Talkback

Talkback

AI Powered Infosec Resource Aggregator to Boost Productivity.

Developed by elttam

Sign in to customize your weekly newsletter.

Trending Resources See all
GitHub Action supply chain attack: reviewdog/action-setup | Wiz Blog app

A supply chain attack on GitHub Actions led to the compromise of repositories and leakage of secrets, prompting security teams to check for affected actions, rotate leaked secrets, and consider pinning actions to specific commit hashes for protection, with Wiz offering solutions for detection and protection.

Sat 22 Mar wiz.io
Palo Alto Cortex XDR bypass

A vulnerability in Palo Alto's Cortex XDR allowed an Administrator-level user to disable the system, prompting the deployment of Dynamic Kernel Protection to mitigate such threats.

Fri 21 Mar cybercx.com.au
Red Teaming with ServiceNow cloud app

Red Teamers can exploit ServiceNow instances to gain privileged access, execute compromise actions, and establish persistence in enterprise environments through attacks like Custom Actions, Discovery, Orchestration, LDAP Listener, and Relaying.

Fri 21 Mar mdsec.co.uk
Albabat Ransomware Group Potentially Expands Targets to Multiple OS Uses GitHub to Streamline Operations mal net

Albabat ransomware version configuration details and security recommendations, including the use of Trend Vision One for advanced threat intelligence and proactive security.

Fri 21 Mar trendmicro.com
Security Bulletin: AIX is vulnerable to arbitrary command execution (CVE-2024-56346, CVE-2024-56347) sys

IBM provides APARs and AIX fixes for addressing vulnerabilities, with recommendations for subscribing to updates, creating backups, and installing fixes using specific commands.

Fri 21 Mar ibm.com
Zhou Shuai: A Hacker’s Road to APT27 social

The US Department of the Treasury sanctioned Chinese hacker Zhou Shuai and his company for cyber activities dating back to 2011, involving business espionage and commercializing hacker groups with ties to the Chinese government and military.

Fri 21 Mar nattothoughts.substack.com
Trending Vulnerabilities See all
CVE-2024-54137 7.4
Awaiting Analysis

liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC key encapsulation mechanism. Due to an indexing error, p…

  • Finding bugs in implementations of HQC, the fifth post-quantum standard
Fri 6 Dec
CVE-2024-8690 4.4
Analyzed

A problem with a detection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices enables a user with Windows administrator privileges to disable the agent. This issue may be leveraged by malware to disable the Cortex XDR agent and then t…

  • Palo Alto Cortex XDR bypass
Wed 11 Sep
CVE-2020-7019 6.5
Modified

In Elasticsearch before 7.9.0 and 6.8.12 a field disclosure flaw was found when running a scrolling search with Field Level Security. If a user runs the same query another more privileged user recently ran, the scrolling search can leak fields that should…

  • Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
Tue 18 Aug
CVE-2020-0566 6.8
Modified

Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.

  • Last barrier destroyed, or compromise of Fuse Encryption Key for Intel Security Fuses
Mon 15 Jun
CVE-2020-7014 8.8
Modified

The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to ge…

  • Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
Wed 3 Jun
CVE-2020-7009 8.8
Modified

Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key bei…

  • Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
Tue 31 Mar
Trending Topics See all
Flask Python Software Foundation
Web framework
  • GitHub - matt-culbert/proto-daemon
  • GitHub - Michaeladsl/Patronusx
  • Homegrown Honeypots: Simulating a Water Control System in my Home Office | RoseSecurity Development Log
  • ...
Sun 23 Mar
Python Python
Programming Language
  • GitHub - matt-culbert/proto-daemon
  • Wstęp do programowania i języka Python
  • GitHub - Verizon/verizon_burp_extensions_ai: Verizon Burp Extensions: AI Suite
  • ...
Sun 23 Mar
PHP PHP
Programming language
  • Critical PHP Flaw Exploited to Spread Cryptominers, Quasar RAT
  • HTB: Alert
  • GitHub Action supply chain attack less impactful than thought
  • ...
Sun 23 Mar
GitHub GitHub
Version control system
  • GitHub - Cryakl/Ultimate-RAT-Collection: For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.
  • Phishing attack targets nearly 12,000 GitHub repositories with fake security alerts
  • cihangirtezcan - Overview
  • ...
Sun 23 Mar
Firefox Mozilla
Web browser
  • Scareware Combined With Phishing in Attacks Targeting macOS Users
  • WARNING: Expiring Root Certificate May Disable Firefox Add-Ons, Security Features, and DRM Playback
  • Passkey Breach: First Attack Exploits Patched Browser Flaw
  • ...
Sun 23 Mar
Linux kernel Linux Foundation
Operating System Kernel
  • Android Kernel Adventures: Insights into Compilation, Customization and Application Analysis
  • When NULL isn't null: mapping memory at 0x0 on Linux
  • Serbian student activist’s phone hacked using Cellebrite zero-day exploit
  • ...
Sun 23 Mar

Indexed Resources