Home Tags Protocol

Tag: Protocol

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil.

This sample is what could be considered as the “father” of other XPan ransomware variants.

A considerable amount of indicators within the source code depict the early origins of this sample.

Cisco Unified Communications Manager Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) cond...

Facebook Advances Delegated Account Recovery Protocol

After several months of early deployment, Facebook is now providing more options for sites to benefit from the Delegated Account Recovery model for account and password resets.

DDoS attacks abusing exposed LDAP servers on the rise

Each DDoS (distributed denial-of-service) attack seem to be larger than the last, and recent advisories from Akamai and Ixia indicate that attackers are stepping up their game.

As attackers expand their arsenal of reflection methods to target CLDAP ...

Unraveling the Lamberts Toolkit

The Lamberts is a family of sophisticated attack tools that has been used by one or multiple threat actors against high-profile victims since at least 2008.

The arsenal includes network-driven backdoors, several generations of modular backdoors, harvesting tools, and wipers.

Rash of in-the-wild attacks permanently destroys poorly secured IoT devices

Ongoing "BrickerBot" attacks might be trying to kill devices before they can join a botnet.

Pushing apps to the edge, Fly.io puts middleware in the cloud

New service puts logic closer to users, aims to be "global load balancer" for apps.

Critical flaw alert! Stop using JSON encryption

A vulnerability in a JSON-based web encryption protocol could allow attackers to retrieve private keys.

Cryptography experts have advised against developers using JSON Web Encryption (JWE) in their applications in the past, and this vulnerability il...

VU#600671: PCAUSA Rawether for Windows local privilege escalation

PCAUSA's Rawether framework does not properly validate BPF data,allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver's receipt of network packets.

This vulnerability may be exploited to perform local privilege escalation on Windows systems.

When inspectors swoop in, hospital staff save more lives

Largest gains seen in teaching hospitals that have reputations on the line.

A simple command allows the CIA to commandeer 318 models of...

Bug relies on telnet protocol used by hardware on internal networks.

Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code...

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code ...