Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 3 most recent headlines Filtered view
Trend Micro Research, News and Perspectives 2 years ago

Decoding Water Sigbin's Latest Obfuscation Tricks

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.

More from Trend Micro Research, News and Perspectives 30 May 2024, 12:00 p.m. Actively exploited CVE-2017-3506 CVE-2023-21839 CVE Cryptocurrency Oracle PowerShell Threat Actor Vulnerability
The Hacker News 3 years, 7 months ago

ProxyNotShell – the New Proxy Hell?

Nicknamed ProxyNotShell, a new exploit used in the wild takes advantage of the recently published Microsoft Server-Side Request Forgery (SSRF) vulnerability CVE-2022-41040 and a second vulnerability, CVE-2022-41082 that allows Remote Code Execution (RCE) when PowerShell is available to unidentified attackers

More from The Hacker News 4 Oct 2022, 9:05 p.m. Actively exploited CVE-2022-41040 CVE-2022-41082 0-Day Abuse CVE Exploit Microsoft PowerShell Remote Code Execution Vulnerability