π Sifter 7.8 π
π Go!
via "Security Tool Files β Packet Storm".
Sifter is a osint, recon, and vulnerability scanner. It combines a plethora of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the blue vulnerabilities within Microsoft systems and if unpatched, exploits them.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Sifter 7.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Mandos Encrypted File System Unattended Reboot Utility 1.8.12 π
π Go!
via "Security Tool Files β Packet Storm".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.12 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ BEC Busts Take Down Multimillion-Dollar Operations π΄
π Read
via "Dark Reading: ".
The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.π Read
via "Dark Reading: ".
Dark Reading
BEC Busts Take Down Multimillion-Dollar Operations
The two extraditions of business email compromise attackers indicate a step forward for international law enforcement collaboration.
ATENTIONβΌ New - CVE-2020-15096
π Read
via "National Vulnerability Database".
In Electron before versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21, there is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. Apps using "contextIsolation" are affected. There are no app-side workarounds, you must update your Electron version to be protected. This is fixed in versions 6.1.1, 7.2.4, 8.2.4, and 9.0.0-beta21.π Read
via "National Vulnerability Database".
β Flashy Nigerian Instagram star extradited to US to face BEC charges β
π Read
via "Naked Security".
It's a short jump from a Rolls Royce ride to extradition from the UAE. Goodbye, Dubai, goodbye, Palazzo Versace, hello, Chicago jail cell.π Read
via "Naked Security".
Naked Security
Flashy Nigerian Instagram star extradited to US to face BEC charges
Itβs a short jump from a Rolls Royce ride to extradition from the UAE. Goodbye, Dubai, goodbye, Palazzo Versace, hello, Chicago jail cell.
β First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered β
π Read
via "Threatpost".
Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.π Read
via "Threatpost".
Threat Post
First-Ever Russian BEC Gang, Cosmic Lynx, Uncovered
Researchers warn that Cosmic Lynx targets firms that don't use DMARC and uses a "mergers and acquisitions" pretext that can lead to large sums of money being stolen.
β Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites β
π Read
via "Threatpost".
A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.π Read
via "Threatpost".
Threat Post
Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites
A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals.
β Company web names hijacked via outdated cloud DNS records β
π Read
via "Naked Security".
Why hack into a server when you can just send vistors to a fake alternative instead?π Read
via "Naked Security".
Naked Security
Company web names hijacked via outdated cloud DNS records
Why hack into a server when you can just send vistors to a fake alternative instead?
π΄ Applying the 80-20 Rule to Cybersecurity π΄
π Read
via "Dark Reading: ".
How security teams can achieve 80% of the benefit for 20% of the work.π Read
via "Dark Reading: ".
Dark Reading
Applying the 80-20 Rule to Cybersecurity
How security teams can achieve 80% of the benefit for 20% of the work.
π Remote workers aren't taking security seriously. Now that has to change π
π Read
via "Security on TechRepublic".
IT teams help can mitigate the risks of shadow IT by being more flexible and adapting to the needs of remote workers, according to a new study.π Read
via "Security on TechRepublic".
TechRepublic
Remote workers aren't taking security seriously. Now that has to change
IT teams can help mitigate the risks of shadow IT by being more flexible and adapting to the needs of remote workers, according to a new study.
β Citrix Bugs Allow Unauthenticated Code Injection, Data Theft β
π Read
via "Threatpost".
Admins should patch their Citrix ADC and Gateway installs immediately.π Read
via "Threatpost".
Threat Post
Citrix Bugs Allow Unauthenticated Code Injection, Data Theft
Admins should patch their Citrix ADC and Gateway installs immediately.
π 65% of organizations saw at least 3 OT system intrusions within the past year π
π Read
via "Security on TechRepublic".
As OT tech becomes more advanced, so do the cybersecurity concerns surrounding it, Fortinet found.π Read
via "Security on TechRepublic".
TechRepublic
65% of organizations saw at least 3 OT system intrusions within the past year
As OT tech becomes more advanced, so do the cybersecurity concerns surrounding it, Fortinet found.
π Bitdefender unveils Human Risk Analytics to protect against human error π
π Read
via "Security on TechRepublic".
Part of the company's GravityZone product, the new feature analyzes user mistakes and errors to help track and mitigate them.π Read
via "Security on TechRepublic".
TechRepublic
Bitdefender unveils Human Risk Analytics to protect against human error
Part of the company's GravityZone product, the new feature analyzes user mistakes and errors to help track and mitigate them.
π GRR 3.4.2.0 π
π Go!
via "Security Tool Files β Packet Storm".
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts: client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action: downloading file, listing a directory, etc. GRR server infrastructure consists of several components (frontends, workers, UI servers) and provides web-based graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.π Go!
via "Security Tool Files β Packet Storm".
Packetstormsecurity
GRR 3.4.2.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ATENTIONβΌ New - CVE-2020-15037
π Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Reports-Devices.php page st[] parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-15036
π Read
via "National Vulnerability Database".
NeDi 1.9C is vulnerable to cross-site scripting (XSS) attack. The application allows an attacker to execute arbitrary JavaScript code via the Topology-Linked.php dv parameter.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10745
π Read
via "National Vulnerability Database".
A flaw was found in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4 in the way it processed NetBios over TCP/IP. This flaw allows a remote attacker could to cause the Samba server to consume excessive CPU use, resulting in a denial of service. This highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2020-10730
π Read
via "National Vulnerability Database".
A NULL pointer dereference, or possible use-after-free flaw was found in the in Samba AD LDAP server in versions before 4.10.17, before 4.11.11 and before 4.12.4. Although some versions of Samba shipped with Red Hat Enterprise Linux do not support Samba in AD mode, the affected code is shipped with the libldb package. This flaw allows an authenticated user to possibly trigger a use-after-free or NULL pointer dereference. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-4324
π Read
via "National Vulnerability Database".
"HCL AppScan Enterprise is susceptible to Cross-Site Scripting while importing a specially crafted test policy."π Read
via "National Vulnerability Database".
ATENTIONβΌ New - CVE-2019-4323
π Read
via "National Vulnerability Database".
"HCL AppScan Enterprise advisory API documentation is susceptible to clickjacking, which could allow an attacker to embed the contents of untrusted web pages in a frame."π Read
via "National Vulnerability Database".
β Cerberus Banking Trojan Unleashed on Google Play β
π Read
via "Threatpost".
The Cerberus malware can steal banking credentials, bypass security measures and access text messages.π Read
via "Threatpost".
Threat Post
Cerberus Banking Trojan Unleashed on Google Play
The Cerberus malware can steal banking credentials, bypass security measures and access text messages.