Found 6880 bookmarks
Custom sorting
Green Bay Packers' online store hacked to steal credit cards
Green Bay Packers' online store hacked to steal credit cards
The Green Bay Packers American football team is notifying fans that a threat actor hacked its official online retail store in October and injected a card skimmer script to steal customers' personal and payment information.
#bleepingcomputer#EN#2025#Breach#Credit-Card#Data-Breach#Football#Green-Bay-Packers#MageCart#NFL#Payment-Information#Skimmer#USA
·bleepingcomputer.com·
Green Bay Packers' online store hacked to steal credit cards
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
We agree - modern security engineering is hard - but none of this is modern. We are discussing vulnerability classes - with no sophisticated trigger mechanisms that fuzzing couldnt find - discovered in the 1990s, that can be trivially discovered via basic fuzzing, SAST (the things product security teams do with real code access). As an industry, should we really be communicating that these vulnerability classes are simply too complex for a multi-billion dollar technology company that builds enterprise-grade, enterprise-priced network security solutions to proactively resolve?
#watchtowr#EN#2024#CVE-2025-0282#analysis#Ivanti#criticism#Connect#Secure
·labs.watchtowr.com·
Exploitation Walkthrough and Techniques - Ivanti Connect Secure RCE (CVE-2025-0282)
FunkSec – Alleged Top Ransomware Group Powered by AI
FunkSec – Alleged Top Ransomware Group Powered by AI
  • The FunkSec ransomware group emerged in late 2024 and published over 85 victims in December, surpassing every other ransomware group that month. FunkSec operators appear to use AI-assisted malware development which can enable even inexperienced actors to quickly produce and refine advanced tools. The group’s activities straddle the line between hacktivism and cybercrime, complicating efforts to understand their true motivations. Many of the group’s leaked datasets are recycled from previous hacktivism campaigns, raising doubts about the authenticity of their disclosures. Current methods of assessing ransomware group threats often rely on the actors’ own claims, highlighting the need for more objective evaluation techniques.
#checkpoint#EN#2024#FunkSec#analysis#ransomware
·research.checkpoint.com·
FunkSec – Alleged Top Ransomware Group Powered by AI
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
In December 2024, two critical vulnerabilities in Microsoft's Windows Lightweight Directory Access Protocol (LDAP) were addressed via Microsoft’s monthly Patch Tuesday release. Both vulnerabilities were deemed as highly significant due to the widespread use of LDAP in Windows environments: CVE-2024-49112: A remote code execution (RCE) bug that attackers can exploit by sending specially crafted LDAP requests, allowing them to execute arbitrary code on the target system. CVE-2024-49113: A denial-of-service (DoS) vulnerability that can be exploited to crash the LDAP service, leading to service disruptions. In this blog entry, we discuss a fake proof-of-concept (PoC) exploit for CVE-2024-49113 (aka LDAPNightmare) designed to lure security researchers into downloading and executing information-stealing malware.
#trendmicro#EN#2025#malware#Stealer#research#LDAPNightmare#fake#PoC#CVE-2024-49113
·trendmicro.com·
Information Stealer Masquerades as LDAPNightmare (CVE-2024-49113) PoC Exploit
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024. On Wednesday, Jan. 8, 2025, Ivanti disclosed two vulnerabilities, CVE-2025-0282 and CVE-2025-0283, impacting Ivanti Connect Secure (“ICS”) VPN appliances. Mandiant has identified zero-day exploitation of CVE-2025-0282 in the wild beginning mid-December 2024. CVE-2025-0282 is an unauthenticated stack-based buffer overflow. Successful exploitation could result in unauthenticated remote code execution, leading to potential downstream compromise of a victim network.
#Mandiant#EN#2025#CVE-2025-0282#CVE-2025-0283#IoC#exploitation#analysis#postexploitation#Ivanti
·cloud.google.com·
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog
On Wednesday, January 8, 2025, Ivanti disclosed two CVEs affecting Ivanti Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 is a stack-based buffer overflow vulnerability that allows remote, unauthenticated attackers to execute code on the target device. CVE-2025-0283 is a stack-based buffer overflow that allows local authenticated attackers to escalate privileges on the device.
#rapid7#EN#2025#CVE-2025-0282#zero-day#Ivanti#CVE-2025-0283#ZTA#gateways
·rapid7.com·
CVE-2025-0282: Ivanti Connect Secure zero-day exploited in the wild | Rapid7 Blog
Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability
Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability
The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails. The jailbreak technique "Bad Likert Judge" manipulates LLMs to generate harmful content using Likert scales, exposing safety gaps in LLM guardrails.
#unit42#EN#2024#LLM#Jailbreak#Likert
·unit42.paloaltonetworks.com·
Bad Likert Judge: A Novel Multi-Turn Technique to Jailbreak LLMs by Misusing Their Evaluation Capability
What We Know About CVE-2024-49112 and CVE-2024-49113
What We Know About CVE-2024-49112 and CVE-2024-49113
In December 2024, two Windows Lightweight Directory Access Protocol (LDAP) vulnerabilities were identified by independent security researcher Yuki Chen: CVE-2024-49112, a remote code execution (RCE) flaw with a 9.8 CVSS score, and CVE-2024-49113, a denial-of-service (DoS) flaw with a 7.5 CVSS score.
#trendmicro#EN#2024#CVE-2024-49112#CVE-2024-49113#LDAPNightmare#Microsoft#LDAP#RCE
·trendmicro.com·
What We Know About CVE-2024-49112 and CVE-2024-49113
Finnish police detain Russian 'ghost fleet' ship crew as cable damage probe continues
Finnish police detain Russian 'ghost fleet' ship crew as cable damage probe continues
The Eagle S is suspected of damaging the Estlink-2 power cable which runs under the Baltic Sea between Finland and Estonia by dragging its anchor along the seabed on Christmas Day. Police in Finland say the crew of a Russia-linked tanker suspected of damaging a power cable under the Baltic Sea have been detained indefinitely. The Eagle S crew consists of 24 people with Finland’s Central Criminal Police imposing movement restrictions on eight.
#euronews#EN#2025#Finland#Russia#sabotage#cables#Balric#sea#shadow-fleet
·euronews.com·
Finnish police detain Russian 'ghost fleet' ship crew as cable damage probe continues
DoubleClickjacking: A New Era of UI Redressing
DoubleClickjacking: A New Era of UI Redressing
“Clickjacking” attacks have been around for over a decade, enabling malicious websites to trick users into clicking hidden or disguised buttons they never intended to click . This technique is becoming less practical as modern browsers set all cookies to “SameSite: Lax” by default. Even if an attacker site can frame another website, the framed site would be unauthenticated, because cross-site cookies are not sent. This significantly reduces the risk of successful clickjacking attacks, as most interesting functionality on websites typically requires authentication.
#paulosyibelo#EN#2024#DoubleClickjacking#analysis#technique
·paulosyibelo.com·
DoubleClickjacking: A New Era of UI Redressing