The author found a vulnerability with the usage of Linux containers and permissions. The standard Linux permissions are read (r), write (w) and execute (x). These permissions are put onto the...

A hacker reportedly stole ~11mil records of customer PII (dated 2017) from Optus, an Australian telco company. The data was disclosed and put on sale in late September 22’. According to...

Before it was patched, #AttachMe could have allowed attackers to access and modify any other users' OCI storage volumes without authorization, thereby violating cloud isolation. Upon disclosure,...

Leonid Belkind, CTO of Torq, and Itay Arbel, PM at Wiz, explain how organizations can build a coherent Cyber Security Incident Response Plan using Wiz CDR to analyze cloud events and threat alerts...

Events in the cybersecurity world, including ICS, were intense in H1 2022.

The statistical data presented in the report was received from ICS computers protected by Kaspersky products that Kaspersky ICS CERT categorizes as part of the industrial infrastructure at organizations.

Community Feature - @cPeterrIn this blog post, Curated Intelligence member Chuong Dong shared his findings after reverse engineering the PLAY ransomware's code obfuscation and encryption...

Beginning in early September 2022, an unknown threat actor successfully compromised tens of thousands of websites mainly aimed at East Asian audiences, redirecting hundreds of thousands of their...

CrowdStrike uncovered a cryptojacking campaign targeting vulnerable Docker and Kubernetes infrastructure using an obscure domain from the payload, container escape attempt and anonymized...

2.5 million people were affected, in a breach that could spell more trouble down the line.

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Authored by Oliver Devane and Vallabh Chole September 9, 2022 Update: Since the original publication of this blog on August... The post Malicious Cookie Stuffing Chrome Extensions with 1.4 Million...

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Visual Studio Code is a text editor from Microsoft with many awesome plugins. The authors decided to audit the Git plugins. Visual Studio Code has two URI handlers called deep links: vscode:// and...

nthLink VPN claims to be a VPN that doesn't allow the sniffing of internet traffic. They had two security audits: two from Cure53, where both were found to be secure. The author set out to dispute...

SSO providers are the main authentication scheme to login to platforms, such as Google. Besides this, there are many corporate products, such as Cisco Identity Services Engine, Oracle Access...

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk.

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.

Joe Grand demonstrated a fault injection attack on the Trezor One hardware wallet in order to recover the key off the device. The original post is very dramatic but shy's area from some technical...

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels.

On 2022-08-22, a campaign was reported, involving APT29, gaining initial access via , while using Add attacker-controlled IdP via ADFS access, Disable logging, MFA enrollment, Auth token signing...

Superfluid.sol was the host contract of this whole infrastructure. Superfluid “agreements” are the rules that Super Tokens operate under. In order to have a trusted and shared state across...

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack.

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack.

Mobile transactions could’ve been disabled, created and signed by attackers.

Armour DeFi has a insurance coverage-like functionality. A user with coverage can make a claim after suffering some event covered under the policy. An ETH is worth 10^18 WEI. When dealing with...

On 2022-08-16, a research was reported, involving , gaining initial access via Exposed secret, targeting GitHub to achieve Resp. disclosure.

‘Summer Camp’ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.