S3 Ep102.5: “ProxyNotShell” Exchange bugs – an expert speaks [Audio + Text]
Who’s affected, what you can do while waiting for Microsoft’s patches, and how to plan your threat hunting…
Cyber NewsAutomated Creation of Security Groups on AWS
ACM.67 Creating Zero Trust rulesets or security groups on AWS This is a continuation of my series of posts on Automating Cybersecurity Metrics. Back when I worked on the network team at Capital One, developers had to submit requests outlining the network requirements for their applications which got reviewed by the security team and then implemented. […]
Cyber NewsPay What You Want for This Collection of White Hat Hacking Courses
Whether you relish a mental challenge or fancy a six-figure paycheck, there are many good reasons to get into white hat hacking. That said, picking up the necessary knowledge to build a new career can seem like a daunting task. There is a lot to learn, after all. To help you get started, The Hacker News Deals is […]
Cyber NewsCISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed critical flaw impacting Atlassian’s Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2022-36804, the issue relates to a command injection vulnerability that could allow malicious actors to gain arbitrary
Cyber NewsState-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
Microsoft on Friday disclosed that a single activity group in August 2022 achieved initial access and breached Exchange servers by chaining the two newly disclosed zero-day flaws in a limited set of attacks aimed at less than 10 organizations globally. “These attacks installed the Chopper web shell to facilitate hands-on-keyboard access, which the attackers used to perform […]
Cyber News