| category | keyword | representative tweet | mentioned |
|---|---|---|---|
| vulnerability | [‘ajax’, ‘cve-2021-24282’, ‘cve-2021-24281’, ‘cve-2021-24280’, ‘cve-2021-24279’, ‘cve-2021-24278’, ‘cve-2021-24195’, ‘cve-2021-24194’, ‘cve-2021-24193’, ‘cve-2021-24192’, ‘cve-2021-24191’, ‘cve-2021-24190’, ‘cve-2021-24189’, ‘cve-2021-24188’, ‘callback’] | CVE-2021-24282 In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, any authenticated user, such as a subscriber, could use the various AJAX actions in the plugin to do a variety of things. For example, an attacker could use wpcf7r_reset… https://t.co/0wGUoWXLm8 | 19 |
| exploit | [‘cve-2020-27185’, ‘cve-2020-27184’, ‘cve-2020-27150’, ‘nport’, ‘ia5000a’] | CVE-2020-27185 Cleartext transmission of sensitive information via Moxa Service in NPort IA5000A series serial devices. Successfully exploiting the vulnerability could enable attackers to read authentication data, device configuration, and other sensiti… https://t.co/ezNxBq4hGw | 3 |
| exploit | [‘nport’, ‘cve-2020-27149’] | CVE-2020-27149 By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed. https://t.co/5CDhhiE8yV | 1 |
| exploit | [‘cve-2021-29611’, ‘cve-2021-29563’, ‘cve-2021-29562’, ‘cve-2021-29561’, ‘cve-2021-29519’, ‘tensorflow’, ‘cve-2021-29619’, ‘cve-2021-29613’, ‘cve-2021-29612’, ‘cve-2021-29610’, ‘cve-2021-29583’, ‘cve-2021-29582’, ‘cve-2021-29581’, ‘cve-2021-29579’, ‘cve-2021-29578’, ‘cve-2021-29577’, ‘cve-2021-29576’, ‘cve-2021-29573’, ‘cve-2021-29571’, ‘cve-2021-29570’, ‘cve-2021-29569’, ‘cve-2021-29567’, ‘cve-2021-29566’, ‘cve-2021-29565’, ‘cve-2021-29564’, ‘cve-2021-29560’, ‘cve-2021-29559’, ‘cve-2021-29558’, ‘cve-2021-29557’, ‘cve-2021-29556’, ‘cve-2021-29555’, ‘cve-2021-29554’, ‘cve-2021-29553’, ‘cve-2021-29550’, ‘cve-2021-29549’, ‘cve-2021-29548’, ‘cve-2021-29547’, ‘cve-2021-29542’, ‘cve-2021-29541’, ‘cve-2021-29539’, ‘cve-2021-29533’, ‘cve-2021-29532’, ‘cve-2021-29530’, ‘cve-2021-29529’, ‘cve-2021-29528’, ‘cve-2021-29527’, ‘cve-2021-29526’, ‘cve-2021-29525’, ‘cve-2021-29522’, ‘cve-2021-29521’, ‘cve-2021-29520’, ‘cve-2021-29516’, ‘cve-2021-29540’, ‘cve-2021-29538’, ‘cve-2021-29524’, ‘raggedtensortotensor’, ‘quantizedresizebilinear’, ‘maxpoolgradwithargmax’, ‘conv2dbackpropfilter’, ‘tensor’, ‘quantizedmul’, ‘cve-2021-29617’, ‘cve-2021-29584’, ‘cve-2021-29575’, ‘cve-2021-29545’, ‘cve-2021-29544’, ‘cve-2021-29543’, ‘cve-2021-29534’, ‘cve-2021-29523’] | CVE-2021-29611 TensorFlow is an end-to-end open source platform for machine learning. Incomplete validation in SparseReshape results in a denial of service based on a CHECK-failure. The implementation(https://t.co/MDGVe0Tpcj… https://t.co/wCUqqKSbt0 |
62 |
| malware | [‘revil’, ‘intel’] | This is a significant move as the XSS forum was one of the two main forums where Ransomware-as-a-Service (RaaS) platforms have been advertised for the past years Darkside ran ads here, but also REvil, Gandcrab, Netwalker, Avaddon, and a bunch more https://t.co/CLrE7khTsD | 8 |
| malware | [‘toshiba’] | #Toshiba unit #hacked in Europe, conglomerate to undergo strategic review: https://t.co/6We5ZRkGbH #ransomware #cyberattack | 11 |
| malware | [‘interagency’, ‘cybercom’] | Update: Re Cybercom’s role (offensive DOD cyber unit) in US plans to go after hackers behind Colonial Pipeline ransomware: “For U.S. Cyber Command’s role in this matter, we continue to support our interagency partners as needed” per stmt. @CyberScoopNews https://t.co/BCfPY7px7u | 2 |
| malware | [‘webcam’] | Microsoft warns: Watch out for this new malware that steals passwords, webcam and browser data https://t.co/ed9RfZrfVq | 5 |
| malware | [‘verizon’, ‘anomali’] | Join @Anomali, @PolySwarm and @VerizonBusiness Threat Research Advisory Center at “Mid-Atlantic Threat Day”. Date: 9th June 2021 Time: 11am - 12:30pm EDT #cti #threatintel #cybersecurity #ransomware #anomali #polyswarm #verizon Register: https://t.co/ZY8RDYKPCA https://t.co/14WbqhRbwu | 1 |
| malware | [‘xdr’] | Sophos XDR: Threat hunting through the entire security ecosystem - https://t.co/WcauzctMSL - @Sophos #XDR #EDR #ThreatHunting #ransomware #cybersecurity #enterprise #SMBs https://t.co/nyo5BKDRD7 | 1 |
| malware | [‘intel’, ‘anomali’, ‘msbuild’, ‘redlinestealer’] | In the latest from Anomali Threat Research, our expert intel analysts reveal how threat actors use MSBuild to deliver RATs filelessly, includes IOCs and @MITREattack Matrix: https://t.co/au1ZiZpwU6 #threatintelligence #cybersecurity #RAT #RemcosRAT #RedLineStealer #Malware | 2 |
| malware | [‘transparenttribe’] | Today our reseachers have found #oblique implant which belongs to #TransparentTribe #APT group Upload:NL ITW:e98510e1252e7dd99012b23a400bb00b filename: program.exe C2:185.117.73.222:3344 https://t.co/xcraPu8HvQ | 2 |
| malware | [‘qbot’, ‘qakbot’, ‘partynet’, ‘quakbot’] | #quakbot #qbot #qakbot #signed “PARTYNET LIMITED” Xlsm caught by @abuse_ch https://t.co/aBIyS1OR7k Dll https://t.co/Xu74UzRlej Urls 185.183.96[.233/44330.3435314815.dat 51.89.115[.125/44330.3435314815.dat 190.14.37[.64/44330.3435314815.dat C2 https://t.co/ohE4CeAzbE cc @cocaman https://t.co/txaTFZi6o8 | 3 |
| malware | [‘scumbag’] | Scumbag ransomware attackers hit Irish Health Service https://t.co/rAvKx4A5pg https://t.co/JhMvVp4tvN | 5 |
| malware | [‘fin7’, ‘lizar’, ‘carbanak’] | From pentest to APT attack: cybercriminal group #FIN7 disguises its #malware as an ethical hacker’s toolkit https://t.co/nKAKwkbwO5 #DFIR | 5 |
| malware | [‘continuity’] | Great piece on @ClaireByrneLive showing the operational impact of ransomware mitigation efforts by @HSELive. 1) Prudent steps being taken 2) Let’s not speculate on cause 3) Let’s all check our business continuity plans and backups 4) Be alert to risks to your own organisations | 3 |
| malware | [‘metropolitan’] | CyberCrime - W/E - 5/14/21: Babuk Gang Posts More DC Police Personnel Files (05/11/2021) Following a breakdown in negotiations with the Washington, DC, Metropolitan Police Department (MPD), the Babuk ransomware operation leaked additional personal… https://t.co/wIwJsGUfOg | 3 |
| malware | [‘avast’] | Colonial Pipeline Reopens After Ransomware Attack | Avast: The largest petroleum transport company in the United States, Colonial Pipeline, has resumed business as usual this week after halting all pipeline operations last Friday when the company was hit… https://t.co/I3QqnVRovR | 1 |
| malware | [‘filelessly’, ‘msbuild’] | Hackers Using Microsoft Build Engine to Deliver Malware Filelessly https://t.co/aQisOWhwj3 Threat actors are abusing Microsoft Build Engine (MSBuild) to filelessly deliver remote access trojans and password-stealing malware on targeted Windows systems. Th https://t.co/PIRClgVzjp | 5 |
| malware | [‘stash’] | DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized: The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for… https://t.co/DhbB9KgmOd https://t.co/2ip510OufK | 4 |
| malware | [‘privateer’] | That meant no more licensing pirates/privateers, no more safe harbors for them, no more wink and nodding at the marketplaces they needed to transform their illegal booty into real money (and rum). That is, they achieved everything we need to do vs Russia and its ransomware gangs. https://t.co/PuJnFP5y2j | 2 |
| malware | [‘lemonduck’] | #Malware families #LemonDuck, #Prometei, and #BlackKingdom are exploiting #ProxyLogon vulnerabilities to carry out their attacks. Read more in our latest blog: https://t.co/32zAx6Qq4b | 2 |
| malware | [‘elliptic’] | “Elliptic has identified the Bitcoin wallet used by the DarkSide… this wallet received the 75 BTC payment made by Colonial Pipeline on May 8, following the crippling cyberattack on its operations.” So CP paid ransom on Saturday (depending on which timezone this uses) https://t.co/AIt4pvwGfU | 3 |
| vulnerability | [‘cisco’, ‘securex’] | Cisco strikes again grabbing threat assessment tool Kenna Security as third acquisition this week https://t.co/aZfYhAYF8s Cisco has been busy on the acquisition front this week, and today the company announced it was buying threat assessment platform Kenn https://t.co/9augo3lxyn | 12 |
| exploit | [‘biden’] | As @ddd1ms points out, this could very well be a clever exit scam, with Darkside operators using the Biden/US pressure as a way to fake a US takedown and run away with its affiliates’ money. However, don’t discount an actual takedown too. Still working on that front. | 2 |
| breach | [‘codecov’] | Rapid7 first to say source code/customer data was “accessed” in the CodeCov supply chain breach https://t.co/H2a7VsyzAb | 1 |
| breach | [‘verizon’] | The 2021 Verizon DBIR is out, get it while it’s hot! For anyone not familiar with the DBIR, it’s one of the most comprehensive reports available that details all the trends in breaches from the previous year. https://t.co/Nue819LenD | 3 |
| breach | [‘verizon’, ‘dbri’, ‘pandemic’] | Verizon: Pandemic Ushers in ⅓ More Cyber-Misery: The DBRI – Verizon’s 2021 data breach report – shows spikes in sophisticated phishing, financially motivated cyberattacks and a criminal focus on web-application servers. https://t.co/7pCrTQPzh6 https://t.co/Y5zuPy7bNM | 5 |
| vulnerability | [‘airtags’] | So checking out the Airtag research.. @ghidraninja pulled off a Rick Roll aka forced browsing (unauth afaict) and Positive Technologies researchers showed how to use ESP32 to simulate airtags to push data to phones who then push to the internet for exfil. BYOBrowser 0day. | 1 |
| vulnerability | [‘soss11’] | British banks have suffered a rise in #cybercrime over the past year with average losses of nearly £600k. #SoSS11 found 74% of FS apps have one or more security flaws. Orgs should scan apps regularly to prevent future attacks: https://t.co/VjBVV6cjhm @CharlieHParker @thetimes | 2 |
| vulnerability | [‘intel’, ‘bug-bounty’] | How to Get into the Bug-Bounty Biz: The Good, Bad and Ugly: Experts from Intel, GitHub and KnowBe4 weigh in on what you need to succeed at security bug-hunting. https://t.co/SE9B773Ft4 https://t.co/vPsXisErtJ | 2 |
| vulnerability | [‘fragattacks’, ‘avast’] | #CyberSecurity, #FragAttacks is a bunch of new #vulnerabilities affecting #WiFi devices. The researcher @vanhoefm: An adversary within radio range of a victim can abuse them to steal information or attack. #WiFisecurity #infosec #hacking #cybercrime https://t.co/XJwnje5fQy | 6 |
| vulnerability | [‘cross-browser’] | Cross-browser tracking vulnerability tracks you via installed apps - @LawrenceAbrams https://t.co/XjKbo78Tjr | 1 |
| vulnerability | [‘cross-browser’] | ‘Scheme Flooding’ Allows Websites to Track Users Across Browsers: A flaw that allows browsers to enumerate applications on a machine threatens cross-browser anonymity in Chrome, Firefox, Microsoft Edge, Safari and even Tor. https://t.co/QEmrnf0hKg https://t.co/RpDn9AxHPq | 2 |
| vulnerability | [‘idor’] | This is a new one on us: claiming retrospectively that a vuln had been fixed: Us: Your API has an IDOR & leaks PII Echelon: <silence for 90 days> Journalist: Your API has an IDOR & leaks PII Echelon: We fixed this the day after disclosure Us: it was still vulnerable last week! | 2 |
| vulnerability | [‘computersecurity’] | That is how UTM works Compsci boffin publishes proof-of-concept code for 54-year-old zero-day in Universal Turing Machine https://t.co/yBsCmcqGWt @TheRegister #infosec #cybersecurity #informationsecurity #computersecurity #ai #ml #artificialintelligence #machinelanguage #mlsec https://t.co/wyekhDimN4 | 1 |
| vulnerability | [‘gnu’, ‘arm’] | Ubuntu Security Notice USN-4954-1: Ubuntu Security Notice 4954-1 - Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could… https://t.co/5SRueahybu | 2 |
| vulnerability | [‘substack’] | I’ve wondered this myself. People love to ridicule substack and its sometimes loud male opinion writers; but a number of us are doing solid reporting there - the same kind of reporting I do for my Zero Day substack I still do for other news outlets as well. Standards are the same https://t.co/diqI6okW21 | 4 |
| vulnerability | [‘wincc’, ‘hmis’, ‘simatic’] | Security: Siemens has updates available to handle multiple vulnerabilities in its UltraVNC SIMATIC HMIs/WinCC products. #scadasecurity #industrialcybersecurity https://t.co/qmYnpXLMgr https://t.co/XPfYpJREAE | 2 |
| exploit | [‘vbs’, ‘hvci’, ‘cve-2021-21551’, ‘sep’] | After putting together a CVE-2021-21551 POC that leveraged _SEP_TOKEN_PRIVILEGES for exploitation I decided to go the more arduous route & hijack control flow transfer. Here’s my write-up. This was a lot of fun!! tl;dr Patch and please enable VBS/HVCI! https://t.co/Cpt84lfjCC | 2 |
| exploit | [‘cisco’] | The report listed 11 flaws in products from Fortinet, Cisco, Oracle, Zimbra, Pulse Secure, Citrix, Elasticsearch, VMware and F5 which are being exploited by the SVR to gain access to victim networks >> https://t.co/8JD5BXt61w | 1 |
| exploit | [‘chamilo’] | Chamilo LMS 1.11.14 Remote Code Execution https://t.co/IXGPWGxDd1 #exploit | 3 |
| exploit | [‘arm’] | Interested in #IoT exploitation? Register for the #ARM & #RISCV classes at #VirtualVegas & learn critical skills for attackers. 👉ARM IoT Exploit Lab by @therealsaumil https://t.co/QzrnmbtLFn 👉RISC-V Analysis & Exploitation by @DonAndrewBailey https://t.co/yd7ONPbnLU https://t.co/16nztIstl6 | 1 |
| privacy | [‘cps’, ‘cpsiotsec’] | CPSIoTSec 2021 Call For Papers: The Call For Papers has been announced for the 2nd Joint Workshop on CPS and IoT Security and Privacy (CPSIoTSec 2021). It will be held in Seoul, South Korea on November 15, 2021. https://t.co/qVBT1rNlVZ | 2 |
文章来源: https://samsung.github.io/W2E/2021/05/14/events.html
如有侵权请联系:admin#unsafe.sh
如有侵权请联系:admin#unsafe.sh