Probes for recent ABUS Security Camera Vulnerability
https://isc.sans.edu/diary/Probes%20for%20recent%20ABUS%20Security%20Camera%20Vulnerability%3A%20Attackers%20keep%20an%20eye%20on%20everything./29870
.ZIP Domains Confuse Virustotal
https://twitter.com/imohanasundaram/status/1660678184977805316
Synology DSM 6.2 Patch
https://www.synology.com/en-global/security/advisory/Synology_SA_22_25
Jenkins Fixes Multiple Plugin Vulnerabilities
https://www.jenkins.io/security/advisory/2023-05-16/
PyPi Suspension Lifted
https://status.python.org/incidents/qy2t9mjjcc7g
Nissan Sylphy Classic Key Vulnerability
https://vulmon.com/vulnerabilitydetails?qid=CVE-2023-33281
Another Malicious HTA File Analysis – Part 3
https://isc.sans.edu/forums/diary/Another%20Malicious%20HTA%20File%20Analysis%20-%20Part%203/29678/
When the Phisher Messes Up With Encoding
https://isc.sans.edu/diary/When%20the%20Phisher%20Messes%20Up%20With%20Encoding/29864
PyPi Suspends New Users and Projects
https://status.python.org/incidents/qy2t9mjjcc7g
PGP Signatures on PyPi: Worse than useless
https://blog.yossarian.net/2023/05/21/PGP-signatures-on-PyPI-worse-than-useless
RATs found hiding in the npm attic
https://www.reversinglabs.com/blog/rats-found-hiding-in-the-npm-attic
Apple Updates Everything
https://isc.sans.edu/diary/Apple%20Updates%20Everything/29860
A Quick Survey of .zip Domains
https://isc.sans.edu/diary/A%20Quick%20Survey%20of%20.zip%20Domains%3A%20Your%20highest%20risk%20is%20running%20into%20Rick%20Astley./29858
Dell NetWorker Security Update
https://www.dell.com/support/kbdoc/en-us/000211267/dsa-2023-060-dell-networker-security-update-for-an-nsrcapinfo-vulnerability?lwp=rt
KeePass 2.X Master Password Dumper
https://github.com/vdohney/keepass-password-dumper
Increase in Malicious RAR SFX Files
https://isc.sans.edu/forums/diary/Increase%20in%20Malicious%20RAR%20SFX%20files/29852/
FriendlyName Buffer Overflow in Wemo Smartplug
https://sternumiot.com/iot-blog/mini-smart-plug-v2-vulnerability-buffer-overflow/
Wago License Page Exploit
https://onekey.com/blog/security-advisory-wago-unauthenticated-remote-command-execution/
Routers Turned Into Proxies
https://research.checkpoint.com/2023/the-dragon-who-sold-his-camaro-analyzing-custom-router-implant/
Signals Defense With Faraday Bags
https://isc.sans.edu/forums/diary/Signals%20Defense%20With%20Faraday%20Bags%20%26%20Flipper%20Zero/29840/
Microsoft Sharepoint Scans Password Protected Files
https://infosec.exchange/@threatresearch/110373860063222707#
Critical Sandbox Escape Vulnerability in VM2
https://github.com/patriksimek/vm2/security/advisories/GHSA-whpj-8f3w-67p5
Geacon Brings Cobalt Strike Capabilities to MacOS Threat Actors
https://www.sentinelone.com/blog/geacon-brings-cobalt-strike-capabilities-to-macos-threat-actors/
Ongoing Facebook Phishing campaign Without a Sender and (almost) without Links
https://isc.sans.edu/diary/Ongoing%20Facebook%20phishing%20campaign%20without%20a%20sender%20and%20%28almost%29%20without%20links/29848
Intel Microcode Updates Do Not Patch Vulnerability
https://www.theregister.com/2023/05/15/intel_mystery_microcode/
Fake Trezor Hardware Crypto Wallet
https://www.kaspersky.com/blog/fake-trezor-hardware-crypto-wallet/48155/
TP-Link Archer AX-21 Command Injection CVE-2023-1389 Exploited
https://www.fortiguard.com/threat-signal-report/5157/tp-link-archer-ax-21-command-injection-vulnerability-cve-2023-1389-exploited-in-the-wild
Intelligence-related activities found within today’s global security programs aids in the protection of people, physical assets, finances and intellectual property.
The .zip gTLD: Risks and Opportunities
https://isc.sans.edu/forums/diary/The+zip+gTLD+Risks+and+Opportunities/29838/
Brave Forgetful Browsing
https://brave.com/privacy-updates/25-forgetful-browsing/
Intel Mystery Microcode Patch
https://www.phoronix.com/news/Intel-12-May-2023-Microcode
Netgear Updates
https://kb.netgear.com/000065619/Security-Advisory-for-Multiple-Vulnerabilities-on-the-RAX30-PSV-2022-0348
Synology Updates
https://www.synology.com/en-global/security/advisory/Synology_SA_23_04
https://claroty.com/team82/research/chaining-five-vulnerabilities-to-exploit-netgear-nighthawk-rax30-routers-at-pwn2own-toronto-2022
Geolocating IPs is Harder Than You Think
https://isc.sans.edu/diary/Geolocating%20IPs%20is%20harder%20than%20you%20think/29834
Pre-Infected Mobile Phones
https://www.theregister.com/2023/05/11/bh_asia_mobile_phones/
Dragos Breach
https://www.dragos.com/blog/deconstructing-a-cybersecurity-event/
AndoryuBot Targets Ruckus Admin RCE Vulnerability
https://www.fortinet.com/blog/threat-research/andoryubot-new-botnet-campaign-targets-ruckus-wireless-admin-remote-code-execution-vulnerability-cve-2023-25717
Cookie | Duration | Description |
---|---|---|
cookielawinfo-checbox-analytics | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics". |
cookielawinfo-checbox-functional | 11 months | The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional". |
cookielawinfo-checbox-others | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other. |
cookielawinfo-checkbox-necessary | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary". |
cookielawinfo-checkbox-performance | 11 months | This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance". |
PHPSESSID | session | This cookie is native to PHP applications. The cookie is used to store and identify a users' unique session ID for the purpose of managing user session on the website. The cookie is a session cookies and is deleted when all the browser windows are closed. |
pmpro_visit | session | The cookie is set by PaidMembership Pro plugin. The cookie is used to manage user memberships. |
viewed_cookie_policy | 11 months | The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data. |