Skip to content
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
GeekWire
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

SECURELIST

Threat intelligence reports, malware research, APT analysis and statistics.

Web beacons on websites and in e-mail

7 February 2023

Explaining web beacons (web bugs, spy or tracking pixels), what companies use these on websites and in e-mail, how and …

Tags advertising networks, Amazon, Data Protection, Publications

Prilex modification now targeting contactless credit card transactions

31 January 2023

Kaspersky discovers three new variants of the Prilex PoS malware capable of blocking contactless NFC transactions on an infected …

Tags Financial malware, Malware Descriptions, Malware Technologies

Come to the dark side: hunting IT professionals on the dark web

30 January 2023

We have analyzed more than 800 IT job ads and resumes on the dark web. Here is what the dark web job market looks …

Tags Cybercrime, Darknet, Data Theft, Research

What your SOC will be facing in 2023

23 January 2023

Supply chain and reoccurring attacks, data destruction, lack of staff — what challenges will your security operations center be facing in …

Tags APT, Kaspersky Security Bulletin, Ransomware, SoC

Roaming Mantis implements new DNS changer in its malicious mobile app in 2022

19 January 2023

Roaming Mantis (a.k.a Shaoye) is a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected …

Tags APT, APT reports, Google Android, Malware Descriptions

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

18 January 2023

Kaspersky’s predictions about the threats to corporations in 2023: media blackmail, fake leaks, cloud attacks, and more advanced …

Tags Cloud Services, Darknet, Data Leaks, Kaspersky Security Bulletin

How much security is enough?

9 January 2023

A common perception in the infosec community is that there can never be too much security, but it is understood that “too much” security is …

Tags Opinion, Security Policies, Security technology, SoC

BlueNoroff introduces new methods bypassing MoTW

27 December 2022

We continue to track the BlueNoroff group’s activities and this October we observed the adoption of new malware strains in its …

Tags APT, APT reports, Bluenoroff, Malware Descriptions

Ransomware and wiper signed with stolen certificates

22 December 2022

In this report, we compare the ROADSWEEP ransomware and ZEROCLEARE wiper versions used in two waves of attacks against Albanian government …

Tags APT reports, Malware, Malware Descriptions, Malware Technologies

CVE-2022-41040 and CVE-2022-41082 – zero-days in MS Exchange

19 December 2022

At the end of September, GTSC reported the finding of two 0-day vulnerabilities in Microsoft Exchange Server, CVE-2022-41040 and …

Tags DLL hijacking, Incidents, Malware Descriptions, Microsoft Exchange

Reassessing cyberwarfare. Lessons learned in 2022

14 December 2022

In this report, we propose to go over the various activities that were observed in cyberspace in relation to the conflict in Ukraine, …

Tags APT, Cyberwarfare, Data Leaks, Kaspersky Security Bulletin

How to train your Ghidra

9 December 2022

Brief introduction to setting up Ghidra, and then configuring it with a familiar UI and shortcuts, so that you would not need to re-learn …

Tags GHIDRA, Malware, Researchers tools, Software

DeathStalker targets legal entities with new Janicab variant

8 December 2022

While hunting for less common Deathstalker intrusions, we identified a new Janicab variant used in targeting legal entities in the Middle …

Tags Apple MacOS, APT, APT reports, Cybercrime

Main phishing and scamming trends and techniques

6 December 2022

Phishing in social networks and messengers, marketplace fraud, exploitation of Google Forms and other services: we uncover what’s …

Tags Cybercrime, Fraud, Instant Messengers, Publications
Older posts
Page1 Page2 … Page39 Next →
Cookie-Free

NVD

  • CVE-2023-25168 – Wings is Pterodactyl’s server control plane. This vulnerability can be used to delete file …9 February 2023
  • CVE-2022-40480 – Nordic Semiconductor, Microchip Technology NRF5340-DK DT100112 was discovered to contain a …8 February 2023
  • CVE-2023-0718 – The Wicked Folders plugin for WordPress is vulnerable to authorization bypass due to a mis …8 February 2023
  • CVE-2023-24828 – Onedev is a self-hosted Git Server with CI/CD and Kanban. In versions prior to 7.9.12 the …8 February 2023
  • CVE-2022-45192 – An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio ran …8 February 2023
  • CVE-2022-45190 – An issue was discovered on Microchip RN4870 1.43 devices. An attacker within BLE radio ran …8 February 2023

EXPLOITS

  • Feehi CMS 2.1.1 – Remote Code Execution (Authenticated)22 November 2022
  • SmartRG Router SR510n 2.6.13 – Remote Code Execution22 November 2022
  • CVAT 2.0 – Server Side Request Forgery18 November 2022
  • MSNSwitch Firmware MNT.2408 – Remote Code Execution18 November 2022
  • Open Web Analytics 1.7.3 – Remote Code Execution18 November 2022
  • IOTransfer V4 – Unquoted Service Path11 November 2022

SECURELIST

  • Web beacons on websites and in e-mail7 February 2023
  • Prilex modification now targeting contactless credit card transactions31 January 2023
  • Come to the dark side: hunting IT professionals on the dark web30 January 2023
  • What your SOC will be facing in 202323 January 2023
  • Roaming Mantis implements new DNS changer in its malicious mobile app in 202219 January 2023
  • What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks18 January 2023
Copyright © 2023 GeekWire | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.
Next Page »