Aggregator

VMware Security Advisory VMSA-2021-0005

X-Force Exchange - Collection Feed
4 years 9 months ago
Summary VMWare published a security advisory, VMSA-2021-0005, that addresses an authentication bypass vulnerability in the VMware Carbon Black Cloud Workload appliance. Threat Type Vulnerability Overview VMWare published a security advisory, VMSA-2021-0005, that addresses a vulnerability (CVE-2021-21982) in the VMware Carbon Black Cloud Workload appliance. The vulnerability is an authentication bypass issue which could potentially allow a remote attacker to obtain administrative access to an affected device

APT Actors Gaining Initial Access for Attacks

X-Force Exchange - Collection Feed
4 years 9 months ago
Summary The Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint cybersecurity advisory on APT actors exploiting vulnerabilities in FortiOS to gain initial access to commercial, government, and technology services networks. Threat Type Vulnerability Overview APT actors have been observed scanning devices on certain ports which are associated with the FortiOS vulnerability, CVE-2018-13379. The actors have also been enumerating devices that

fakesh

半块西瓜皮
4 years 9 months ago
原理

当获得root权限之后,可对fakesh设置suid标志位

之后就可以用fakesh在低权限下获得root权限

半块西瓜皮

ICS Advisory ICSA-21-091-01

X-Force Exchange - Collection Feed
4 years 9 months ago
Summary The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre. Threat Type Vulnerability Overview The ICS-CERT has published an advisory that affects Rockwell Automation's FactoryTalk AssetCentre. Further information is available from the advisory which is summarized below. ICS Advisory ICSA-21-091-01 - Rockwell Automation FactoryTalk AssetCentre CVE-2021-27462 - A deserialization vulnerability exists in how the AosService.rem service in FactoryTalk AssetCentre ve

New Credential Phishing Campaign, BadBlood, Targeting US and Israeli Medical Research Personnel

X-Force Exchange - Collection Feed
4 years 9 months ago
Summary Proofpoint Threat Research discovered in late 2020 a new credential phishing campaign named BadBlood, carried out by threat group TA453, aka Charming Kitten. The campaign targets senior medical professionals who specialize in genetic, neurology, and oncology research in the United States and Israel. These targets are not the traditional targets for TA453, however, the tactics and techniques observed in BadBlood continue to mirror those used in historic TA453 campaigns. Threat Type Malware, Phishing,

Managed ad