A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such a… Read More
The recently released 2023 “Open Source Security and Risk Analysis” (OSSRA) report has sent shockwaves through the cybersecurity community, exposing a troubling trend in organiza… Read More
Over the past several days I recorded some interesting activity on my Conpot Honeypot which simulates an Industrial Control Systems by providing a range of industrial control protocols… Read More
The post Expert discovered a Critical Remote Code Execution flaw in Apache Struts (CVE-2018-11776) appeared first on CP Blog.
Maintainers of the Apache Struts 2 open source development… Read More
Apache Struts 2 has several issues and it appears that Oracle has finally decided to fix them all. Several security patches have been released for many products that had certain flaws. In th… Read More
The Open Vulnerability Assessment System (OpenVAS) is a framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solu… Read More
In its most recent statement, the Cybersecurity and Infrastructure Security Agency (CISA) added 15 new vulnerabilities to its Catalog of Known Exploited Vulnerabilities, a list of known secu… Read More
Java is a popular programming language used in many instances and devices. It's the programming language behind many things, doing many things.
Among the reasons, is because Java is so pla… Read More
The post CVE-2017-5638 Apache Struts vulnerability is the root cause behind Equifax data breach appeared first on CP Blog.
It’s official, the Equifax data breach case was caused by th… Read More
A joint report from the Cybersecurity and Infrastructure
Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the
broader U.S. government offers information about the common… Read More
Honeypots
Database Honeypots
Delilah – Elasticsearch Honeypot written in Python (originally from Novetta).
ESPot – Elasticsearch honeypot written in NodeJS, to capture… Read More
Ao longo dos anos têm ocorrido situações onde plataformas bastante populares na internet são utilizadas para propagar malware. Como exemplo, ainda o ano passado… Read More
There were 8,069 data breaches between January 2005 and November 2017 according to the Identity Theft Resource Center, and in recent years the number of data breaches and compromised re… Read More
The OPSWAT Metadefender Vulnerability Engine identifies known application vulnerabilities and reports them by severity level. The Vulnerability Engine allows system administrators to identif… Read More