π΄ 60K+ Android Apps Have Delivered Adware Undetected for Months π΄
π Read
via "Dark Reading".
A campaign targeting mainly US users disguised malware in fake security software, game cracks, cheats, free Netflix, and other "modded" apps.π Read
via "Dark Reading".
Dark Reading
60K+ Android Apps Have Delivered Adware Undetected for Months
A campaign targeting mainly US users disguised malware in fake security software, game cracks, cheats, free Netflix, and other "modded" apps.
π1
β Firefox 114 is out: No 0-days, but one fascinating βteachable momentβ bug β
π Read
via "Naked Security".
With the right (or wrong, if you're on the right side of the fence) timing...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover π΄
π Read
via "Dark Reading".
The bug is very dangerous and impacts a big swath of the developer community, researchers warn.π Read
via "Dark Reading".
Dark Reading
Easily Exploitable Microsoft Visual Studio Bug Opens Developers to Takeover
The bug is very dangerous and impacts a big swath of the developer community, researchers warn.
βΌ CVE-2023-33660 βΌ
π Read
via "National Vulnerability Database".
A heap buffer overflow vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function copyn_str() in the file mqtt_parser.c. An attacker could exploit this vulnerability to cause a denial of service attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33657 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability exists in NanoMQ 0.17.2. The vulnerability can be triggered by calling the function nni_mqtt_msg_get_publish_property() in the file mqtt_msg.c. This vulnerability is caused by improper data tracing, and an attacker could exploit it to cause a denial of service attack.π Read
via "National Vulnerability Database".
π΄ Fighting AI-Powered Fraud: Let the Battle of the Machines Begin π΄
π Read
via "Dark Reading".
As cybercriminals tap the power of machine learning and generative AI to outwit fraud-detection systems, online fraud-prevention technologies must evolve accordingly.π Read
via "Dark Reading".
Dark Reading
Fighting AI-Powered Fraud: Let the Battle of the Machines Begin
As cybercriminals tap the power of machine learning and generative AI to outwit fraud-detection systems, online fraud-prevention technologies must evolve accordingly.
π΄ Sophisticated 'Impulse Project' Crypto Scam Sprawls With 1,000 Affiliate Sites π΄
π Read
via "Dark Reading".
Ready-to-defraud turnkey services from Russia's Impulse Team are offered on the cyber underground and have built a campaign that has operated undetected dating back to 2016.π Read
via "Dark Reading".
Dark Reading
Sophisticated 'Impulse Project' Crypto Scam Sprawls With 1,000 Affiliate Sites
Ready-to-defraud turnkey services from Russia's Impulse Team are offered on the cyber underground and have built a campaign that has operated undetected dating back to 2016.
βΌ CVE-2023-34570 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter devName at /goform/SetOnlineDevName.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34571 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter shareSpeed at /goform/WifiGuestSet.π Read
via "National Vulnerability Database".
β S3 Ep138: I like to MOVEit, MOVEit β
π Read
via "Naked Security".
Backdoors, exploits, and Little Bobby Tables. Listen now! (Full transcript available...)π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ The Growing Cyber Threats of Generative AI: Who's Accountable? π΄
π Read
via "Dark Reading".
In the wrong hands, malicious actors can use chatbots to unleash sophisticated cyberattacks that could have devastating consequences.π Read
via "Dark Reading".
Dark Reading
The Growing Cyber Threats of Generative AI: Who's Accountable?
In the wrong hands, malicious actors can use chatbots to unleash sophisticated cyberattacks that could have devastating consequences.
βΌ CVE-2023-3165 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Life Insurance Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file insertNominee.php of the component POST Parameter Handler. The manipulation of the argument nominee_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-231109 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
π΄ Barracuda Warns All ESG Appliances Need Urgent Rip & Replace π΄
π Read
via "Dark Reading".
Patching, wiping ESG devices not enough to deny threat actor access following compromise, Barracuda says. π Read
via "Dark Reading".
Dark Reading
Barracuda Warns ESG Appliances Need Urgent Rip & Replace
Patching, wiping ESG devices not enough to deny threat actor access following compromise, Barracuda says.
βΌ CVE-2023-34958 βΌ
π Read
via "National Vulnerability Database".
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.π Read
via "National Vulnerability Database".
π΄ City of Dallas Still Clawing Back Weeks After Cyber Incident π΄
π Read
via "Dark Reading".
The Texas city's networks have returned to 90% functionality following the May 3 Royal ransomware attack.π Read
via "Dark Reading".
Dark Reading
City of Dallas Still Clawing Back Weeks After Cyber Incident
The Texas city's networks have returned to 90% functionality following the May 3 Royal ransomware attack.
π΄ Cybersecurity Institute to Open in Saudi Arabia π΄
π Read
via "Dark Reading".
The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships.π Read
via "Dark Reading".
Dark Reading
Cybersecurity Institute to Open in Saudi Arabia
The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships.
βοΈ Barracuda Urges Replacing β Not Patching β Its Email Security Gateways βοΈ
π Read
via "Krebs on Security".
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.π Read
via "Krebs on Security".
Krebs on Security
Barracuda Urges Replacing β Not Patching β Its Email Security Gateways
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactlyβ¦
βΌ CVE-2023-32750 βΌ
π Read
via "National Vulnerability Database".
Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29403 βΌ
π Read
via "National Vulnerability Database".
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32751 βΌ
π Read
via "National Vulnerability Database".
Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it is possible to generate valid signatures for arbitrary download URLs. By uploading an HTML file and modifying the download URL to serve the file inline instead of as an attachment, any included JavaScript code is executed when the URL is opened in a browser, leading to a cross-site scripting vulnerability.π Read
via "National Vulnerability Database".
π€1
βΌ CVE-2023-34243 βΌ
π Read
via "National Vulnerability Database".
TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS), an attacker could discover their username by brute-forcing the login endpoint with an invalid password. When a valid Windows logon was found, a distinct response would be generated. This issue has been addressed in version 5.12.5. Users are advised to upgrade. Users unable to upgrade may be mitigated by rate-limiting API calls with software that sits in front of TGS in the HTTP pipeline such as fail2ban.π Read
via "National Vulnerability Database".
π1π₯1