/
Navigation
C
Chronicles
Browse all articles
C
E
Explore
Semantic exploration
E
R
Research
Entity momentum
R
N
Nexus
Correlations & relationships
N
~
Story Arc
Topic evolution
S
Drift Map
Semantic trajectory animation
D
P
Posts
Analysis & commentary
P
Browse
@
Entities
Companies, people, products, technologies
Domains
Browse by publication source
Handles
Browse by social media handle
Detection
?
Concept Search
Semantic similarity search
!
High Impact Stories
Top coverage by position
+
Sentiment Analysis
Positive/negative coverage
*
Anomaly Detection
Unusual coverage patterns
Analysis
vs
Rivalry Report
Compare two entities head-to-head
/\
Semantic Pivots
Narrative discontinuities
!!
Crisis Response
Event recovery patterns
Connected
Nav: C E R N
Search: /
Command: ⌘K
Embeddings: large
VOICE ARCHIVE

Bad Packets

@bad_packets
17 posts
2022-05-19
CVE-2022-22972 VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. https://www.vmware.com/...
2022-05-19 View on X
Ars Technica

The CISA orders US federal civilian agencies to patch or remove VMware products affected by a critical RCE vulnerability that hackers are actively exploiting

Security flaws in VMware and F5's BIG-IP are being exploited by malicious hackers.  —  Malicious hackers, some believed to be state-backed … Source: CISA , VMware , CISA , and CISA...

View original
2021-09-05
CVE-2021-26084 exploit activity also detected from 2.57.33.43 (🇮🇹) as of 2021-09-02T06:46:57Z. https://twitter.com/...
2021-09-05 View on X
BleepingComputer

US Cyber Command and CISA urge US organizations to immediately patch a critical Atlassian Confluence remote code execution flaw that is under mass exploitation

US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately.Source:@c...

View original
2021-09-04
CVE-2021-26084 exploit activity also detected from 2.57.33.43 (🇮🇹) as of 2021-09-02T06:46:57Z. https://twitter.com/...
2021-09-04 View on X
BleepingComputer

US Cyber Command and CISA urge US organizations to immediately patch a critical Atlassian Confluence remote code execution flaw that is under mass exploitation

US Cyber Command (USCYBERCOM) has issued a rare alert today urging US organizations to patch a massively exploited Atlassian Confluence critical vulnerability immediately. Source: ...

View original
2021-07-21
“Starting with Windows 10 build 1809, non-administrative users are granted access to SAM, SYSTEM, and SECURITY files. This can allow for local privilege escalation (LPE).” https://www.kb.cert.org/...
2021-07-21 View on X
Ars Technica

Researchers detail two new local privilege escalation vulnerabilities, one in recent builds of Windows 10 and the preview of Windows 11, and the other in Linux

Both OSes have flaws that allow attackers with a toehold to elevate access.  —  The world woke up on Tuesday to two new vulnerabilities … Source: US-CERT , Qualys Security Blog , a...

View original
2021-07-05
@FBI The vendor says, “Only a very small percentage of our customers were affected - currently estimated at fewer than 40 worldwide.” The FBI says, “Although the scale of this incident may make it so that we are unable to respond to each victim individually.” 🤔
2021-07-05 View on X
Reuters

President Biden says he has directed US intelligence agencies to investigate the Kaseya ransomware attack and adds “we're not certain” who is behind the attack

Trevor Hunnicutt / Reuters :

View original
@FBI The vendor says, “Only a very small percentage of our customers were affected - currently estimated at fewer than 40 worldwide.” The FBI says, “Although the scale of this incident may make it so that we are unable to respond to each victim individually.” 🤔
2021-07-05 View on X
The Record

In a post on the REvil dark web blog, the gang takes credit for the Kaseya attack, claims it infected 1M+ systems, and demands $70M in bitcoin for the decryptor

The REvil ransomware gang is asking for a $70 million ransom payment to publish a universal decryptor that can unlock …

View original
2021-04-02
It's not DNS There's no way it's DNS It was DNS https://twitter.com/...
2021-04-02 View on X
Windows Central

Microsoft says a DNS outage causing issues with services like Teams, Azure, and Office 365 is mostly over, cites spike in DNS traffic as preliminary root cause

If a Bing goes down and no one is around, did it even happen?  —  What you need to know  — Several Microsoft services …

View original
2020-12-02
CVE-2019-11510 and CVE-2020-15505 for those keeping score at home. https://twitter.com/...
2020-12-02 View on X
TechCrunch

IT security company Ivanti has acquired enterprise mobile security firm MobileIron for $872M in stock and corporate VPN provider Pulse Secure for an unknown sum

Zack Whittaker / TechCrunch :

View original
2020-09-15
Bad Packets initial vulnerability scans (post-public disclosure) found: • 14,500 Pulse Secure VPN servers vulnerable to CVE-2019-11510 • 25,000 Citrix (NetScaler) servers vulnerable to CVE-2019-19781 • 3,000 BIG-IP F5 servers vulnerable to CVE-2020-5902 https://twitter.com/...
2020-09-15 View on X
ZDNet

CISA: hacking groups linked to China's Ministry of State Security have exploited F5, Citrix, Pulse Secure, and Microsoft Exchange bugs to hack US gov't networks

Chinese Ministry of State Security-Affiliated Cyber Threat Actor Activity Ravie Lakshmanan / The Hacker News : CISA: Chinese Hackers Exploiting Unpatched Devices to Target U.S. Age...

View original
2020-03-13
“It's not clear exactly what led to the inadvertent disclosure. Researchers at security firms Fortinet and Cisco released blog posts describing the vulnerability, but later removed references to the bug.” https://techcrunch.com/...
2020-03-13 View on X
ZDNet

Microsoft releases a patch for the wormable flaw in Windows 10 and Windows Server 2019 that leaked this week

Catalin Cimpanu / ZDNet :

View original
“The bug allows attackers to connect to remote systems where the SMB service is enabled and run malicious code with SYSTEM privileges, allowing for remote takeovers of vulnerable systems.” https://www.zdnet.com/...
2020-03-13 View on X
ZDNet

Microsoft releases a patch for the wormable flaw in Windows 10 and Windows Server 2019 that leaked this week

Catalin Cimpanu / ZDNet :

View original
2020-01-17
“Throughout 2019, this particular SharePoint vulnerability was one of the most exploited security flaws, by both financially-motivated cybercriminals, but also nation-state-sponsored cyber-espionage groups.” https://www.zdnet.com/...
2020-01-17 View on X
ZDNet

FBI: nation-state hackers breached the networks of two US municipalities last year, targeting a Microsoft SharePoint vulnerability that was patched in February

Catalin Cimpanu / ZDNet : Tweets: @gossithedog , @bad_packets , @protaapp , and @dangoodin001 Tweets: Kevin Beaumont / @gossithedog : This SharePoint vulnerability CVE-2019-0604 f...

View original
2019-12-25
CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution https://support.citrix.com/... Anyone seen a proof-of-concept?
2019-12-25 View on X
BleepingComputer

Researchers: unpatched flaws in Citrix products leave 80,000+ businesses potentially vulnerable to unauthorized network access; Cisco shares steps to mitigate

Sergiu Gatlan / BleepingComputer :

View original
2019-12-24
CVE-2019-19781 : Vulnerability in Citrix Application Delivery Controller and Citrix Gateway leading to arbitrary code execution https://support.citrix.com/... Anyone seen a proof-of-concept?
2019-12-24 View on X
BleepingComputer

Researchers: unpatched flaws in Citrix products leave 80,000+ businesses potentially vulnerable to unauthorized network access; Cisco shares steps to mitigate

A newly discovered vulnerability impacting the Citrix Application Delivery Controller (NetScaler ADC) and the Citrix Gateway …

View original
2019-10-21
“@SecReLabs discovered that by adding the ‘�. ’ (U+D801, dot, space) character sequence to various locations inside the backend of a normal Alexa/Google Home app, they could induce long periods of silence during which the assistant remains active.” https://www.zdnet.com/...
2019-10-21 View on X
ZDNet

Researchers show how malicious voice apps for Alexa or Google Home eavesdrop on users, as Amazon and Google take a lax approach to vetting the platforms

Exclusive: Amazon, Google fail to address security loopholes in Alexa and Home devices more than a year after first reports.

View original
2019-08-22
“@PsiDragon published details about a second Valve zero-day, which is another EoP/LPE in the Steam client, allowing malicious apps to gain admin rights through Valve's Steam app.” https://www.zdnet.com/...
2019-08-22 View on X
ZDNet

Researcher who was banned from Valve's HackerOne bug bounty program after submitting a Steam 0-day that Valve downplayed, reveals details of another Steam 0-day

Catalin Cimpanu / ZDNet :

View original
2018-01-29
“We started seeing an increase in traffic to five malicious domains on January 18. After closely examining the network traffic, we discovered that the traffic came from DoubleClick (Google) advertisements.” http://blog.trendmicro.com/...
2018-01-29 View on X
Ars Technica

YouTube served ads containing Coinhive's cryptocurrency-mining and CPU-draining JavaScript, likely via Google's DoubleClick; Google says ads now blocked

View original