Marketing giant RRD confirms data theft in Conti ransomware attack
https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/
https://www.bleepingcomputer.com/news/security/marketing-giant-rrd-confirms-data-theft-in-conti-ransomware-attack/
BleepingComputer
Marketing giant RRD confirms data theft in Conti ransomware attack
RR Donnelly has confirmed that threat actors stole data in a December cyberattack, confirmed by BleepingComputer to be a Conti ransomware attack.
Large-scale cyberattack halts Red Cross work reuniting families, exposes confidential data
https://www.cyberscoop.com/large-scale-cyberattack-halts-red-cross-work-reuniting-families-exposes-confidential-data/
https://www.cyberscoop.com/large-scale-cyberattack-halts-red-cross-work-reuniting-families-exposes-confidential-data/
CyberScoop
Large-scale cyberattack halts Red Cross work reuniting families, exposes confidential data
A cyberattack compromised personal and confidential data on more than half a million people helped by at least 60 Red Cross and Red Crescent organizations around the world, the International Committee of the Red Cross announced Wednesday. The organization…
Orca Security Acquires Web Application Security Startup RapidSec
https://www.msspalert.com/investments/orca-security-acquires-web-application-security-startup-rapidsec/
https://www.msspalert.com/investments/orca-security-acquires-web-application-security-startup-rapidsec/
MSSP Alert
Orca Security Acquires Web Application Security Startup RapidSec -
RapidSec, now owned by Orca Security, protects web applications from client-side attacks. Here's how MSSPs may benefit from the M&A deal.
Red Cross begs hackers not to leak data of “highly vulnerable people”
https://therecord.media/red-cross-begs-hackers-not-to-leak-data-of-highly-vulnerable-people/
https://therecord.media/red-cross-begs-hackers-not-to-leak-data-of-highly-vulnerable-people/
therecord.media
Red Cross begs hackers not to leak data of "highly vulnerable people"
The Red Cross has disclosed that it was the victim of a cyber attack and has asked the hackers who broke into the IT network of one of its contractors not to leak the personal information of more than 515,000 of \"highly vulnerable people.\"
Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks
https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-fixes-serv-u-bug-exploited-for-log4j-attacks/
https://www.bleepingcomputer.com/news/microsoft/microsoft-solarwinds-fixes-serv-u-bug-exploited-for-log4j-attacks/
BleepingComputer
Microsoft: SolarWinds fixes Serv-U bug exploited for Log4j attacks
SolarWinds has patched a new Serv-U vulnerability discovered by Microsoft that threat actors attempted to use to propagate Log4j attacks to internal LDAP servers.
A UK government-backed campaign aims to thwart end-to-end encryption rollout
https://therecord.media/a-uk-government-backed-campaign-aims-to-thwart-end-to-end-encryption-rollout/
https://therecord.media/a-uk-government-backed-campaign-aims-to-thwart-end-to-end-encryption-rollout/
The Record
A UK government-backed campaign aims to thwart end-to-end encryption rollout
A new government-backed campaign in the UK is pressuring tech companies to halt the use of end-to-end encryption (E2EE) on social media platforms to make it easier for law enforcement to detect child abuse and exploitation. E2EE is a technology soon to be…
Red Cross cyberattack exposes data of 515,000 people seeking missing family
https://www.bleepingcomputer.com/news/security/red-cross-cyberattack-exposes-data-of-515-000-people-seeking-missing-family/
https://www.bleepingcomputer.com/news/security/red-cross-cyberattack-exposes-data-of-515-000-people-seeking-missing-family/
BleepingComputer
Red Cross cyberattack exposes data of 515,000 people seeking missing family
A cyberattack on a Red Cross contactor has led to the theft of personal data for more than 515,000 people in 'Restoring Family Links,' a program that helps reunite families separated by war, disaster, and migration.
Adding DCSync Permissions from Linux
https://www.n00py.io/2022/01/adding-dcsync-permissions-from-linux/
#ad #dcsync #linux
https://www.n00py.io/2022/01/adding-dcsync-permissions-from-linux/
#ad #dcsync #linux
www.n00py.io
Adding DCSync Permissions from Linux
Recently I came upon an attack path in BloodHound that looked like this: I had control of a computer object (an Exchange server) that effectively had WriteDacl over the domain. I had a few constraints as well: All systems were configured with EDR I only had…
Vulnerable Websites for Penetration Testing Training
Hack The Box http://hackthebox.com
CTFlearn http://ctflearn.com
OverTheWire http://overthewire.org/wargames/
Root-Me http://root-me.org
OWASP Juice Shop http://owasp.org/www-project-juice-shop/
Hackxor http://hackxor.net
OWASP Bricks http://wiki.owasp.org/index.php/OWASP_Bricks
XSS Game http://xss-game.appspot.com
W3challs http://w3challs.com
OWASP Insecure Web App Project http://wiki.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
CrackMeBank http://crackme.cenzic.com/kelev/view/home.php
Zero bank http://zero.webappsecurity.com
Hacking Lab http://hacking-lab.com
OWASP WebGoat http://owasp.org/www-project-webgoat/
Vuln Hub http://vulnhub.com
Hack Me http://hack.me
Defend the web http://defendtheweb.net
bWAPP http://itsecgames.com
Hellbound Hackers http://hbh.sh
HackThisSite http://hackthissite.org
Google Gruyere http://google-gruyere.appspot.com
Damn Vulnerable iOS App - DVIA http://damnvulnerableiosapp.com
Hack The Box http://hackthebox.com
CTFlearn http://ctflearn.com
OverTheWire http://overthewire.org/wargames/
Root-Me http://root-me.org
OWASP Juice Shop http://owasp.org/www-project-juice-shop/
Hackxor http://hackxor.net
OWASP Bricks http://wiki.owasp.org/index.php/OWASP_Bricks
XSS Game http://xss-game.appspot.com
W3challs http://w3challs.com
OWASP Insecure Web App Project http://wiki.owasp.org/index.php/Category:OWASP_Insecure_Web_App_Project
CrackMeBank http://crackme.cenzic.com/kelev/view/home.php
Zero bank http://zero.webappsecurity.com
Hacking Lab http://hacking-lab.com
OWASP WebGoat http://owasp.org/www-project-webgoat/
Vuln Hub http://vulnhub.com
Hack Me http://hack.me
Defend the web http://defendtheweb.net
bWAPP http://itsecgames.com
Hellbound Hackers http://hbh.sh
HackThisSite http://hackthissite.org
Google Gruyere http://google-gruyere.appspot.com
Damn Vulnerable iOS App - DVIA http://damnvulnerableiosapp.com
Hackthebox
Cyber Mastery: Community Inspired. Enterprise Trusted. | Hack The Box
Hack The Box is the leading cyber readiness platform for the agentic era, battle-testing and upskilling both humans & AI agents to enhance organizational cyber resilience.
Kraken the Code on Prometheus
https://blogs.blackberry.com/en/2022/01/kraken-the-code-on-prometheus
White Rabbit Ransomware and Its Evasion Tactics
https://www.trendmicro.com/en_us/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics.html
#Malware #analysis #cybersecurity #infosec #infosecurity
https://blogs.blackberry.com/en/2022/01/kraken-the-code-on-prometheus
White Rabbit Ransomware and Its Evasion Tactics
https://www.trendmicro.com/en_us/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics.html
#Malware #analysis #cybersecurity #infosec #infosecurity
BlackBerry
Kraken the Code on Prometheus
The BlackBerry Research & Intelligence Team has uncovered a cluster of nine distinct Russian threat actors who have attacked U.S. government agencies using Prometheus, a network of malicious Traffic Direction Systems.
CVE-2022-21661
Exposing Database Info via WordPress SQL Injection
https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection
#cybersecurity #infosec #infosecurity #pentesting #WordPress #redteam #SQL #CVE
Exposing Database Info via WordPress SQL Injection
https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection
#cybersecurity #infosec #infosecurity #pentesting #WordPress #redteam #SQL #CVE
Zero Day Initiative
Zero Day Initiative — CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently…
👍1
Vulnerable AWS Lambda function - Initial access in cloud attacks
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre
#cybersecurity #infosec #infosecurity #cloud #Lambda #redteam #AWS
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre
#cybersecurity #infosec #infosecurity #cloud #Lambda #redteam #AWS
Sysdig
Lambda Threat – Best Practices for Lambda Security | Sysdig
The security research team explains the attack scenario with a vulnerable AWS Lambda function could be a threat used by attackers.
CVE-2022-23307: Log4j 1 Deserialization Vulnerability Alert
https://securityonline.info/cve-2022-23307-log4j-1-deserialization-vulnerability-alert/
https://securityonline.info/cve-2022-23307-log4j-1-deserialization-vulnerability-alert/
Cybersecurity News
CVE-2022-23307: Log4j 1 Deserialization Vulnerability Alert
Apache released a security bulletin that disclosed Log4j deserialization vulnerabilities (CVE-2022-23307), which affected the Apache Log4j 1.x version
CVE-2022-23302: Apache Log4j 1.x remote code execution vulnerability alert
https://securityonline.info/cve-2022-23302-apache-log4j-1-x-remote-code-execution-vulnerability-alert/
https://securityonline.info/cve-2022-23302-apache-log4j-1-x-remote-code-execution-vulnerability-alert/
Cybersecurity News
CVE-2022-23302: Apache Log4j 1.x remote code execution vulnerability alert
Apache released a security bulletin that disclosed the deserialization of untrusted data in JMSSink vulnerability (CVE-2022-23302)
Implementing Vaccine and Testing Mandates at the Enterprise
https://www.securitymagazine.com/articles/96891-implementing-vaccine-and-testing-mandates-at-the-enterprise
https://www.securitymagazine.com/articles/96891-implementing-vaccine-and-testing-mandates-at-the-enterprise
Security Magazine
Implementing Vaccine and Testing Mandates at the Enterprise
Listen to latest episode of The Security Podcasts as we sit down with CEO of Bloom Health Andrew Morton to discuss implementing vaccine and testing mandates for COVID-19.
Tactical strategies for strengthening the security profile
https://www.securitymagazine.com/articles/96939-tactical-strategies-for-strengthening-the-security-profile
https://www.securitymagazine.com/articles/96939-tactical-strategies-for-strengthening-the-security-profile
Security Magazine
Tactical strategies for strengthening the security profile
As the volume of ransomware payments and rise in ransomware attacks continue to increase, CISOs must adapt to the evolving threat landscape and focus on practical strategies to strengthen resiliency.
Telegram Increasingly Abused for Selling Stolen Financial Details
https://cybersecuritynews.com/telegram-messenger-abused/
https://cybersecuritynews.com/telegram-messenger-abused/
Cyber Security News
Telegram Increasingly Abused for Selling Stolen Financial Details
The cybercriminals are actively abusing the Telegram messenger for setting up underground channels selling stolen financial details on them and also executing their other illicit activities as well.
Active shooter preparedness is critical for employee safety
https://www.securitymagazine.com/articles/96938-active-shooter-preparedness-is-critical-for-employee-safety
https://www.securitymagazine.com/articles/96938-active-shooter-preparedness-is-critical-for-employee-safety
Security Magazine
Active shooter preparedness is critical for employee safety
Security professionals have a duty of care to employees and users to protect them from physical threats. The threat of active shooter situations necessitates a proactive security response.