The Intel Chroniclesintelchronicles.com·Aug 31, 2024Threat Actor Assessment: Sangria Tempest (FIN7, GOLD NIAGARA, ITG14, Carbon Spider, ELBRUS)Executive Summary FIN7, also ambiguously associated with the names Carbanak and Cobalt Gang, is a sophisticated cybercriminal group that has been active since 2013. Initially recognized by FireEye in late 2016, there is ongoing debate among cybersecu...Discuss·56 readsThreat IntelligenceFIN7
RivanorthProblog.rivanorth.com·Aug 2, 2024Vulnerability Report: August 2024Welcome to the monthly Vulnerability Report. In this report, we provide an overview of the most significant security vulnerabilities identified in the past month. Our focus is on vulnerabilities that are being actively exploited, which pose the bigge...DiscussSecurity AdvisoryCVE
The Intel Chroniclesintelchronicles.com·Jul 22, 2024Splunk Enterprise Hit by Critical Path Traversal Vulnerability: CVE-2024-36991Executive Summary On 17 July 2024, an arbitrary file read vulnerability in the Splunk Enterprise installations/deployments was identified by the SonicWall Capture Labs cyber threat research team. The vulnerability tracked as CVE-2024-36991. This vuln...Discuss·7 likes·111 readsVulnerability IntelligenceSplunk
Achal Tiwariachaltiwari.hashnode.dev·Jul 22, 2024ShellCode 1.0Hey there! Today, we're diving into the fascinating and somewhat intimidating world of shellcode. If you've ever wondered how hackers manage to take control of a compromised machine, shellcode is often a big part of the answer. Let's break it down to...DiscussMalware
The Intel Chroniclesintelchronicles.com·Jul 19, 2024One Shell To Rule Them All ReleasedExecutive Summary On July 16, 2024, cybersecurity firm Tanto Security (known as @TantoSecurity on X, previously Twitter) introduced a new tool called oneshell in a detailed write-up. Oneshell is designed to simplify the creation and deployment of cro...DiscussThreat Intelligenceexploit
The Intel Chroniclesintelchronicles.com·Jul 10, 2024Critical Outlook Vulnerability CVE-2024-38021 Patched by Microsoft - Remote Code Execution Without ClicksExecutive Summary Microsoft addressed the CVE-2024-38021 critical vulnerability affecting the Microsoft Outlook that allows remote code execution without user interaction or authentication. Experts from Morphisec also reported that this flaw could le...Discuss·58 readsVulnerability IntelligenceMicrosoft
The Intel Chroniclesintelchronicles.com·Jul 10, 2024Critical Server-Side Source Code Exposure Vulnerability in Apache Software FoundationExecutive Summary A regression in Apache HTTP Server version 2.4.60 has led to the omission of certain legacy content-type configurations for handlers. Specifically, the "AddType" directive and similar configurations may be ignored in cases where fil...Discuss·53 readsVulnerability Intelligencevulnerability intelligence
The Intel Chroniclesintelchronicles.com·Jun 9, 2024"303" Offers Fully-Functional Command Injection Exploit for OpenSSH 9.6Executive Summary On June 7, 2024, "303," a member of BreachForums, posted an update about selling a local command injection (LCI) exploit affecting OpenSSH version 9.6. According to the post, the exploit was developed in Python 3 and allows reverse ...DiscussVulnerability IntelligenceUbuntu
Corey Gardnercoreyscorner.hashnode.dev·Apr 25, 2024Safeguarding the Stack: Ornithology of Stack CanariesDuring the industrial era canaries were given the unforgiving job of determining if working conditions were "safe" for coal miners. Within coal mines toxic fumes can build up, and oxygen can become scarce. The life of the canary was a litmus test for...DiscussStack Overflow
Reza RashidiforRedTeamReciperedteamrecipe.com·Apr 25, 2024ASLR Exploitation TechniquesAddress Space Layout Randomization (ASLR) is a security technique used in operating systems to protect against certain types of cyber attacks, particularly buffer overflow attacks. Here’s an overview of ASLR: What is ASLR? ASLR is a feature implement...Discuss·1.5K readsaslr