SecureBug allows you to evaluate your offensive and defensive skills, in addition, to let you exchange your ideas and methodologies with thousands of people in the security field.
Join Nordic's No.1 Crowdsourced Security Platform For Offensive & Defensive Security Strategies.

Threat Hunting Images: Detect Bedep DGA 2020.02.23 with Snort Detection Rule

Don’t Be Afraid of DGA: Detect Bedep DGA 2020.02.23 with Snort Detection Rule

[vc_row][vc_column][vc_column_text]A Domain Generation Algorithm (DGA) is a program that is designed to generate domain names in a particular order. Attackers developed DGAs so that malware can quickly generate a list of domains that it can use for the sites that give it instructions and receive information from the malware (usually referred to as “command and…

Threat Hunting Images: Hunting DNS Beacon Attack via Splunk Detection Rule

Hunting DNS Beacon Attack via Splunk Detection Rule

[vc_row][vc_column][vc_column_text]DNS beacon attack is one of the most complicated techniques used in some C&Cs to check the C&C server and exfiltrate data. For detecting this attack, you must check the time request for domains and find a repetitive behavior within a specified time. We suggest this rule for detecting some beacons.[/vc_column_text][/vc_column][/vc_row][vc_row][vc_column css=”.vc_custom_1585480911047{background-color: #000000 !important;}”][vc_column_text]index=”*” type=”dns”…

Update, Bug, Windows

Critical Bug in Windows 10 KB4532693 Update Is Reportedly Hiding and Deleting User Files

Microsoft released Windows 10 KB4532693 Update on their February Update Tuesday. It is now reported that a bug is causing the deletion of user files. According to previous reports, users have been facing with various difficulties on account of the Windows 10 KB4532693 Update; the buggy security update, released on February 11, boots user desktop…

Cisco, Smart Software Manager, Password

Static Password in Cisco Smart Software Manager On-Prem Exposes Systems to Attackers

A critical flaw in Cisco Smart Software Manager On-Prem could allow unverified remote attackers to gain control over a system with a high-privileged account due to a default and static password of a system account. Cisco Smart Software Manager On-Prem is a license-managing product that allows organizations to manage product activation keys (PAKs) and license…

Themegrill, WordPress, Plugin

En brist hos WORDPRESS THEMEGRILL PLUGIN exponerar mer än 200 000 webbplatser för hackare genom sin sårbarhet

’ThemeGrill Demo Importer’ är ett populärt WordPress-temaplugin som har över 200 000 installationer. Det har nyligen upptäckts att plugin-programmet innehåller en signifikant sårbarhet som kan göra det möjligt för oautentiserade cyberbrottslingar att få kontroll över många webbplatser och bloggar om de inte är patchade. Det upptäcktes att sårbarheten har funnits i ThemeGrill-plugin under de senaste…

Themegrill, WordPress, Plugin

WordPress ThemeGrill Plugin Vulnerability Exposes More Than 200,000 Websites to Hackers

‘ThemeGrill Demo Importer’ is a popular WordPress theme plugin that has over 200,000 installations. It has recently been discovered that the plugin contains a significant vulnerability that could allow unauthenticated cybercriminals to gain control over numerous websites and blogs if they are unpatched. It is discovered that the vulnerability has existed in the ThemeGrill plugin…

Hamas, Spyware, The IDF

Hamas Tricks Israeli Soldiers into Installing Spyware by Using Fake Women Online

The Israel Defense Forces (IDF) stated that The Palestinian militant organization, Hamas, schemed to coax Israeli Soldiers into installing spyware and malicious apps using young women profiles on social media platforms such as Instagram, telegram and Facebook. According to the IDF spokesman Brigadier General Hild Silberman, many of the characters posed as new Israeli immigrants…