GreyNoise

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation

Don't miss, enterprise, exploit, firewall, GreyNoise, Hot stuff, News, Palo Alto Networks, PoC, security update, TrustedSec, Volexity, vulnerability, WatchTowr /

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation 2024-04-17 at 12:31 By Zeljka Zorz While it initially seemed that protecting Palo Alto Network firewalls from attacks leveraging CVE-2024-3400 would be as easy a disabling the devices’ telemetry, it has now been comfirmed that this mitigation is ineffectual. “Device telemetry does not need to be […]

React to this headline:

Loading spinner

Palo Alto firewalls: Public exploits, rising attacks, ineffective mitigation Read More »

Akira, LockBit actively searching for vulnerable Cisco ASA devices

Cisco, Don't miss, enterprise, exploit, GreyNoise, Hot stuff, News, Ransomware, Truesec, vulnerability /

Akira, LockBit actively searching for vulnerable Cisco ASA devices 2024-02-08 at 14:31 By Zeljka Zorz Akira and Lockbit ransomware groups are trying to breach Cisco ASA SSL VPN devices by exploiting several older vulnerabilities, security researcher Kevin Beaumont is warning. They are targeting vulnerabilities for which patches have been made available in 2020 and 2023.

React to this headline:

Loading spinner

Akira, LockBit actively searching for vulnerable Cisco ASA devices Read More »

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

CISA, Don't miss, endpoint management, exploit, GreyNoise, Ivanti, News, Rapid7, vulnerability /

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) 2024-01-19 at 19:49 By Zeljka Zorz A previously patched critical vulnerability (CVE-2023-35082) affecting Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core is being actively exploited, the Cybersecurity and Infrastructure Security Agency (CISA) has confirmed by adding the vulnerability to its Known Exploited Vulnerabilities

React to this headline:

Loading spinner

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082) Read More »

Critical ownCloud flaw under attack (CVE-2023-49103)

Don't miss, GreyNoise, Hot stuff, News, ownCloud, SANS ISC, vulnerability /

Critical ownCloud flaw under attack (CVE-2023-49103) 28/11/2023 at 14:17 By Zeljka Zorz Attackers are trying to exploit a critical information disclosure vulnerability (CVE-2023-49103) in ownCloud, a popular file sharing and collaboration platform used in enterprise settings. Greynoise and SANS ISC say attemps have been first spotted over the weekend, though Dr. Johannes Ullrich, Dean of

React to this headline:

Loading spinner

Critical ownCloud flaw under attack (CVE-2023-49103) Read More »

Atlassian Confluence data-wiping vulnerability exploited

Atlassian Confluence, Don't miss, GreyNoise, Hot stuff, News, PoC, Shadowserver /

Atlassian Confluence data-wiping vulnerability exploited 06/11/2023 at 13:19 By Zeljka Zorz Threat actors are trying to exploit CVE-2023-22518, a critical Atlassian Confluence flaw that allows unauthenticated attackers to reset vulnerable instances’ database, Greynoise is observing. The Shadowserver Foundation has also seen 30+ IP addresses testing for the flaw in internet-facing Confluence installations. From security updates

React to this headline:

Loading spinner

Atlassian Confluence data-wiping vulnerability exploited Read More »

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

Atlassian, Atlassian Confluence, Don't miss, exploit, GreyNoise, Hot stuff, Microsoft, News, Rapid7, vulnerability /

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor 11/10/2023 at 14:18 By Helga Labus A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have pinpointed. About the vulnerability CVE-2023-22515 was initially classified as a critical privilege escalation vulnerability affecting Confluence Data

React to this headline:

Loading spinner

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor Read More »

11 search engines for cybersecurity research you can use right now

cybersecurity, dark web, Don't miss, FullHunt, GreyNoise, Hot stuff, Intelligence X, Netlas, News, OffSec, ONYPHE, penetration testing, Shodan /

11 search engines for cybersecurity research you can use right now 29/08/2023 at 06:32 By Help Net Security Staying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below. DNSdumpster DNSdumpster is a free domain research tool that can discover hosts related to a domain. Finding

React to this headline:

Loading spinner

11 search engines for cybersecurity research you can use right now Read More »

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519)

0-day, CISA, Citrix, critical infrastructure, Don't miss, GreyNoise, Hot stuff, Incident Response, News /

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) 21/07/2023 at 14:19 By Zeljka Zorz The exploitation of the Citrix NetScaler ADC zero-day vulnerability (CVE-2023-3519) was first spotted by a critical infrastructure organization, who reported it to the Cybersecurity and Infrastructure Security Agency (CISA). “In June 2023, threat actors exploited this

React to this headline:

Loading spinner

Citrix ADC zero-day exploitatation: CISA releases details about attack on CI organization (CVE-2023-3519) Read More »

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

Don't miss, enterprise, GreyNoise, Hot stuff, News, patch, VMWare, vulnerability /

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) 21/06/2023 at 11:42 By Zeljka Zorz CVE-2023-20887, a pre-authentication command injection vulnerability in VMware Aria Operations for Networks (formerly vRealize Network Insight), has been spotted being exploited in the wild. There are no workarounds to mitigate the risk of exploitation – enterprise admins are

React to this headline:

Loading spinner

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887) Read More »

ThreatBlockr integrates with GreyNoise to guard against false positives

GreyNoise, Industry news, ThreatBlockr /

ThreatBlockr integrates with GreyNoise to guard against false positives 09/05/2023 at 18:17 By Industry News ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform. By leveraging GreyNoise data, ThreatBlockr customers now have automatic access to this enhanced cyber intelligence and the largest cyber intelligence data set that protects against false positives. “False

React to this headline:

Loading spinner

ThreatBlockr integrates with GreyNoise to guard against false positives Read More »

Scroll to Top