Security
Headlines
HeadlinesLatestCVEs

Tag

#ssl

Unmasking the new persistent attacks on Japan

Cisco Talos has discovered an active exploitation of CVE-2024-4577 by an attacker in order to gain access to the victim's machines and carry out post-exploitation activities.

TALOS
Open in Source
#xss#vulnerability#web#android#mac#windows#microsoft#ubuntu#linux#debian#cisco#apache#git#java#php#rce#alibaba#auth#ssh#docker#ssl
US Charges 12 Alleged Spies in China’s Freewheeling Hacker-for-Hire Ecosystem

The Justice Department claims 10 alleged hackers and two Chinese government officials took part in a wave of cyberattacks around the globe that included breaching the US Treasury Department and more.

1 Million Third-Party Android Devices Have a Secret Backdoor for Scammers

New research shows at least a million inexpensive Android devices—from TV streaming boxes to car infotainment systems—are compromised to allow bad actors to commit ad fraud and other cybercrime.

New Malware Campaign Exploits Microsoft Graph API to Infect Windows

FortiGuard Labs discovers an advanced attack using modified Havoc Demon and SharePoint. Explore the attack's evasion techniques and security measures.

How to Use Slack for Business: Workplace Communication

Do you want to have the best communication system at your workplace? Learn how to maximize the benefits…

How Payment Orchestration Enhances Business Efficiency

Payment Orchestration Platforms streamline transactions by routing payments through multiple providers, reducing costs, boosting approval rates, and enhancing…

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

One month into his second term, President Trump's actions to shrink the government through mass layoffs, firings and withholding funds allocated by Congress have thrown federal cybersecurity and consumer protection programs into disarray. At the same time, agencies are battling an ongoing effort by the world's richest man to wrest control over their networks and data.

GHSA-fh4v-v779-4g2w: SSRF in sliver teamserver

### Summary The reverse port forwarding in sliver teamserver allows the implant to open a reverse tunnel on the sliver teamserver without verifying if the operator instructed the implant to do so ### Reproduction steps Run server ``` wget https://github.com/BishopFox/sliver/releases/download/v1.5.42/sliver-server_linux chmod +x sliver-server_linux ./sliver-server_linux ``` Generate binary ``` generate --mtls 127.0.0.1:8443 ``` Run it on windows, then `Task manager -> find process -> Create memory dump file` Install RogueSliver and get the certs ``` git clone https://github.com/ACE-Responder/RogueSliver.git pip3 install -r requirements.txt --break-system-packages python3 ExtractCerts.py implant.dmp ``` Start callback listener. Teamserver will connect when POC is run and send "ssrf poc" to nc ``` nc -nvlp 1111 ``` Run the poc (pasted at bottom of this file) ``` python3 poc.py <SLIVER IP> <MTLS PORT> <CALLBACK IP> <CALLBACK PORT> python3 poc.py 192.168.1.33 8443 44.221.186.72 1111...

CISA Adds Palo Alto Networks and SonicWall Flaws to Exploited Vulnerabilities List

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added two security flaws impacting Palo Alto Networks PAN-OS and SonicWall SonicOS SSLVPN to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The flaws are listed below - CVE-2025-0108 (CVSS score: 7.8) - An authentication bypass vulnerability in the Palo Alto Networks PAN-OS