Cyber Security Newsfeeds from around the world
A nation-state backed group of attackers that Cisco Talos is identifying as Sea Turtle, have been actively exploiting domain name information, by going after domain registries for entire countries. Cisco Talos is warning of a new attacker group it has …
Continue ReadingFor at least two years, a highly capable threat actor has been running a campaign that relied on DNS hijacking to reach their targets. In the operation, at least 40 public and private organizations in 13 countries have been compromised. The domain name…
Continue ReadingRussian Hackers Use RATs to Target Financial Entities.
A financially motivated threat actor believed to speak Russian has used remote access Trojans (RATs) in attacks on financial entities in the United States and worldwide, Israel-based security firm…
Continue Reading[+] Exploit Title ; Onion Search Engine Unvalidated Redirect and Forwards Vulnerability [+] Date : 2019-04-18 [+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS [+] Vendor Homepage : http://5u56fjmxu63xcmbk.onion [+] Dork : N/A [+] Version : N/A [+] Test…
Continue Reading# Exploit Title:ASUS HG100 devices denial of service(DOS) via IPv4 packets/SlowHTTPDOS # Date: 2019-04-14 # Exploit Author: YinT Wang; # Vendor Homepage: www.asus.com # Version: Hardware version: HG100 ã€Firmware version: 1.05.12 # Tested on: Currnet 1…
Continue ReadingRedhat JBoss Web Server 3.1 for RHEL 7 Redhat JBoss Web Server 3.1 for RHEL 6 Redhat Enterprise Linux Workstation Optional 7 Redhat Enterprise Linux Workstation 7 Redhat Enterprise Linux Workstation 6 Redhat Enterprise Linux Server Optional 7 Redhat En…
Continue ReadingA team of researchers has demonstrated an interesting type of denial-of-service (DoS) attack on programmable logic controllers (PLCs), where network flooding can lead to the disruption of the physical process controlled by the device. A paper titled “Y…
Continue ReadingDescription. A vulnerability in the Software Image Management feature of Cisco DNA Center could allow an authenticated, remote attacker to access to internal services without additional authentication. The vulnerability is due to insufficient validatio…
Continue ReadingDescription. A vulnerability in certain access control mechanisms for the Secure Shell (SSH) server implementation for Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, adjacent attacker to access a CLI instance on an affecte…
Continue ReadingA very slightly strange and less usual malware campaign this morning that does eventually deliver Formbook. The email is nothing special, very terse & bland that just says ” Kindly find the attachment”. It has 2 Microsoft Word Doc attachments, both ver…
Continue Reading