 2021-06-15 CVSS: NO CVSS Description: TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

CVE#: CVE-2021-28857 Published Date: 2021-06-15 CVSS: NO CVSS Description: TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie.

CVE#: CVE-2021-24037 Published Date: 2021-06-15 CVSS: NO CVSS Description: A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.

CVE#: CVE-2021-3595 Published Date: 2021-06-15 CVSS: NO CVSS Description: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the tftp_input() function and could occur while processing a udp packet that is smaller than the size of the 'tftp_t' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVE#: CVE-2021-3594 Published Date: 2021-06-15 CVSS: NO CVSS Description: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVE#: CVE-2021-3593 Published Date: 2021-06-15 CVSS: NO CVSS Description: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the udp6_input() function and could occur while processing a udp packet that is smaller than the size of the 'udphdr' structure. This issue may lead to out-of-bounds read access or indirect host memory disclosure to the guest. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVE#: CVE-2021-3592 Published Date: 2021-06-15 CVSS: NO CVSS Description: An invalid pointer initialization issue was found in the SLiRP networking implementation of QEMU. The flaw exists in the bootp_input() function and could occur while processing a udp packet that is smaller than the size of the 'bootp_t' structure. A malicious guest could use this flaw to leak 10 bytes of uninitialized heap memory from the host. The highest threat from this vulnerability is to data confidentiality. This flaw affects libslirp versions prior to 4.6.0.

CVE#: CVE-2021-34170 Published Date: 2021-06-15 CVSS: NO CVSS Description: Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code.

CVE#: CVE-2021-34129 Published Date: 2021-06-15 CVSS: NO CVSS Description: LaikeTui 3.5.0 allows remote authenticated users to delete arbitrary files, as demonstrated by deleting install.lock in order to reinstall the product in an attacker-controlled manner. This deletion is possible via directory traversal in the uploadImg, oldpic, or imgurl parameter.

CVE#: CVE-2021-34128 Published Date: 2021-06-15 CVSS: NO CVSS Description: LaikeTui 3.5.0 allows remote authenticated users to execute arbitrary PHP code by using index.php?module=system&action=pay to upload a ZIP archive containing a .php file, as demonstrated by the ../../../../phpinfo.php pathname.

CVE#: CVE-2021-33887 Published Date: 2021-06-15 CVSS: NO CVSS Description: Insufficient verification of data authenticity in Peloton TTR01 up to and including PTV55G allows an attacker with physical access to boot into a modified kernel/ramdisk without unlocking the bootloader.

CVE#: CVE-2021-33622 Published Date: 2021-06-15 CVSS: NO CVSS Description: Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.

CVE#: CVE-2021-32683 Published Date: 2021-06-15 CVSS: NO CVSS Description: wire-webapp is the web version of Wire, an open-source messenger. A cross-site scripting vulnerability exists in wire-webapp prior to version 2021-06-01-production.0. If a user is instructed to open an image in a new tab (right click -> open in new tab, or copy the URL and paste it in the URL bar), an the image payload is executed on the domain hosting the app (app.wire.com). In particular, if an image contains malicious code in addition to the actual picture, this code is executed on app.wire.com. This allows the attacker to fully control the user account. The vulnerability was patched in version 2021-06-01-production.0. As a workaround, users should not try to open image URLs.

CVE#: CVE-2021-27388 Published Date: 2021-06-15 CVSS: NO CVSS Description: SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control commands on the SINAMICS Medium Voltage Products, Remote Access (SINAMICS SL150: All versions, SINAMICS SM150: All versions, SINAMICS SM150i: All versions).

CVE#: CVE-2021-23395 Published Date: 2021-06-15 CVSS: NO CVSS Description: This affects all versions of package nedb. The library could be tricked into adding or modifying properties of Object.prototype using a __proto__ or constructor.prototype payload.

CVE#: CVE-2020-7864 Published Date: 2021-06-15 CVSS: NO CVSS Description: Parameter manipulation can bypass authentication to cause file upload and execution. This will execute the remote code. This issue affects: Raonwiz DEXT5Editor versions prior to 3.5.1405747.1100.03.

CVE#: CVE-2020-5000 Published Date: 2021-06-15 CVSS: NO CVSS Description: IBM Financial Transaction Manager 3.0.2 and 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 192952.

CVE#: CVE-2020-29215 Published Date: 2021-06-15 CVSS: NO CVSS Description: A Cross Site Scripting in SourceCodester Employee Management System 1.0 allows the user to execute alert messages via /Employee Management System/addemp.php on admin account.

CVE#: CVE-2020-29214 Published Date: 2021-06-15 CVSS: NO CVSS Description: SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php.

CVE#: CVE-2020-21316 Published Date: 2021-06-15 CVSS: NO CVSS Description: A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.

CVE#: CVE-2021-31502 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.4.55. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13673.

CVE#: CVE-2021-31501 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWG files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-13310.

CVE#: CVE-2021-31500 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12746.

CVE#: CVE-2021-31499 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12745.

CVE#: CVE-2021-31498 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to disclose sensitive information on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-12744.

CVE#: CVE-2021-31497 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DWG files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13311.

CVE#: CVE-2021-31496 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13308.

CVE#: CVE-2021-31495 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13307.

CVE#: CVE-2021-31494 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13305.

CVE#: CVE-2021-31493 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13304.

CVE#: CVE-2021-31492 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12720.

CVE#: CVE-2021-31491 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12719.

CVE#: CVE-2021-31490 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12718.

CVE#: CVE-2021-31489 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12717.

CVE#: CVE-2021-31488 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12716.

CVE#: CVE-2021-31487 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12715.

CVE#: CVE-2021-31486 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12712.

CVE#: CVE-2021-31485 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12711.

CVE#: CVE-2021-31484 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12710.

CVE#: CVE-2021-31483 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12709.

CVE#: CVE-2021-31482 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DWF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12708.

CVE#: CVE-2021-31481 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SLDPRT files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12659.

CVE#: CVE-2021-31480 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12654.

CVE#: CVE-2021-31479 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12634.

CVE#: CVE-2021-31478 Published Date: 2021-06-15 CVSS: NO CVSS Description: This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12633.

CVE#: CVE-2021-31618 Published Date: 2021-06-15 CVSS: NO CVSS Description: Apache HTTP Server protocol handler for the HTTP/2 protocol checks received request headers against the size limitations as configured for the server and used for the HTTP/1 protocol as well. On violation of these restrictions and HTTP response is sent to the client with a status code indicating why the request was rejected. This rejection response was not fully initialised in the HTTP/2 protocol handler if the offending header was the very first one received or appeared in a a footer. This led to a NULL pointer dereference on initialised memory, crashing reliably the child process. Since such a triggering HTTP/2 request is easy to craft and submit, this can be exploited to DoS the server. This issue affected mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 only. Apache HTTP Server 2.4.47 was never released.

CVE#: CVE-2021-32684 Published Date: 2021-06-14 CVSS: NO CVSS Description: magento-scripts contains scripts and configuration used by Create Magento App, a zero-configuration tool-chain which allows one to deploy Magento 2. In versions 1.5.1 and 1.5.2, after changing the function from synchronous to asynchronous there wasn't implemented handler in the start, stop, exec, and logs commands, effectively making them unusable. Version 1.5.3 contains patches for the problems.

CVE#: CVE-2021-20027 Published Date: 2021-06-14 CVSS: NO CVSS Description: A buffer overflow vulnerability in SonicOS allows a remote attacker to cause a Denial of Service (DoS) by sending a specially crafted request. This vulnerability affects SonicOS Gen5, Gen6, Gen7 platforms, and SonicOSv virtual firewalls.

CVE#: CVE-2021-34693 Published Date: 2021-06-14 CVSS: NO CVSS Description: net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

CVE#: CVE-2021-27887 Published Date: 2021-06-14 CVSS: NO CVSS Description: Cross-site Scripting (XSS) vulnerability in the main dashboard of Ellipse APM versions allows an authenticated user or integrated application to inject malicious data into the application that can then be executed in a victim’s browser. This issue affects: Hitachi ABB Power Grids Ellipse APM 5.3 version 5.3.0.1 and prior versions; 5.2 version 5.2.0.3 and prior versions; 5.1 version 5.1.0.6 and prior versions.

CVE#: CVE-2021-27196 Published Date: 2021-06-14 CVSS: NO CVSS Description: Improper Input Validation vulnerability in Hitachi ABB Power Grids Relion 670 Series, Relion 670/650 Series, Relion 670/650/SAM600-IO, Relion 650, REB500, RTU500 Series, FOX615 (TEGO1), MSM, GMS600, PWC600 allows an attacker with access to the IEC 61850 network with knowledge of how to reproduce the attack, as well as the IP addresses of the different IEC 61850 access points (of IEDs/products), to force the device to reboot, which renders the device inoperable for approximately 60 seconds. This vulnerability affects only products with IEC 61850 interfaces. This issue affects: Hitachi ABB Power Grids Relion 670 Series 1.1; 1.2.3 versions prior to 1.2.3.20; 2.0 versions prior to 2.0.0.13; 2.1; 2.2.2 versions prior to 2.2.2.3; 2.2.3 versions prior to 2.2.3.2. Hitachi ABB Power Grids Relion 670/650 Series 2.2.0 versions prior to 2.2.0.13. Hitachi ABB Power Grids Relion 670/650/SAM600-IO 2.2.1 versions prior to 2.2.1.6. Hitachi ABB Power Grids Relion 650 1.1; 1.2; 1.3 versions prior to 1.3.0.7. Hitachi ABB Power Grids REB500 7.3; 7.4; 7.5; 7.6; 8.2; 8.3. Hitachi ABB Power Grids RTU500 Series 7.x version 7.x and prior versions; 8.x version 8.x and prior versions; 9.x version 9.x and prior versions; 10.x version 10.x and prior versions; 11.x version 11.x and prior versions; 12.x version 12.x and prior versions. Hitachi ABB Power Grids FOX615 (TEGO1) R1D02 version R1D02 and prior versions. Hitachi ABB Power Grids MSM 2.1.0 versions prior to 2.1.0. Hitachi ABB Power Grids GMS600 1.3.0 version 1.3.0 and prior versions. Hitachi ABB Power Grids PWC600 1.0 versions prior to 1.0.1.4; 1.1 versions prior to 1.1.0.1.

CVE#: CVE-2021-26845 Published Date: 2021-06-14 CVSS: NO CVSS Description: Information Exposure vulnerability in Hitachi ABB Power Grids eSOMS allows unauthorized user to gain access to report data if the URL used to access the report is discovered. This issue affects: Hitachi ABB Power Grids eSOMS 6.0 versions prior to 6.0.4.2.2; 6.1 versions prior to 6.1.4; 6.3 versions prior to 6.3.

CVE#: CVE-2021-0467 Published Date: 2021-06-14 CVSS: NO CVSS Description: In Chromecast bootROM, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the bootloader, with physical USB access, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-174490700

CVE#: CVE-2021-0324 Published Date: 2021-06-14 CVSS: NO CVSS Description: Product: AndroidVersions: Android SoCAndroid ID: A-175402462

CVE#: CVE-2021-21557 Published Date: 2021-06-14 CVSS: NO CVSS Description: Dell PowerEdge Server BIOS and select Dell Precision Rack BIOS contain an out-of-bounds array access vulnerability. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of service, arbitrary code execution, or information disclosure in System Management Mode.

CVE#: CVE-2021-21556 Published Date: 2021-06-14 CVSS: NO CVSS Description: Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a stack-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

CVE#: CVE-2021-21555 Published Date: 2021-06-14 CVSS: NO CVSS Description: Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and T640 Server BIOS contain a heap-based buffer overflow vulnerability in systems with NVDIMM-N installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

CVE#: CVE-2021-21554 Published Date: 2021-06-14 CVSS: NO CVSS Description: Dell PowerEdge R640, R740, R740XD, R840, R940, R940xa, MX740c, MX840c, and, Dell Precision 7920 Rack Workstation BIOS contain a stack-based buffer overflow vulnerability in systems with Intel Optane DC Persistent Memory installed. A local malicious user with high privileges may potentially exploit this vulnerability, leading to a denial of Service, arbitrary code execution, or information disclosure in UEFI or BIOS Preboot Environment.

CVE#: CVE-2021-32682 Published Date: 2021-06-14 CVSS: NO CVSS Description: elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.

CVE#: CVE-2021-24382 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Smart Slider 3 Free and pro WordPress plugins before 3.5.0.9 did not sanitise the Project Name before outputting it back in the page, leading to a Stored Cross-Site Scripting issue. By default, only administrator users could access the affected functionality, limiting the exploitability of the vulnerability. However, some WordPress admins may allow lesser privileged users to access the plugin's functionality, in which case, privilege escalation could be performed.

CVE#: CVE-2021-24360 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Yes/No Chart WordPress plugin before 1.0.12 did not sanitise its sid shortcode parameter before using it in a SQL statement, allowing medium privilege users (contributor+) to perform Blind SQL Injection attacks

CVE#: CVE-2021-24359 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.11 did not properly check that a user requesting a password reset was the legitimate user, allowing an attacker to send an arbitrary reset password email to a registered user on behalf of the WordPress site. Such issue could be chained with an open redirect (CVE-2021-24358) in version below 4.1.10, to include a crafted password reset link in the email, which would lead to an account takeover.

CVE#: CVE-2021-24358 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.10 did not validate a redirect parameter on a specifically crafted URL before redirecting the user to it, leading to an Open Redirect issue.

CVE#: CVE-2021-24357 Published Date: 2021-06-14 CVSS: NO CVSS Description: In the Best Image Gallery & Responsive Photo Gallery – FooGallery WordPress plugin before 2.0.35, the Custom CSS field of each gallery is not properly sanitised or validated before being being output in the page where the gallery is embed, leading to a stored Cross-Site Scripting issue.

CVE#: CVE-2021-24356 Published Date: 2021-06-14 CVSS: NO CVSS Description: In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, a lack of capability checks and insufficient nonce check on the AJAX action, simple301redirects/admin/activate_plugin, made it possible for authenticated users to activate arbitrary plugins installed on vulnerable sites.

CVE#: CVE-2021-24355 Published Date: 2021-06-14 CVSS: NO CVSS Description: In the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, the lack of capability checks and insufficient nonce check on the AJAX actions, simple301redirects/admin/get_wildcard and simple301redirects/admin/wildcard, made it possible for authenticated users to retrieve and update the wildcard value for redirects.

CVE#: CVE-2021-24354 Published Date: 2021-06-14 CVSS: NO CVSS Description: A lack of capability checks and insufficient nonce check on the AJAX action in the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4, made it possible for authenticated users to install arbitrary plugins on vulnerable sites.

CVE#: CVE-2021-24353 Published Date: 2021-06-14 CVSS: NO CVSS Description: The import_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to import a set of site redirects.

CVE#: CVE-2021-24352 Published Date: 2021-06-14 CVSS: NO CVSS Description: The export_data function of the Simple 301 Redirects by BetterLinks WordPress plugin before 2.0.4 had no capability or nonce checks making it possible for unauthenticated users to export a site's redirects.

CVE#: CVE-2021-24351 Published Date: 2021-06-14 CVSS: NO CVSS Description: The theplus_more_post AJAX action of The Plus Addons for Elementor Page Builder WordPress plugin before 4.1.12 did not properly sanitise some of its fields, leading to a reflected Cross-Site Scripting (exploitable on both unauthenticated and authenticated users)

CVE#: CVE-2021-24350 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Visitors WordPress plugin through 0.3 is affected by an Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability. The plugin would display the user's user agent string without validation or encoding within the WordPress admin panel.

CVE#: CVE-2021-24349 Published Date: 2021-06-14 CVSS: NO CVSS Description: This Gallery from files WordPress plugin through 1.6.0 gives the functionality of uploading images to the server. But filenames are not properly sanitized before being output in an error message when they have an invalid extension, leading to a reflected Cross-Site Scripting issue. Due to the lack of CSRF check, the attack could also be performed via such vector.

CVE#: CVE-2021-24348 Published Date: 2021-06-14 CVSS: NO CVSS Description: The menu delete functionality of the Side Menu – add fixed side buttons WordPress plugin before 3.1.5, available to Administrator users takes the did GET parameter and uses it into an SQL statement without proper sanitisation, validation or escaping, therefore leading to a SQL Injection issue

CVE#: CVE-2021-24347 Published Date: 2021-06-14 CVSS: NO CVSS Description: The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovered that php files could still be uploaded by changing the file extension's case, for example, from "php" to "pHP".

CVE#: CVE-2021-24346 Published Date: 2021-06-14 CVSS: NO CVSS Description: The Stock in & out WordPress plugin through 1.0.4 has a search functionality, the lowest accessible level to it being contributor. The srch POST parameter is not validated, sanitised or escaped before using it in the echo statement, leading to a reflected XSS issue

CVE#: CVE-2021-24345 Published Date: 2021-06-14 CVSS: NO CVSS Description: The page lists-management feature of the Sendit WP Newsletter WordPress plugin through 2.5.1, available to Administrator users does not sanitise, validate or escape the id_lista POST parameter before using it in SQL statement, therefore leading to Blind SQL Injection.

CVE#: CVE-2021-24341 Published Date: 2021-06-14 CVSS: NO CVSS Description: When deleting a date in the Xllentech English Islamic Calendar WordPress plugin before 2.6.8, the year_number and month_number POST parameters are not sanitised, escaped or validated before being used in a SQL statement, leading to SQL injection.

CVE#: CVE-2021-21439 Published Date: 2021-06-14 CVSS: NO CVSS Description: DoS attack can be performed when an email contains specially designed URL in the body. It can lead to the high CPU usage and cause low quality of service, or in extreme case bring the system to a halt. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.26 and prior versions; 8.0.x version 8.0.13 and prior versions.

CVE#: CVE-2021-23394 Published Date: 2021-06-13 CVSS: NO CVSS Description: The package studio-42/elfinder before 2.1.58 are vulnerable to Remote Code Execution (RCE) via execution of PHP code in a .phar file. NOTE: This only applies if the server parses .phar files as PHP.

----#MALWARE----

cameliaclement: RT @jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife #CyberSecuri…

DjangoBot_: RT @jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife #CyberSecuri…

jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife… https://t.co/wzOKTnqI5o Link with Tweet

botcybersec: RT @tonernews: https://t.co/lymKA7fbAc’ Take On Why Everyone is Easily Defaulting Vs. Canon’s Toner Investigations. https://t.co/AZxgqlDJZE… Link with Tweet Link with Tweet

morolswediu: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

tonernews: https://t.co/lymKA7fbAc’ Take On Why Everyone is Easily Defaulting Vs. Canon’s Toner Investigations.… https://t.co/aWCv02Ii62 Link with Tweet Link with Tweet

DjangoBot_: RT @WajdiAlkayal: CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecurity #privacy #m…

rec0nus: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

Necio_news: RT @AJBlackston: Critical ThroughTek Flaw Opens Millions of Connected Cameras to Eavesdropping https://t.co/C3CsQ5mY5X #CyberSecurityNews… Link with Tweet

Fabriciosx: RT @jmdevlabs: Bypass internet restrictions with NordVPN. #100DaysOfCode #DEVCommunity #codinglife #CyberSecurity #IT #IoT #VPN #T…

Esix34238932: RT @mer0x36: Dear reversers/#malware analysts, #retoolkit v2021d is out! You can now right-click a file and send it to a tool. I also added…

MaltrakN: RT @jmdevlabs: Bypass internet restrictions with NordVPN. #100DaysOfCode #DEVCommunity #codinglife #CyberSecurity #IT #IoT #VPN #T…

MaltrakN: RT @NcsVentures: What Do Recent Ransomware Attacks In The Commonwealth Say About Our Vulnerability? | #malware | #ransomware https://t.co/R…

sectest9: RT @NcsVentures: What Do Recent Ransomware Attacks In The Commonwealth Say About Our Vulnerability? | #malware | #ransomware https://t.co/R…

sectest9: RT @NcsVentures: What Do Recent Ransomware Attacks In The Commonwealth Say About Our Vulnerability? | #malware | #ransomware https://t.co/R…

----#PHISHING----

botcybersec: RT @tonernews: https://t.co/lymKA7fbAc’ Take On Why Everyone is Easily Defaulting Vs. Canon’s Toner Investigations. https://t.co/AZxgqlDJZE… Link with Tweet Link with Tweet

cybersec_feeds: RT @vtg_uk: Our results from last weeks poll on Linkedin "Have you undertaken any type of phishing training before?" Great to learn that…

tonernews: https://t.co/lymKA7fbAc’ Take On Why Everyone is Easily Defaulting Vs. Canon’s Toner Investigations.… https://t.co/aWCv02Ii62 Link with Tweet Link with Tweet

Cyberfishio: Cyberfish is now @Cofense. Follow us there for the latest on #phishing detection & response. Together, we stop phis… https://t.co/Kw08J004UN Link with Tweet

DigitalSecArch: RT @msftsecurity: Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise infrastructur…

rec0nus: RT @msftsecurity: Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise infrastructur…

yuridiogenes: RT @msftsecurity: Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise infrastructur…

JEMPradio: Goose - Welcome To Delta>Butter Rum (5-9-21) #Phish #CommunityRadio https://t.co/LPFrNPSY15 Link with Tweet

VFArtisanCodeur: RT @msftsecurity: Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise infrastructur…

bernarchevalier: RT @PhishStats: https://t.co/MAuIXRvYiq detected 29 new websites hosting #phishing | new today: 1067 | #infosec #cybersecurity #malware htt… Link with Tweet

evernetco: Cybercriminals have many #phishing 🎣 tactics to drag you in. They may offer a financial reward, threaten you, or cl… https://t.co/ZA606My4Al Link with Tweet

msftsecurity: Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise infrast… https://t.co/TdjHibvFF2 Link with Tweet

botcybersec: RT @One2CallUK: We've recently noticed an increase in #Phishing attacks targeting businesses. But do you know how to spot phishing? And do…

One2CallUK: We've recently noticed an increase in #Phishing attacks targeting businesses. But do you know how to spot phishing?… https://t.co/qNYy3xZuEL Link with Tweet

MaltrakN: RT @NatsarLLC: “It is a fact that gamers are under constant threat of #phishing, #malware, and #ransomware attacks. Let's big into defense…

----#OSINT----

Fabriciosx: RT @MR_ANONWOLF: #internet of Things (IoT) Fundamentals Certification Training - Connectivity #DarkWeb #Anonymity #Security #blockchain #t…

DjangoBot_: RT @MR_ANONWOLF: #internet of Things (IoT) Fundamentals Certification Training - Connectivity #DarkWeb #Anonymity #Security #blockchain #t…

MR_ANONWOLF: #internet of Things (IoT) Fundamentals Certification Training - Connectivity #DarkWeb #Anonymity #Security… https://t.co/wf2uBf8tYD Link with Tweet

corpavsafety: RT @LorandBodo: There are many tools one can use when working with Twitter data. Here are my top 3 for data collection & analysis #SOCMINT…

corpavsafety: RT @Geluchat: Hey ! I have published a Firefox webextension to help people with OSINT on Facebook and Instagram account. You can find it he…

salvot80: RT @MISPProject: There are 68 default OSINT feeds available in MISP. You can cache those feeds (enabled in one click), you can quickly see…

salvot80: RT @Ivan30394639: https://t.co/phLKcX72rs — a similar service for finding scheduled rooms at #ClubHouse. Interestingly, it produces comple… Link with Tweet

salvot80: RT @jms_dot_py: Hey hey! The @hunchly Desktop training was good fun as usual today, lots of great questions. The recording is here: https:…

salvot80: RT @Ivan30394639: https://t.co/M1K9ars6eL Search open and scheduled rooms in the #Clubhouse #osint #tool https://t.co/q8yjRnYSJd Link with Tweet

salvot80: RT @OsintCurious: You need to geo-locate a picture but can only choose one of these: 👉Search engine text search 👉Reverse image 👉Maps What…

WHInspector: [#DailyOSINT - Day#136] Can't remember where I found this so I am sorry if I don't mention the one who posted this.… https://t.co/xLDLJvRgEW Link with Tweet

RDSWEB: RT @bscottwilson: This has already been shared... But this is a great, short article from hacking expert @_sn0ww on things you SHOULDN'T do…

ku4erenko: RT @hacksayan: Privacy is priority ✌️ #cybersecbot #cybersecurity #informationsecurity #oscp #ethicalhacking #dailyupdates #hacksayantweets…

bscottwilson: This has already been shared... But this is a great, short article from hacking expert @_sn0ww on things you SHOULD… https://t.co/tBrLnV7Js6 Link with Tweet

wicked_security: If you’re looking for a new level of petty, I highly suggest you check out the Nextdoor app and “join” your neighbo… https://t.co/YZaFMUNUrz Link with Tweet

----#THREATINTEL----

botcybersec: RT @InfoSec_Pom: Free Threat Intelligence feed - https://t.co/q1yOWjgK9G https://t.co/o6596IfiPK What are Evasion Technique and its classi… Link with Tweet Link with Tweet

InfoSec_Pom: Free Threat Intelligence feed - https://t.co/q1yOWjgK9G https://t.co/o6596IfiPK What are Evasion Technique and its… https://t.co/kfyvMRZghm Link with Tweet Link with Tweet Link with Tweet

sambonnar2: RT @IF_Europe: #London knife crime, 1st June-13th June - incidents recorded on the Intelligence Fusion platform: - 26 incidents reported -…

salvot80: RT @MISPProject: There are 68 default OSINT feeds available in MISP. You can cache those feeds (enabled in one click), you can quickly see…

yilmazmehmets: RT @ThreatMonIT: ThreatMonIT has detected that a threat actor claims that has Türk Telekom's leaked data! The threat actor published a sam…

Treadstone71LLC: The Real Indicators of Compromise you should be heeding – #ioc #threatintelligence https://t.co/zsqU7XoyCz Link with Tweet

ReversingLabs: RT @ReversingLabs: New #Webinar alert! Join us on June 23rd to learn how to Take Your #ThreatHunting Program to the Next Level with a #Malw…

Lovescience15: RT @coocoor: Vulnerability found in mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 could lead to DoS. https://t.co/ZL0iQNod9g #cy… Link with Tweet

coocoor: Vulnerability found in mod_http2 1.15.17 and Apache HTTP Server version 2.4.47 could lead to DoS.… https://t.co/4SWYALMaWK Link with Tweet

snowdarkz: RT @BlackMatter23: What a brilliant #ThreatIntel report dedicated to #REvil attack👏 Look, how many priceless info it contains for threat hu…

Treadstone71LLC: Early Bird Discounts #ISSAINTL #FSISAC #cyber #security #cyberintelligenceprogram #threatintelligence… https://t.co/DiMdMk2egA Link with Tweet

wesdrone: Limbo Level Intelligence - it's as low confidence as you can go with falling down. #ThreatIntel

cybersec_feeds: RT @FarsightSecInc: KEYNOTE Farsight Security CEO Dr. Paul Vixie to kickoff @WWHackinFest today at 5 PM PT with his keynote: Gazing Long En…

Iam4ndr3y: RT @BlackMatter23: What a brilliant #ThreatIntel report dedicated to #REvil attack👏 Look, how many priceless info it contains for threat hu…

alex_alcazarm: RT @MISPProject: There are 68 default OSINT feeds available in MISP. You can cache those feeds (enabled in one click), you can quickly see…

----#RANSOMWARE----

cameliaclement: RT @jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife #CyberSecuri…

DjangoBot_: RT @jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife #CyberSecuri…

jmdevlabs: Multilayered protection designed to prevent & neutralize malware. #100DaysOfCode #DEVCommunity #codinglife… https://t.co/wzOKTnqI5o Link with Tweet

leonmusic507: RT @CyberSecDN: #Hackers from Cl0p #ransomware group arrested, infrastructure seized - https://t.co/oHz8dl8qvK #cybersecurity #infosec http… Link with Tweet

DjangoBot_: RT @wmktech: #Bitcoin for Beginners: C is for #Cryptocurrency #Ransomware #lowcode #javascript #github #nodejs #cybersecurity #devops #100…

Fabriciosx: RT @jmdevlabs: Bypass internet restrictions with NordVPN. #100DaysOfCode #DEVCommunity #codinglife #CyberSecurity #IT #IoT #VPN #T…

Fabriciosx: RT @WajdiAlkayal: #Bitcoin for Beginners: C is for #Cryptocurrency #Ransomware #lowcode #javascript #github #nodejs #cybersecurity #devops…

TheBeauOliver: #Healthcare Sector Gasps due to #Ransomware Attacks | Cyware #Hacker News. Interesting take! #cyber #cybersecuirty… https://t.co/OqDT2OQYZs Link with Tweet

DjangoBot_: RT @WajdiAlkayal: #Bitcoin for Beginners: C is for #Cryptocurrency #Ransomware #lowcode #javascript #github #nodejs #cybersecurity #devops…

MaltrakN: RT @jmdevlabs: Bypass internet restrictions with NordVPN. #100DaysOfCode #DEVCommunity #codinglife #CyberSecurity #IT #IoT #VPN #T…

MaltrakN: RT @NcsVentures: What Do Recent Ransomware Attacks In The Commonwealth Say About Our Vulnerability? | #malware | #ransomware https://t.co/R…

cipher_blade: These statistics are just embarressing and shows just how little companies really care about and invest in cybersec… https://t.co/SGmvXXelzr Link with Tweet

-----#OPENDIR----

ecarlesi: Threat on hxxps://myhermes-missed-uk[.]com/Hermes_2021_auto%20-%20namecheat[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxps://mikahq[.]com/wordpress-5[.]7[.]2[.]zip #phishing #opendir

ecarlesi: Threat on hxxp://scotiaservice-online[.]com/SCOT2412%20(1)[.]zip #phishing #opendir #regru

ecarlesi: Possible threat on hxxps://ricagang[.]com/css[.]zip #phishing #opendir #wildwestdomains

ecarlesi: Possible threat on hxxp://audiovisualrentalsneworleans[.]com/unzip[.]zip #phishing #opendir

ecarlesi: Possible threat on hxxp://just2date[.]com/youdate[.]zip #phishing #opendir #tucows

beefyspace: RT @ecarlesi: Possible threat on hxxps://just2date[.]com/youdate[.]zip #phishing #opendir #tucows

ecarlesi: Possible threat on hxxps://just2date[.]com/youdate[.]zip #phishing #opendir #tucows

j_verlaine: RT @ChriscoDevnet: Do you ever report on new indicators of compromise that you find in the wild? If so, do you use the #opendir hashtag? Fo…

jhonosps: RT @IronNetTR: Phishing page targeting @USPS customers. hxxps://uspslot.online/manage/usps/package/ #opendir #phishing https://t.co/RrZ6zU…

botcybersec: RT @bigevilbeard: Check this code to search the Twitter hashtag #opendir for threat/malware related observables, check for Target Sightings…

bigevilbeard: Check this code to search the Twitter hashtag #opendir for threat/malware related observables, check for Target Sig… https://t.co/ACA6ETCJri Link with Tweet

ChriscoDevnet: Do you ever report on new indicators of compromise that you find in the wild? If so, do you use the #opendir hashta… https://t.co/VmpoI0q0HQ Link with Tweet

beefyspace: RT @IronNetTR: Phishing page targeting @USPS customers. hxxps://uspslot.online/manage/usps/package/ #opendir #phishing https://t.co/RrZ6zU…

beefyspace: RT @IronNetTR: Phishing page targeting credentials for Maryland Division of Unemployment Insurance BEACON System @MD_Labor at hxxps[:]//b…

-----#MALSPAM----

panda_zheng: RT @Racco42: #malspam "AZ206/6 Elektronische Zustellung" brings that unnamed JS #rat (or does it have a name?) C2: hxxps://rootpass.top/upd…

Racco42: #malspam "AZ206/6 Elektronische Zustellung" brings that unnamed JS #rat (or does it have a name?) C2: hxxps://rootp… https://t.co/0WMyHBuutm Link with Tweet

Jamie80116273: RT @Corvid_Cyber: #AgentTesla #Zip #Malspam EXE embedded within a zip https://t.co/iaJBvsze0j md5: C6E05730D127DD63CEE99D3DE5724FE3 sha1… Link with Tweet

pearchandy1: RT @Corvid_Cyber: #AgentTesla #Zip #Malspam EXE embedded within a zip https://t.co/iaJBvsze0j md5: C6E05730D127DD63CEE99D3DE5724FE3 sha1… Link with Tweet

Corvid_Cyber: #AgentTesla #Zip #Malspam EXE embedded within a zip https://t.co/iaJBvsze0j md5: C6E05730D127DD63CEE99D3DE5724FE… https://t.co/rx1pdr5E67 Link with Tweet Link with Tweet

starsSk87264403: RT @LittleRedBean2: #Malspam Packing list& Invoice-2020.3. incorrect,xl.exe ec20b0bca82187287a0a5b3ed6ec8f86191a9022ae302749dcad06d8d72f6a7…

CyberVanCol: #Malspam delivering #AgentTesla via malicious PowerPoint. ➡️ Payload: ia801509[.]us[.]archive[.]org/15/items/black… https://t.co/ABpr4YlUjz Link with Tweet

Jonesls: RT @MBThreatIntel: #Azorult #malspam campaign: Spam emails contain malicious Excel files that either exploit CVE-2017-11882 or use malicio…

Jonesls: RT @MBThreatIntel: #BuerLoader #malspam: Spam emails -> Excel files with DocuWare template -> contains a macro that is activated on "Workb…

panda_zheng: RT @Racco42: #malspam "AMENDMENT\CANCELLATION REQUEST" "NEFT RETURN REPORT AS ON 09JUNE2021" brings #JsOutProx in .hta attachment C2: hxxp…

t0uxe: RT @MBThreatIntel: #Formbook #malspam with a twist...(thread, 1/7) Typical Formbook #malspam: Archive (.lzh) files distributed as email at…

Racco42: #malspam "AMENDMENT\CANCELLATION REQUEST" "NEFT RETURN REPORT AS ON 09JUNE2021" brings #JsOutProx in .hta attachme… https://t.co/w5T0tagytx Link with Tweet

yungmay0: RT @LittleRedBean2: #Malspam Packing list& Invoice-2020.3. incorrect,xl.exe ec20b0bca82187287a0a5b3ed6ec8f86191a9022ae302749dcad06d8d72f6a7…

raby_mr: RT @LittleRedBean2: #Malspam Packing list& Invoice-2020.3. incorrect,xl.exe ec20b0bca82187287a0a5b3ed6ec8f86191a9022ae302749dcad06d8d72f6a7…

LittleRedBean2: #Malspam Packing list& Invoice-2020.3. incorrect,xl.exe ec20b0bca82187287a0a5b3ed6ec8f86191a9022ae302749dcad06d8d72… https://t.co/U6u7rQx7uP Link with Tweet

----#EMOTET----

McAfee_Help: The McAfee Center Stage Webinar Series #playlist on our YouTube Support Channel includes webcasts on #Emotet, DLP C… https://t.co/pC3ADmF976 Link with Tweet

botcybersec: RT @Sally_Dickson: Prior to its takedown, #Emotet was one of the most dangerous strains of #malware. Yukimi Sohta, Sr. Marketing Manager at…

Sally_Dickson: Prior to its takedown, #Emotet was one of the most dangerous strains of #malware. Yukimi Sohta, Sr. Marketing Manag… https://t.co/tdYfsbxwNm Link with Tweet

Techno_FAQ: Threats To Internet Security: Types And Protection Methods - https://t.co/IQyF9sHDdI #Cybersecurity #Botnet #EMOTET… https://t.co/jck3imu2F6 Link with Tweet Link with Tweet

cybsecbot: RT @TrackerEmotet: Direct malware load on Botnet E2 406cc80b43698d329704704b9fe4e0948b8d4ab11315678884e36acb2109dfd6 VT : https://t.co/aKCs…

CyberSecurityN8: RT @Indusface: 👉 The #Emotet malware is officially gone. But should you still be worried? 📌 Read here: https://t.co/u5xcNPSqkR @7H3Wh173R… Link with Tweet

sectest9: RT @Indusface: 👉 The #Emotet malware is officially gone. But should you still be worried? 📌 Read here: https://t.co/u5xcNPSqkR @7H3Wh173R… Link with Tweet

SecdevB: RT @Indusface: 👉 The #Emotet malware is officially gone. But should you still be worried? 📌 Read here: https://t.co/u5xcNPSqkR @7H3Wh173R… Link with Tweet

botcybersec: RT @Indusface: 👉 The #Emotet malware is officially gone. But should you still be worried? 📌 Read here: https://t.co/u5xcNPSqkR @7H3Wh173R… Link with Tweet

Indusface: 👉 The #Emotet malware is officially gone. But should you still be worried? 📌 Read here: https://t.co/u5xcNPSqkR… https://t.co/0vQDzZzKiU Link with Tweet Link with Tweet

miguelcarvajalm: #Emotet Has Taken #Down – Should I Still Be Worried? https://t.co/OgA0ZOUVYv Link with Tweet

LifeAtPFPT: Prior to its takedown, #Emotet was one of the most dangerous strains of #malware. Yukimi Sohta, Sr. Marketing Manag… https://t.co/2Y4fSCNVvp Link with Tweet

botcybersec: RT @malware_devil: #vpn Attacks Surged in First Quarter https://t.co/rqzXBgZRUK #attack #bot #botnet #emotet #exploit #malware #vpn #mal… Link with Tweet

malware_devil: #vpn Attacks Surged in First Quarter https://t.co/rqzXBgZRUK #attack #bot #botnet #emotet #exploit #malware #vpn #malwaredevil Link with Tweet

PoweredBySTL: #Microsoft #Exchange Server vulnerabilities, #ransomware lead spring 2021 #cyberattack trends.… https://t.co/HgXFFZfNDY Link with Tweet

-----#BUGBOUNTY----

botcybersec: RT @bpruston: Slightly obsessed with postMessage bugs. Send help. #BugBounty https://t.co/TRpf0nCMq9

rec0nus: RT @theXSSrat: A full investigation into WAFs <3 What is a WAF? How does a WAF work? What is a ruleset? https://t.co/Z9rJS57if2 #BugBou… Link with Tweet

sectest9: RT @bpruston: Slightly obsessed with postMessage bugs. Send help. #BugBounty https://t.co/TRpf0nCMq9

CyberSecurityN8: RT @bpruston: Slightly obsessed with postMessage bugs. Send help. #BugBounty https://t.co/TRpf0nCMq9

bpruston: Slightly obsessed with postMessage bugs. Send help. #BugBounty https://t.co/TRpf0nCMq9

Xp_L0iT_3r: RT @PJBorah2: Blind XSS Using Dalfox: Easy Tip: -> dalfox file urls_param.txt --b yourserver #bugbounty #bugbountytips

PortlandOWASP: RT @OWASPVictoria: We're excited for @pnwseccon, aka, the Pacific Northwest Application Security Conference this Saturday, June 19th. https…

wcbowling: RT @heatherswall: 🎉 TODAY!! Join us at 23:00 UTC (4 pm PT/7 pm ET) for a live #AMA with 🤩 #bugbounty hunter and @gitlab contributor, @wcbo…

Alvaro_Guiber: RT @e11i0t_4lders0n: Need BugBounty Programs for Hunting????? Follow me!!Like Retweet and Comment 1-Cryptocurrency Program/Bounty Program…

sectest9: RT @theXSSrat: A full investigation into WAFs <3 What is a WAF? How does a WAF work? What is a ruleset? https://t.co/Z9rJS57if2 #BugBou… Link with Tweet

CyberSecurityN8: RT @theXSSrat: A full investigation into WAFs <3 What is a WAF? How does a WAF work? What is a ruleset? https://t.co/Z9rJS57if2 #BugBou… Link with Tweet

Vivek2andan: RT @theXSSrat: A full investigation into WAFs <3 What is a WAF? How does a WAF work? What is a ruleset? https://t.co/Z9rJS57if2 #BugBou… Link with Tweet

microsoftsql: RT @thecryptohack3r: YT channel to learn hacking Follow and Like PleaseRT #hacker #hacking #hackingnews #ArtificialIntelligence #Linux…

PythonExpertBot: RT @thecryptohack3r: Vulnerability Analysis !! Follow and Like PleaseRT #hacker #hacking #hackingnews #ArtificialIntelligence #Linux #…

Nmarques: RT @theXSSrat: A full investigation into WAFs <3 What is a WAF? How does a WAF work? What is a ruleset? https://t.co/Z9rJS57if2 #BugBou… Link with Tweet

----#CYBERCRIME----

JoATPod: Ep. 294 is live with CJ Latham (a fellow GHS Class of 2000 alumnus), Founder of Lucca Veterinary Data Security! We… https://t.co/jDGRjNFupp Link with Tweet

morolswediu: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

DjangoBot_: RT @WajdiAlkayal: CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecurity #privacy #m…

rec0nus: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

TheBeauOliver: #Healthcare Sector Gasps due to #Ransomware Attacks | Cyware #Hacker News. Interesting take! #cyber #cybersecuirty… https://t.co/OqDT2OQYZs Link with Tweet

sectest9: RT @RussiagateBooks: The originals all had a standard and unremarkable file structure. However it was immediately obvious that #GUCCIFER2.0…

CyberSecurityN8: RT @RussiagateBooks: The originals all had a standard and unremarkable file structure. However it was immediately obvious that #GUCCIFER2.0…

RussiagateBooks: The originals all had a standard and unremarkable file structure. However it was immediately obvious that… https://t.co/SuSfQ93VyY Link with Tweet

rschradin: The @FBI has been warning #colleges and #universities that they're on #hackers' hit lists for #ransomware attacks.… https://t.co/80c4nRpEKd Link with Tweet

TripwireInc: What is the "The Grandparent Scam" and is there a way to combat it? Yes, there is as @BobCovello explains.… https://t.co/XMLUEROieR Link with Tweet

Broadcast_Buzz: Our client, @CobaltIron, breaks down their checklist and tips for preparing against #Cybercrime in their latest blo… https://t.co/24IVD1sjAi Link with Tweet

DjangoBot_: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

sprint_code: RT @AlkayalWajdi: @SportsCenter CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecuri…

codedailybot: RT @WajdiAlkayal: CISA suggests using ad blockers to fend off ‘malvertising’ #cybersecurity #security #privacy #networksecurity #privacy #m…

barry_parks: RT @benefytt: How can the #InsuranceIndustry evolve in response to rise in #CyberCrime? @BusInsMagazine looks at weaknesses, solutions. #tu…

----Hacking Updates----

AgentDeus updated infected_hosts. This repo has 1 stars and 0 watchers. This repo was created on 2019-03-04. --- Infected and hacked Huawei, Mikrotik, Ubiquiti, IP Cameras etc network equipment list

pragyanshu-panda-au19 updated github. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- github hack

chubbyphp updated chubbyphp-framework-router-hack-routing. This repo has 2 stars and 0 watchers. This repo was created on 2021-06-08. --- Hack routing implementation for chubbyphp-framework.

Matir updated hacks. This repo has 2 stars and 1 watchers. This repo was created on 2019-10-19. --- Miscellaneous Hacks

philcryer updated fak3r.com. This repo has 3 stars and 0 watchers. This repo was created on 2013-10-12. --- This repository contains the source code for my long running blog, fak3r, since 2005.

therion23 updated KatanaHacking. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-05. --- USB protocol and IR codes for the Creative Sound BlasterX Katana

jametevia updated Accessibility_Presentation. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Hack Reactor Presentation on Accessibility

codenulls updated gta-reversed. This repo has 382 stars and 39 watchers. This repo was created on 2018-07-21. --- Reversed code of GTA:SA executable (gta_sa.exe) 1.0 US

edoardottt updated scilla. This repo has 199 stars and 8 watchers. This repo was created on 2020-09-26. --- Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

Jazz23 updated Deez-Nuts. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-29. --- Gota Hacks

MaartenWubs updated Hacking-with-Objective-C. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- the Hacking with Swift Projects but translated to Objective C

nolkasaur updated GTA-Hacking-Minigame-Browser. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Just learning stuff

pfalcon updated pycopy-projs. This repo has 8 stars and 3 watchers. This repo was created on 2015-09-13. --- Various Pycopy-related proofs of concepts and hacks which don't deserve dedicated repos

audreywatters updated hackeducation.com. This repo has 8 stars and 5 watchers. This repo was created on 2014-12-23. --- The Hack Education website

witoldzol updated java_practice. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-18. --- hacker rank practice excercises

mdakh404 updated PyOVER. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-14. --- PyOVER is a basic tool that's created to get CNAME records for a given list of subdomains in order to discover quick subdomain takeovers.

Negative-py updated SubFinder. This repo has 1 stars and 1 watchers. This repo was created on 2021-05-26. --- Python tool to find the directories of a website by Negative.py

troydraws updated paddy-color-theme. This repo has 13 stars and 1 watchers. This repo was created on 2019-09-29. --- A very detailed VS Code color theme with earthy tones and many background options for all ye badass hackers. 🍁

Romain-P updated alpharite. This repo has 21 stars and 4 watchers. This repo was created on 2020-05-08. --- Battlerite 2020 aimbot, hacks & scripts

Andres-MED-Endava updated ETW20201_bash_script_101. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-15. --- Script designed to explain a basic concepts of Bash script in pentest and Hacking

aigars-github updated blacklist. This repo has 0 stars and 1 watchers. This repo was created on 2020-10-24. --- IP's from which scanning, spaming or hacking attempts detected

facebook updated hhvm. This repo has 16977 stars and 1053 watchers. This repo was created on 2010-01-02. --- A virtual machine for executing programs written in Hack.

teamDidUpdate updated FEC. This repo has 2 stars and 2 watchers. This repo was created on 2021-06-02. --- Front End Capstone for Hack Reactor

hackforla updated website. This repo has 29 stars and 33 watchers. This repo was created on 2018-04-18. --- Hack for LA's website

Prodigy-Hacking updated ProdigyMathGameHacking. This repo has 115 stars and 118 watchers. This repo was created on 2019-09-21. --- Prodigy Hacking: Hacking for the right reasons. | Questions? Ask on our Discord. https://discord.gg/XQDfbfq

----Security Updates----

Infosecdecompress updated infosecdecompress. This repo has 1 stars and 0 watchers. This repo was created on 2020-10-19. --- 資安解壓縮的家 Website of Infosec Decompress

Datatamer updated terraform-aws-security-groups. This repo has 0 stars and 4 watchers. This repo was created on 2021-06-15. --- Terraform module for terraform-aws-security-groups

confluentinc updated cp-demo. This repo has 311 stars and 89 watchers. This repo was created on 2017-10-04. --- Confluent Platform Demo including Apache Kafka, ksqlDB, Control Center, Replicator, Confluent Schema Registry, Security

RedHatOfficial updated ansible-role-rhel8-cjis. This repo has 3 stars and 4 watchers. This repo was created on 2019-05-11. --- Criminal Justice Information Services (CJIS) Security Policy - Ansible role generated from ComplianceAsCode Project

ajtanskanen updated benefits. This repo has 0 stars and 1 watchers. This repo was created on 2019-09-13. --- Finnish earning-related social security as a python module

ZeusXaloc-Dev updated Computer-Security. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- A ideia desta ferramenta é consumir memoria de um computador desejado, basta executa-la. tome cuidado!

JavaGarcia updated Neanet. This repo has 6 stars and 2 watchers. This repo was created on 2020-08-02. --- Threat intelligence

bridgecrewio updated checkov-action. This repo has 47 stars and 18 watchers. This repo was created on 2020-04-18. --- A Github Action to run Checkov against an Infrastructure-as-Code repository. Checkov does static security analysis of Terraform, CloudFormation, Kubernetes, serverless framework and ARM templates

edoardottt updated scilla. This repo has 199 stars and 8 watchers. This repo was created on 2020-09-26. --- Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

henrikhenriksson updated Software_Security_PHP_JS_Group4. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Group work for software security, writtne in PHP and Javascript.

mc2-project updated mc2. This repo has 144 stars and 10 watchers. This repo was created on 2019-09-11. --- A Platform for Secure Analytics and Machine Learning

dsaf2007 updated security. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-17. --- None

enisaeu updated ecsc-gameboard. This repo has 24 stars and 10 watchers. This repo was created on 2018-08-06. --- European Cyber Security Challenge Gameboard

Automattic updated jetpack-production. This repo has 6 stars and 4 watchers. This repo was created on 2021-01-05. --- [READ ONLY] Security, performance, marketing, and design tools — Jetpack is made by WordPress experts to make WP sites safer and faster, and help you grow your traffic. This repository is a mirror, for issue tracking and development head to: https://github.com/automattic/jetpack

bksaini078 updated Network-Communication-and-Security. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-01. --- None

spring-projects updated spring-security. This repo has 5989 stars and 451 watchers. This repo was created on 2012-01-10. --- Spring Security

m441249833 updated spring-security-demo. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-26. --- None

ivan-sincek updated secure-website. This repo has 4 stars and 0 watchers. This repo was created on 2019-02-15. --- Secure website with a registration, sign in, session management, and CRUD controls.

redkubes updated otomi-core. This repo has 105 stars and 5 watchers. This repo was created on 2019-08-01. --- :rocket: Otomi extends Kubernetes with an advanced ingress architecture, a complete suite of integrated applications, multi-tenancy, developer self-service, and implemented security best-practices to support the most common DevOps use cases out-of-the-box.

allenbronshtein updated WebSecurity1. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- None

Azure updated Azure-Sentinel. This repo has 1387 stars and 201 watchers. This repo was created on 2018-08-18. --- Cloud-native SIEM for intelligent security analytics for your entire enterprise.

mdakh404 updated PyOVER. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-14. --- PyOVER is a basic tool that's created to get CNAME records for a given list of subdomains in order to discover quick subdomain takeovers.

Automattic updated jetpack. This repo has 1303 stars and 216 watchers. This repo was created on 2013-12-16. --- Security, performance, marketing, and design tools — Jetpack is made by WordPress experts to make WP sites safer and faster, and help you grow your traffic.

AshwinBalaji52 updated Cyber-Security. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- None

dockovpn updated docker-openvpn. This repo has 194 stars and 9 watchers. This repo was created on 2019-04-11. --- 🔐 Out of the box stateless openvpn-server docker image which starts in less than 2 seconds

----PoC Updates----

ajcsidecar updated Config. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Proof of concept for setting up an xcode project using xcconfig files

sweetpi updated node-module-compiler. This repo has 0 stars and 2 watchers. This repo was created on 2015-02-11. --- Some proof of concept stuff for cross compiling npm modules

pfalcon updated pycopy-projs. This repo has 8 stars and 3 watchers. This repo was created on 2015-09-13. --- Various Pycopy-related proofs of concepts and hacks which don't deserve dedicated repos

seanlucano updated interactive_data. This repo has 0 stars and 1 watchers. This repo was created on 2021-01-03. --- This is a prototype for an interactive learning experience for basic concepts of statistics. Currently, the project is just a proof of concept to try and tackle the task of allowing learners to interact with systems while learning about the rules that govern them.

sandersgutierrez updated helloworld-for-heroku. This repo has 0 stars and 1 watchers. This repo was created on 2019-05-07. --- A project for a proof of concept of Heroku.

codecreative updated newsminder. This repo has 0 stars and 1 watchers. This repo was created on 2021-03-22. --- Proof of concept Puppeteer and Actions

DTS-STN updated POC-intake. This repo has 1 stars and 4 watchers. This repo was created on 2020-03-16. --- Proof of concept forum for the Government of Canada

DTS-STN updated dts-rmp. This repo has 1 stars and 3 watchers. This repo was created on 2020-05-07. --- knowledge management portal proof of concept

Raphael98 updated postr. This repo has 0 stars and 1 watchers. This repo was created on 2020-03-19. --- Postr - proof of concept

explorer436 updated proof-of-concepts. This repo has 0 stars and 1 watchers. This repo was created on 2020-12-30. --- None

hwayne updated alloy-hugo-demo. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Proof of concept of switching Alloytools from Jekyll to Hugo

moe4b-work updated Zombie-Party. This repo has 0 stars and 1 watchers. This repo was created on 2019-05-10. --- A proof of concept for controlling a multiplayer game with mobile phones using the web

CooperW824 updated HSIAP-Proof-of-Concept. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-14. --- None

cpressey updated FStar-in-the-Browser. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-16. --- Proof-of-concept of formally verified frontend web development: F* ⇒ OCaml ⇒ JavaScript ⇒ browser

hmcts updated ccd-party-manager-poc. This repo has 0 stars and 9 watchers. This repo was created on 2021-06-16. --- Proof of concept party interaction manager for complex cases.

hca-JosephSuvak updated API-POC-Testing. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-08. --- Node.js - Proof of Concept for different request frameworks

rythwh updated ye-olde-soup-house. This repo has 2 stars and 1 watchers. This repo was created on 2021-06-15. --- A proof-of-concept game made in about 12 hours. A variation on restaurant cooking games, in Ye Olde Soup House you cook various types of soups for customers as they request it. If you take too long they will leave in anger, costing you the price of the ingredients. Successfully serve them however, and you'll make a nice profit!

thomasoca updated cv-generator-demo. This repo has 0 stars and 1 watchers. This repo was created on 2021-04-03. --- A simple React app as a proof of concept of cv-generator API

input-output-hk updated hydra-poc. This repo has 22 stars and 17 watchers. This repo was created on 2021-03-01. --- Proof of concept for the Hydra Head protocol :construction_worker:

neptune-software updated poc-devsecops-infra. This repo has 0 stars and 2 watchers. This repo was created on 2021-06-11. --- Proof of Concept of a pro-active DevSecOps pipeline

murthyvsap updated Commercial-App-Experience. This repo has 1 stars and 1 watchers. This repo was created on 2021-05-26. --- End-to-end Commercial App Experience Proof Of Concept

WirePact updated wirepact-poc. This repo has 1 stars and 0 watchers. This repo was created on 2021-05-18. --- Proof of Concept of WirePact. Contains the installation guide and the needed parts to run WirePact in Kubernetes.

irfanandriansyah1997 updated style-guide-v2. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-09. --- proof of concept multiple style guide on single repo

KnpLabs updated symfony-twig-react-example. This repo has 0 stars and 1 watchers. This repo was created on 2021-06-08. --- A proof of concept using a Twig powered Symfony app and a React SPA

timnyborg updated redpot-unchained. This repo has 0 stars and 1 watchers. This repo was created on 2021-05-14. --- Proof of concept of migrating Redpot to Django - mirror from gitlab