π΄ Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs π΄
π Read
via "Dark Reading".
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.π Read
via "Dark Reading".
Dark Reading
Sustained 'Red Deer' Phishing Attacks Impersonate Israel Post, Drop RATs
The "missed package" phishing messages, likely the work of a hacking-for-hire group, bounds into inboxes, bearing ASyncRAT.
βΌ CVE-2023-32310 βΌ
π Read
via "National Vulnerability Database".
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32713 βΌ
π Read
via "National Vulnerability Database".
In Splunk App for Stream versions below 8.1.1, a low-privileged user could use a vulnerability in the streamfwd process within the Splunk App for Stream to escalate their privileges on the machine that runs the Splunk Enterprise instance, up to and including the root user.π Read
via "National Vulnerability Database".
π΄ How Do I Reduce Security Tool Sprawl in My Environment? π΄
π Read
via "Dark Reading".
When it comes to tool consolidation, focus on platforms over products.π Read
via "Dark Reading".
Dark Reading
How Do I Reduce Security Tool Sprawl in My Environment?
When it comes to tool consolidation, focus on platforms over products.
π΄ Jetpack WordPress Plug-in API Bug Triggers Mass Updates π΄
π Read
via "Dark Reading".
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.π Read
via "Dark Reading".
Dark Reading
Jetpack WordPress Plug-in API Bug Triggers Mass Updates
An audit uncovers an API-related security vulnerability dating back to Jetpack version 2.0 released in 2012 β and it affects millions of websites.
β€1
βΌ CVE-2023-34339 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.3.1 headers containing authentication data could be added to the exception's messageπ Read
via "National Vulnerability Database".
π΄ Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits π΄
π Read
via "Dark Reading".
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.π Read
via "Dark Reading".
Dark Reading
Amazon Pays $30.8M to Settle Ring Spying & Alexa Privacy Lawsuits
The global e-commerce company will pay millions of dollars in two separate lawsuits because of privacy and security violations, the FTC says.
π΄ Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks π΄
π Read
via "Dark Reading".
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.π Read
via "Dark Reading".
Dark Reading
Tel Aviv Stock Exchange Selects CardinalOps to Reduce Risk of Breaches Due to Undetected Attacks
Enables financial services firm to operationalize MITRE ATT&CK with Splunk and eliminate detection coverage gaps based on organizational risk and priorities.
π΄ Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members π΄
π Read
via "Dark Reading".
Program designed to equip women and underrepresented individuals with the necessary skills and knowledge to succeed in cybersecurity.π Read
via "Dark Reading".
Dark Reading
Cyversity and United Airlines to Provide Cybersecurity Training Scholarships to Cyversity Members
Program designed to equip women and underrepresented individuals with the necessary skills and knowledge to succeed in cybersecurity.
βΌ CVE-2023-29723 βΌ
π Read
via "National Vulnerability Database".
The Glitter Unicorn Wallpaper app for Android 7.0 thru 8.0 allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29736 βΌ
π Read
via "National Vulnerability Database".
Keyboard Themes 1.275.1.164 for Android contains a dictionary traversal vulnerability that allows unauthorized apps to overwrite arbitrary files in its internal storage and achieve arbitrary code execution.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29725 βΌ
π Read
via "National Vulnerability Database".
The BT21 x BTS Wallpaper app 12 for Android allows unauthorized applications to actively request permission to insert data into the database that records information about a user's personal preferences and will be loaded into memory to be read and used when the application is opened. By injecting data, the attacker can force the application to load malicious image URLs and display them in the UI. As the amount of data increases, it will eventually cause the application to trigger an OOM error and crash, resulting in a persistent denial of service attack.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29746 βΌ
π Read
via "National Vulnerability Database".
An issue found in The Thaiger v.1.2 for Android allows unauthorized apps to cause a code execution attack by manipulating the SharedPreference files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2835 βΌ
π Read
via "National Vulnerability Database".
The WP Directory Kit plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'search' parameter in versions up to, and including, 1.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π₯2
βΌ CVE-2023-2060 βΌ
π Read
via "National Vulnerability Database".
Weak Password Requirements vulnerability in FTP function on Mitsubishi Electric Corporation MELSEC iQ-R Series EtherNet/IP module RJ71EIP91 and MELSEC iQ-F Series EtherNet/IP module FX5-ENET/IP allows a remote unauthenticated attacker to access to the module via FTP by dictionary attack or password sniffing.π Read
via "National Vulnerability Database".
π₯1
π’ Horabot campaign targeted businesses for more than two years before finally being discovered π’
π Read
via "ITPro".
The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular π Read
via "ITPro".
Cloud Pro
Horabot campaign targeted businesses for more than two years before finally being discovered
The newly-discovered Horabot botnet has attacked companies in the accounting, investment, and construction sectors in particular
π1
π’ Kaspersky traces spyware attack on staff iOS devices back to 2019 π’
π Read
via "ITPro".
It's currently unclear who is behind the spyware attack on the Russian-based cyber security firm π Read
via "ITPro".
ITPro
Kaspersky traces spyware attack on staff iOS devices back to 2019
It's currently unclear who is behind the spyware attack on the Russian-based cyber security firm
π1
βΌ CVE-2023-28705 βΌ
π Read
via "National Vulnerability Database".
Openfind Mail2000 has insufficient filtering special characters of email content of its content filtering function. A remote attacker can exploit this vulnerability using phishing emails that contain malicious web pages injected with JavaScript. When users access the system and open the email, it triggers an XSS (Reflected Cross-site scripting) attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28702 βΌ
π Read
via "National Vulnerability Database".
ASUS RT-AC86U does not filter special characters for parameters in specific web URLs. A remote attacker with normal user privileges can exploit this vulnerability to perform command injection attack to execute arbitrary system commands, disrupt system or terminate service.π Read
via "National Vulnerability Database".
β Researchers claim Windows βbackdoorβ affects hundreds of Gigabyte motherboards β
π Read
via "Naked Security".
It's a backdoor, Jim, but not as we know it... here's a sober look at this issue.π Read
via "Naked Security".
βΌ CVE-2023-3056 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in YFCMF up to 3.0.4. It has been declared as problematic. This vulnerability affects unknown code of the file index.php. The manipulation leads to path traversal: '../filedir'. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-230542 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".