On 2023-04-21, a campaign was reported, involving 8220 Gang, gaining initial access via 1-day vulnerability, to achieve Resource hijacking.

In some way, shape or form, the Bug bounty scope needs documented scope. On Immunefi, this typically labels contracts or websites in scope and assets at risk. So, what happens when the company...

A container escape vulnerability, combined with accidental 'write' permissions to a private registry, opened a backdoor for Wiz Research to access Alibaba Cloud databases and potentially...

Google's Threat Analysis Group shares first quarter cyber updates on the threat landscape from the war in Ukraine.

Report informing readers about the threat to UK industry and society from commercial cyber tools and services.

Yearn Finance is a suite of products to yearn yield on digital assets. This includes staking tokens to earn interest and selling/buying votes. For the yield-bearing assets, users can put positions...

Automated Market Makers are great! Well, until you manipulate the algorithmic part of it. It was audited by WhitehatDAO who cleared missed some things. In Hundred Finance, hTokens are liquidity...

VM2 is a sandbox for NodeJs. The idea is that untrusted code can be executed within this context without anything sensitive being stolen or important items altered. Being able to escape the...

Escaping input is very important when trying to prevent XSS, code injection and many other classes of vulnerabilities. However, the escaping is context dependent. In some situations, a single...

The author of this post noted a weird issue on Twitter: thieves were wrecking a mans cars to eventually steal it. Why and how? They wanted direct access to the Controller Area Network (CAN) bus....

Authored by Lakshya Mathur and Sriram P McAfee Intelligence observed a huge spike in extortion email frauds over the past month.... The post Extortion Fraud is Still on the Rise appeared first on...

Confidently ensure your Kubernetes environments are compliant with CIS Benchmarks for cloud-managed Kubernetes. Quickly generate compliance reports and remediate any issues without hassle.

According to Unit42, a financial firm was attacked by an adversary that manipulated, and compromised it’s cloud workloads. The threat actor was able to drop storage components such as buckets and...

According to Unit42, a medium-sized e-commerce company was attacked by a threat actor with cryptojacking attack which performed large-scale crypto-mining and botnet operations in the company’s...

Solidity only has integers and there is a lot of money going around. So, precision is very important when dealing with money. Sometimes, this benefits the protocol. Other times, funds disappear...

What our “in process” milestone means, and why it’s great news for the public sector.

Microsoft SQL servers were observed being attacked through brute-force or dictionary attacks that exploit weak account credentials. The servers were then used as entry points to deploy Trigona...

In Solidity smart contract, there are two ways opcodes that can deploy contracts: CREATE and CREATE2. CREATE uses the addresses incrementing nonce in order to determine the address. CREATE2 takes...

Pivoting through the execution chain of a CryptoJoker Ransomware copycat

This bug report is a doozy! It combines various vulnerability classes to create a horrifying exploit in Twitter. Twitter allows users to upload files. If a known file type is sent, then the...

Electric scooter hacking!? Sign me up! In this article, the author takes a look into the Brightway Scooters made for NAVEE and Xiaomi. The scooter has a Controller in the bottom that communicates...

Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently.

Security experts share their insights for securing cloud environments as the pace and scale of threats accelerates.

Carbon is a source imaging tool that supports a variety of languages. Just wanted to document it here to use in the future. bytes032 uses this all the time and things look great using it.

Authored by SangRyol Ryu McAfee’s Mobile Research Team discovered a software library we’ve named Goldoson, which collects lists of applications... The post Goldoson: Privacy-invasive and Clicker...

1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: B. Braun Melsungen AG Equipment: Battery Pack SP with Wi-Fi Vulnerability: Improper neutralization of...

To get ahead of data exposure in the cloud, CNAPPs need to understand data risks at scale.

On 2023-04-12, a campaign was reported, involving Diicot, gaining initial access via Password attack, while using SSH bruteforcing, Cron persistence, UPX packing, to achieve Resource hijacking....

Insights from the March 2023 Gartner Market Guide for CNAPP

The SUSHI token is a governance token with voting power. The SUSHI holders can delegate their votes to other users to gang vote on proposals as well. This entity is known as the representative....