Everest
You must login to view this content
Aggregator
OnlyFans, Discord ClickFix-Themed Pages Spread Epsilon Red Ransomware
6 months 2 weeks ago
Beware of Epsilon Red ransomware as attackers impersonate Discord, Twitch and OnlyFans using fake verification pages with .HTA files and ActiveX to spread malware.
Deeba Ahmed
Hakrawler: Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
6 months 2 weeks ago
Hakrawler: Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application
Dark Web Informer - Cyber Threat Intelligence
NCorr-FP基于邻域的数据库指纹水印方案分析
6 months 2 weeks ago
解读NCorr-FP论文分析NCorr-FP方案的实现
Aqaba Special Economic Zone Authority Falls Victim to Qilin Ransomware
6 months 2 weeks ago
Aqaba Special Economic Zone Authority Falls Victim to Qilin Ransomware
Dark Web Informer - Cyber Threat Intelligence
Attackers actively exploit critical zero-day in Alone WordPress Theme
6 months 2 weeks ago
Hackers exploit a critical vulnerability, tracked as CVE-2025-5394 (CVSS score of 9.8), in the Alone WordPress theme to hijack sites. Threat actors are actively exploiting a critical flaw, tracked as CVE-2025-5394 (CVSS score of 9.8), in the “Alone – Charity Multipurpose Non-profit WordPress Theme” to compromise websites. On May 30th, 2025, security researcher Thái An […]
Pierluigi Paganini
Raspberry Pi притворился системным администратором и обманул крупный банк
6 months 2 weeks ago
Устройство с 4G-модемом подключили к ATM-коммутатору для удалённого доступа.
英伟达宣布了结束旧架构 GPU 驱动支持的时间表
6 months 2 weeks ago
英伟达宣布,自 2025 年 10 月起新 Game Ready 驱动更新将不再支持 Maxwell、Pascal 或 Volta GPU 架构。这意味着 GeForce GTX 1060 之类的旧显卡将不再获得针对新游戏进行优化的驱动版本。英伟达还表示将于 2026 年 10 月停止所有 Windows 10 驱动支持,比微软官方的 Windows 10 终止支持时间晚一年。此后如果 Windows 10 用户希望继续获得较新型号显卡的新驱动,他们需要升级到 Windows 11。英伟达表示会在 2028 年 10 月之前为 Maxwell、Pascal 和 Volta 系列显卡发布季度安全更新。
Microsoft: Kremlin monitors foreign embassies in Moscow through cyber-espionage at ISP level
6 months 2 weeks ago
In a warning to foreign embassies in Moscow, Microsoft said a Russian state-backed hacking group known as Secret Blizzard or Turla has been using internet service providers for adversary-in-the-middle (AiTM) attacks.
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
6 months 2 weeks ago
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been ongoing since at least 2024, targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware.
The post Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats appeared first on Microsoft Security Blog.
Microsoft Threat Intelligence
Microsoft: Russian hackers use ISP access to hack embassies in AiTM attacks
6 months 2 weeks ago
Microsoft warns that a cyber-espionage group linked to Russia's Federal Security Service (FSB) is targeting diplomatic missions in Moscow using local internet service providers. [...]
Sergiu Gatlan
Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats
6 months 2 weeks ago
Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard that has been ongoing since at least 2024, targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware.
The post Frozen in transit: Secret Blizzard’s AiTM campaign against diplomats appeared first on Microsoft Security Blog.
Microsoft Threat Intelligence
Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow
6 months 2 weeks ago
A new Microsoft report finds that the long-running threat group has gained positions on state-aligned ISPs and Russian telecoms, while tricking foreign embassy staff to download custom malware.
The post Russia-affiliated Secret Blizzard conducting ongoing espionage against embassies in Moscow appeared first on CyberScoop.
Matt Kapko
Russia's Secret Blizzard APT Gains Embassy Access via ISPs
6 months 2 weeks ago
An ongoing AitM campaign by the infamous Moscow-sponsored cyber-threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.
Tara Seals
Свет больше не свободен — его квантовая воля сломана домашним симулятором
6 months 2 weeks ago
То, что вчера считалось неподъёмным даже для суперкомпьютеров, сегодня рассчитывается на ноутбуке.
SecWiki News 2025-07-31 Review
6 months 2 weeks ago
网络空间测绘技术白皮书 by ourren
国家信息化发展报告(2024年) by ourren
白盒+LLM:操作类越权自动化检测实践 by ourren
白盒漏洞 AI 运营实践 by ourren
美国网络司令部集成各军种项目开展联合网络武器研发 by ourren
更多最新文章,请访问SecWiki
国家信息化发展报告(2024年) by ourren
白盒+LLM:操作类越权自动化检测实践 by ourren
白盒漏洞 AI 运营实践 by ourren
美国网络司令部集成各军种项目开展联合网络武器研发 by ourren
更多最新文章,请访问SecWiki
CVE-2015-0740 | Cisco Unified Intelligence Center 10.6(1) cross-site request forgery (CSCus28826 / BID-74732)
6 months 2 weeks ago
A vulnerability was found in Cisco Unified Intelligence Center 10.6(1). It has been classified as problematic. Affected is an unknown function. The manipulation leads to cross-site request forgery.
This vulnerability is traded as CVE-2015-0740. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2015-4274 | Cisco Unified Intelligence Center 10.0(1)/10.6(1) cross-site request forgery (ID 1032962)
6 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Cisco Unified Intelligence Center 10.0(1)/10.6(1). This issue affects some unknown processing. The manipulation leads to cross-site request forgery.
The identification of this vulnerability is CVE-2015-4274. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2017-12248 | Cisco Unified Intelligence Center Web Interface Parameter cross site scripting (cisco-sa-20170920-cuic / BID-100921)
6 months 2 weeks ago
A vulnerability was found in Cisco Unified Intelligence Center and classified as problematic. Affected by this issue is some unknown functionality of the component Web Interface. The manipulation as part of Parameter leads to cross site scripting.
This vulnerability is handled as CVE-2017-12248. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2017-12253 | Cisco Unified Intelligence Center cross-site request forgery (cisco-sa-20170920-cuic1 / BID-100919)
6 months 2 weeks ago
A vulnerability was found in Cisco Unified Intelligence Center. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross-site request forgery.
The identification of this vulnerability is CVE-2017-12253. The attack may be initiated remotely. There is no exploit available.
vuldb.com