Unmanaged Devices Run Rampant in 47% of Companies
https://ift.tt/HiK07uf
Submitted September 12, 2023 at 12:44AM by KolideKenny
via reddit https://ift.tt/mUS6gpO
https://ift.tt/HiK07uf
Submitted September 12, 2023 at 12:44AM by KolideKenny
via reddit https://ift.tt/mUS6gpO
Kolide
Unmanaged Devices Run Rampant in 47% of Companies
New research shows that employees access sensitive data on personal devices–
often to get around security.
often to get around security.
Activation Context Hell - DosDevices Remapping Attack under Impersonation
https://ift.tt/KaksQcu
Submitted September 12, 2023 at 12:33AM by hacksysteam
via reddit https://ift.tt/IhwSLAR
https://ift.tt/KaksQcu
Submitted September 12, 2023 at 12:33AM by hacksysteam
via reddit https://ift.tt/IhwSLAR
The Growing Threat of Insider Attacks
https://ift.tt/adiTOAS
Submitted September 12, 2023 at 09:49AM by OkPossible7152
via reddit https://ift.tt/hn45woZ
https://ift.tt/adiTOAS
Submitted September 12, 2023 at 09:49AM by OkPossible7152
via reddit https://ift.tt/hn45woZ
Virtual Cybersecurit
Unseen Predators: The Growing Threat of Insider Attacks in Cybersecurity
Explore the growing threat of insider attacks in the realm of cybersecurity. From defining what constitutes an insider threat, its various types, to strategies for mitigating such risks, this comprehensive guide covers all aspects of this pressing issue.…
Exploring Cloud Security: Safeguarding Your Digital Assets in Cloud
https://ift.tt/TJVl9I6
Submitted September 12, 2023 at 11:19AM by Icy-Avocado-1634
via reddit https://ift.tt/gjwuvhA
https://ift.tt/TJVl9I6
Submitted September 12, 2023 at 11:19AM by Icy-Avocado-1634
via reddit https://ift.tt/gjwuvhA
Medium
Exploring Cloud Security — Safeguarding Your Digital Assets in the Cloud
Cloud Security Explained for Businesses- How it Plays a Pivotal Role in Ensuring the Confidentiality, of Your Company Data
Analyzing Security Vulnerabilities in XWiki: In-Depth Examination
https://ift.tt/6ZAIBpr
Submitted September 12, 2023 at 06:19PM by appsec1337
via reddit https://ift.tt/ucmS0pq
https://ift.tt/6ZAIBpr
Submitted September 12, 2023 at 06:19PM by appsec1337
via reddit https://ift.tt/ucmS0pq
Penetration Testing and CyberSecurity Solution - SecureLayer7
Analyzing Security Vulnerabilities in XWiki: In-Depth Examination
XWiki is an open-source knowledge repository which is primarily meant for enterprise use, i.e. intra-company knowledge storage and sharing. As per its website, XWiki is a "second generation" wiki,...
Blog Patrowl: OmniSpace, from automated 0day XSS to RCE by @Pepito_oh
https://ift.tt/dtF8sh9
Submitted September 12, 2023 at 06:36PM by MaKyOtOx
via reddit https://ift.tt/wGUt7gP
https://ift.tt/dtF8sh9
Submitted September 12, 2023 at 06:36PM by MaKyOtOx
via reddit https://ift.tt/wGUt7gP
External Exposure Management as a Service
External Exposure Management as a Service | Patrowl
Identify and harden your External Security Posture with the leader. Let us manage time-consuming tasks and focus on remediation
Malware distributor Storm-0324 facilitates ransomware access
https://ift.tt/Y5BNOXZ
Submitted September 12, 2023 at 10:52PM by SCI_Rusher
via reddit https://ift.tt/1tYJZBM
https://ift.tt/Y5BNOXZ
Submitted September 12, 2023 at 10:52PM by SCI_Rusher
via reddit https://ift.tt/1tYJZBM
Microsoft Security Blog
Malware distributor Storm-0324 facilitates ransomware access | Microsoft Security Blog
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently…
3.5 TB of data stolen from Datadvance: NDAs, noscripts, and contracts leaked
https://ift.tt/j72OphK
Submitted September 12, 2023 at 10:45PM by nareksays
via reddit https://ift.tt/jabYfMk
https://ift.tt/j72OphK
Submitted September 12, 2023 at 10:45PM by nareksays
via reddit https://ift.tt/jabYfMk
Zimbra Email Users Targeted in Phishing Attack | Deeplab.com
https://ift.tt/7NhoIwl
Submitted September 13, 2023 at 01:02AM by RemarkableDatas
via reddit https://ift.tt/3LSkJhC
https://ift.tt/7NhoIwl
Submitted September 13, 2023 at 01:02AM by RemarkableDatas
via reddit https://ift.tt/3LSkJhC
From Terminal Output to Arbitrary Remote Code Execution
https://ift.tt/vdlrToR
Submitted September 13, 2023 at 12:54AM by _solid_snail
via reddit https://ift.tt/lOBM6jm
https://ift.tt/vdlrToR
Submitted September 13, 2023 at 12:54AM by _solid_snail
via reddit https://ift.tt/lOBM6jm
solid-snail blog
From Terminal Output to Arbitrary Remote Code Execution
It was the year of the Linux desktop 1978. Old yellowed computers were not yet old, nor yellowed. Digital Equipment Corporation released the first popular terminal to support a standardized in-band encoding for control functions, the VT100.
mXSS in Skiff: How browser mutations and Cloudflare helped to steal decrypted emails
https://ift.tt/ScKWRFd
Submitted September 13, 2023 at 02:09PM by SonarPaul
via reddit https://ift.tt/9xeHmjs
https://ift.tt/ScKWRFd
Submitted September 13, 2023 at 02:09PM by SonarPaul
via reddit https://ift.tt/9xeHmjs
Sonarsource
Code Vulnerabilities Put Skiff Emails at Risk
Our Research team discovered critical code vulnerabilities in Proton Mail, Skiff, and Tutanota. This post covers the technical details of the XSS vulnerability in Skiff.
Compile it ⚙️ , Debug it 🔬 , Hack it 😎 it's the Linux kernel 🐧 - vsociety
https://ift.tt/z5VLPct
Submitted September 13, 2023 at 06:34PM by vsociety_
via reddit https://ift.tt/6YQyfV3
https://ift.tt/z5VLPct
Submitted September 13, 2023 at 06:34PM by vsociety_
via reddit https://ift.tt/6YQyfV3
www.vicarius.io
Compile it ⚙️ , Debug it 🔬 , Hack it 😎 it's the Linux kernel 🐧 - vsociety
CVE-2023-38146: Arbitrary Code Execution via Windows Themes
https://ift.tt/oz9qmk1
Submitted September 13, 2023 at 10:25PM by gabe_k
via reddit https://ift.tt/rYpgdCR
https://ift.tt/oz9qmk1
Submitted September 13, 2023 at 10:25PM by gabe_k
via reddit https://ift.tt/rYpgdCR
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack
https://ift.tt/scAldWq
Submitted September 13, 2023 at 09:36PM by nareksays
via reddit https://ift.tt/YSAdtpI
https://ift.tt/scAldWq
Submitted September 13, 2023 at 09:36PM by nareksays
via reddit https://ift.tt/YSAdtpI
Security
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack
Attackers resorted to new ransomware after deployment of LockBit was blocked on targeted network.
Split BloodHound input files to prevent import failures
https://ift.tt/1gjlG3v
Submitted September 14, 2023 at 01:34PM by Pleasant-Drawer729
via reddit https://ift.tt/n1l9uj3
https://ift.tt/1gjlG3v
Submitted September 14, 2023 at 01:34PM by Pleasant-Drawer729
via reddit https://ift.tt/n1l9uj3
GitHub
GitHub - Syslifters/split-bloodhound
Contribute to Syslifters/split-bloodhound development by creating an account on GitHub.
Top 10 Facts About MOVEit Breach
https://ift.tt/gyPBZJw
Submitted September 14, 2023 at 12:42PM by ziyahanalbeniz
via reddit https://ift.tt/KYXMIeB
https://ift.tt/gyPBZJw
Submitted September 14, 2023 at 12:42PM by ziyahanalbeniz
via reddit https://ift.tt/KYXMIeB
SOCRadar® Cyber Intelligence Inc.
Top 10 Facts About MOVEit Breach
In this article, we delve into the top 10 facts about the MOVEit breach, shedding light on its magnitude, the perpetrators behind it, and...
Column-Level Encryption 101: What is It, implementation & Benefits
https://ift.tt/yNbKCXz
Submitted September 14, 2023 at 01:54PM by donofsue
via reddit https://ift.tt/FsH5kop
https://ift.tt/yNbKCXz
Submitted September 14, 2023 at 01:54PM by donofsue
via reddit https://ift.tt/FsH5kop
Piiano
Column-Level Encryption: Implementation & Benefits
Explore the advantages of column-level encryption and understand database encryption methods and related security implications.
BabelInkCrypt a python program that combines multiple methods to offer an infinite storage by storing it on YouTube and safe with an encryption method
https://ift.tt/pNKuQ3R
Submitted September 14, 2023 at 02:49PM by omnidotus
via reddit https://ift.tt/VxSyEtG
https://ift.tt/pNKuQ3R
Submitted September 14, 2023 at 02:49PM by omnidotus
via reddit https://ift.tt/VxSyEtG
GitHub
GitHub - youneshlal7/BabelInkCrypt: BabelInkCrypt is an open-source project that combines encryption, library of babel, and video…
BabelInkCrypt is an open-source project that combines encryption, library of babel, and video making to create a secure infinite storage system. - GitHub - youneshlal7/BabelInkCrypt: BabelInkCrypt ...
Simple PoC for demonstrating Race Conditions on Websockets
https://ift.tt/wpn174P
Submitted September 14, 2023 at 02:43PM by vah_13
via reddit https://ift.tt/5uCPsiW
https://ift.tt/wpn174P
Submitted September 14, 2023 at 02:43PM by vah_13
via reddit https://ift.tt/5uCPsiW
GitHub
GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets
Simple PoC for demonstrating Race Conditions on Websockets - GitHub - redrays-io/WS_RaceCondition_PoC: Simple PoC for demonstrating Race Conditions on Websockets
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree
https://ift.tt/DFn0COq
Submitted September 14, 2023 at 07:19PM by TupleType1
via reddit https://ift.tt/UR7GCxa
https://ift.tt/DFn0COq
Submitted September 14, 2023 at 07:19PM by TupleType1
via reddit https://ift.tt/UR7GCxa
Palo Alto Networks Blog
The GitHub Actions Worm: Compromising GitHub Repositories Through the Actions Dependency Tree
GitHub Actions worm compromises GitHub repositories via action dependencies in a novel attack vector allowing attackers to distribute malware across repositories, research shows.
Uncursing the ncurses: Memory corruption vulnerabilities found in library
https://ift.tt/ZTNDBQE
Submitted September 14, 2023 at 06:49PM by YogiBerra88888
via reddit https://ift.tt/oXsqbr4
https://ift.tt/ZTNDBQE
Submitted September 14, 2023 at 06:49PM by YogiBerra88888
via reddit https://ift.tt/oXsqbr4
Microsoft Security Blog
Uncursing the ncurses: Memory corruption vulnerabilities found in library | Microsoft Security Blog
A set of memory corruption vulnerabilities in the ncurses library could have allowed attackers to chain the vulnerabilities to elevate privileges and run code in the targeted program's context or perform other malicious actions.