You might be interested in …

[TheRecord] Hacker abuses OpenSea to buy NFTs at older, cheaper prices

A threat actor has exploited a vulnerability in the backend of OpenSea, the internet’s largest NFT marketplace, to buy products at previous (lower) prices and then resell them at higher values, defrauding legitimate asset owners. At the time of writing, the attacker has made at least 332 Ether ($745,000) by exploiting this vulnerability, according to […]

Read More

[HackerNews] Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

All posts, HackerNews

The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as “incomplete in certain non-default configurations.” The second vulnerability — tracked as CVE-2021-45046 — is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all […]

Read More

[SANS ISC] December 2021 Forensic Challenge, (Wed, Dec 8th)

All posts, Sans-ISC

Introduction Today’s diary is a forensic challenge for December 2021.  This month’s challenge is based on network traffic from an Active Directory (AD) environment where a Windows client becomes infected.  The prize for this contest is a Raspberry Pi.  The packet capture (pcap) is in a password-protected zip archive available here.  Rules for the contest […]

Read More

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.