Cyber Newsroom Feed
The "Cyber Newsroom Feed" module is a live feed of the latest cyber news enriched with CVE and vulnerability data. The feed is updated every 5 minutes and includes the latest news from the cyber security industry. The feed is designed to provide users with a comprehensive overview of the latest cyber security news and trends.
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ... Read more
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ... Read more
-
SentinelOne DE
Das Gute, das Schlechte und das Hässliche in der Cybersicherheit – Woche 28
In dieser Woche wurde ein großer Business Email Compromise-Betrugsversuch abgewehrt, der sich gegen Office 365 richtete. BEC oder Email Account Compromises waren im vergangenen Jahr für den größten An ... Read more
-
blogspot.com
If You Can't Patch Your Email Server, You Should Not Be Running It
CVE-2020-0688 Scan Results, per Rapid7 tl;dr -- it's the title of the post: "If You Can't Patch Your Email Server, You Should Not Be Running It." I read a disturbing story today with the following new ... Read more
-
huntress.com
Validating the SolarWinds N-central “Dumpster Diver” Vulnerability
Update 1/26/2020: MITRE assigned CVE-2020–7984 for this vulnerability.Update 12:55pm 1/24/2020: SolarWinds has released two hotfixes for the vulnerabilities! You can find these fixes on their support ... Read more
-
huntress.com
Validating the Bishop Fox Findings in ConnectWise Control | Huntress
In computer security, responsible disclosure is a vulnerability disclosure model in which an issue is publicly disclosed only after a period of time that allows for the affected party to patch/resolve ... Read more
-
huntress.com
Keeping up with BlueKeep
Remote Desktop Services (RDS) benefit employees and IT administrators alike. With employees often working from anywhere, remote desktop reduces the physical burden of carrying a work laptop home 🏠. It ... Read more
-
Comae Technologies
How to Solve the Blindspots of Event-Driven Detection
A while back, I discussed how memory could be used as an ultimate form of the log as long as the analysis workflow and process is smooth.This blog post will start by explaining the blind spots created ... Read more
-
carnal0wnage.com
Jenkins - CVE-2018-1000600 PoC
second exploit from the blog post https://blog.orange.tw/2019/01/hacking-jenkins-part-1-play-with-dynamic-routing.html Chained with CVE-2018-1000600 to a Pre-auth Fully-responded SSRF https://jenkins. ... Read more
-
carnal0wnage.com
Jenkins - messing with exploits pt3 - CVE-2019-1003000
References: https://www.exploit-db.com/exploits/46453 http://blog.orange.tw/2019/02/abusing-meta-programming-for-unauthenticated-rce.html This post covers the Orange Tsai Jenkins pre-auth exploit Vuln ... Read more