-
I made a tool called EC2StepShell that can be used to spawn reverse shells in public and private EC2 instances by using ssm:SendCommand and ssm:ListCommandInvocations. I was wondering if you're intere…
-
Trying to aggregate the various issues into one to collect feedback.
I invite everyone to read the [SponsorLink announcement](https://www.cazzulino.com/sponsorlink.html) to understand the intention…
-
Hitachi Energy has blamed a data breach affecting employees on the recent exploitation of a zero-day vulnerability in Fortra’s GoAnywhere solution.
The post [Hitachi Energy Blames Data Breach on Ze…
-
A new post-exploitation framework called EXFILTRATOR-22 (aka EX-22) has emerged in the wild with the goal of deploying ransomware within enterprise networks while flying under the radar.
"It comes w…
-
Patch Tuesday: Redmond calls special attention to a pair of Windows security flaws marked as 'actively exploited' in the wild.
The post [Microsoft Patches 80 Security Vulns, Warns of Outlook Zero-D…
-
file `/tmp/kdevtmpfsi` is miner
Laradock `master` commit
-
# 每日安全资讯(2023-08-19)
- SecWiki News
- [ ] [SecWiki News 2023-08-18 Review](http://www.sec-wiki.com/?2023-08-18)
- Security Boulevard
- [ ] [Executive Threat Protection: Using Monitoring to Gain t…
-
This is in relation to: https://github.com/cloudsecurityalliance/gsd-database/issues/2389
Ok meta comments:
Obviously, we want this added as a reference, but the OSV schema only supports:
htt…
-
Hello,
I'm trying to use the MISP integration to get the Attributes from our MISP, but no data is being collected.
Since I'm trying to get some historical data, I set the look back interval to …
-
I wonder why you haven't looked a the thousands of published YARA rules before you've decided on the fields in your standard.
I recommend the following changes to align your specs with the best pr…