π RansomLord Anti-Ransomware Exploit Tool 1.0 π
π Read
via "Packet Storm Security".
RansomLord is a proof-of-concept tool that automates the creation of PE files, used to compromise ransomware pre-encryption. This tool uses dll hijacking to defeat ransomware.π Read
via "Packet Storm Security".
Packetstormsecurity
RansomLord Anti-Ransomware β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π₯1
π΄ Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies π΄
π Read
via "Dark Reading".
The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.π Read
via "Dark Reading".
Dark Reading
Call of Duty Self-Spreading Worm Takes Aim at Player Lobbies
The revival of the beloved online multiplayer video game was short-lived once players detected unusual activity and behavior that portended malware.
βΌ CVE-2023-4010 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37771 βΌ
π Read
via "National Vulnerability Database".
Art Gallery Management System v1.0 contains a SQL injection vulnerability via the cid parameter at /agms/product.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4004 βΌ
π Read
via "National Vulnerability Database".
A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34916 βΌ
π Read
via "National Vulnerability Database".
Fuge CMS v1.0 contains an Open Redirect vulnerability via /front/ProcessAct.java.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3997 βΌ
π Read
via "National Vulnerability Database".
Splunk SOAR versions 6.0.2 and earlier are indirectly affected by a potential vulnerability accessed through the userΓ’β¬β’s terminal. A third party can send Splunk SOAR a maliciously crafted web request containing special ANSI characters to cause log file poisoning. When a terminal user attempts to view the poisoned logs, this can tamper with the terminal and cause possible malicious code execution from the terminal userΓ’β¬β’s action.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3817 βΌ
π Read
via "National Vulnerability Database".
Issue summary: Checking excessively long DH keys or parameters may be very slow.Impact summary: Applications that use the functions DH_check(), DH_check_ex()or EVP_PKEY_param_check() to check a DH key or DH parameters may experience longdelays. Where the key or parameters that are being checked have been obtainedfrom an untrusted source this may lead to a Denial of Service.The function DH_check() performs various checks on DH parameters. After fixingCVE-2023-3446 it was discovered that a large q parameter value can also triggeran overly long computation during some of these checks. A correct q value,if present, cannot be larger than the modulus p parameter, thus it isunnecessary to perform these checks if q is larger than p.An application that calls DH_check() and supplies a key or parameters obtainedfrom an untrusted source could be vulnerable to a Denial of Service attack.The function DH_check() is itself called by a number of other OpenSSL functions.An application calling any of those other functions may similarly be affected.The other functions affected by this are DH_check_ex() andEVP_PKEY_param_check().Also vulnerable are the OpenSSL dhparam and pkeyparam command line applicationswhen using the "-check" option.The OpenSSL SSL/TLS implementation is not affected by this issue.The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36763 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4026 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-4024. Reason: This record is a duplicate of CVE-2023-4024. Notes: All CVE users should reference CVE-2023-4024 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34917 βΌ
π Read
via "National Vulnerability Database".
Fuge CMS v1.0 contains an Open Redirect vulnerability in member/RegisterAct.java.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37580 βΌ
π Read
via "National Vulnerability Database".
Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38750 βΌ
π Read
via "National Vulnerability Database".
In Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41, 9 before 9.0.0 Patch 34, and 10 before 10.0.2, internal JSP and XML files can be exposed.π Read
via "National Vulnerability Database".
π΄ Abyss Locker Ransomware Looks to Drown VMware's ESXi Servers π΄
π Read
via "Dark Reading".
The 4-month-old ransomware gang is now actively targeting VMware's virtual environments with a second variant of its custom malware.π Read
via "Dark Reading".
Dark Reading
Abyss Locker Ransomware Looks to Drown VMware's ESXi Servers
The 4-month-old ransomware gang is now actively targeting VMware's virtual environments with a second variant of its custom malware.
π΄ Air-Gapped ICS Systems Targeted by Sophisticated Malware π΄
π Read
via "Dark Reading".
Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2.π Read
via "Dark Reading".
Dark Reading
Air-Gapped ICS Systems Targeted by Sophisticated Malware
Researchers uncovered new worming second-stage tools used to locally exfiltrate data from air gapped ICS environments, putting threat actors one step away from transmission of the info to a C2.
βΌ CVE-2023-38989 βΌ
π Read
via "National Vulnerability Database".
An issue in the delete function in the UserController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete the Administrator's role information.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3983 βΌ
π Read
via "National Vulnerability Database".
An authenticated SQL injection vulnerability exists in Advantech iView versions prior to v5.7.4 build 6752. An authenticated remote attacker can bypass checks in com.imc.iview.utils.CUtils.checkSQLInjection() to perform blind SQL injection.π Read
via "National Vulnerability Database".
π΄ Protecting Intellectual Property When It Needs to Be Shared π΄
π Read
via "Dark Reading".
Companies should use a variety of tools and strategies, both technical and policy, to protect their IP from third-party risk.π Read
via "Dark Reading".
Dark Reading
Protecting Intellectual Property When It Needs to Be Shared
Companies should use a variety of tools and strategies, both technical and policy, to protect their IP from third-party risk.
π΄ China's Volt Typhoon APT Burrows Deeper into US Critical Infrastructure π΄
π Read
via "Dark Reading".
US officials are concerned that the Beijing-directed cyberattacks could be a precursor to military disruption and broader destructive attacks on citizens and businesses.π Read
via "Dark Reading".
Dark Reading
China's Volt Typhoon APT Burrows Deeper Into US Critical Infrastructure
US officials are concerned that the Beijing-directed cyberattacks could be a precursor to military disruption and broader destructive attacks on citizens and businesses.
π¦Ώ Reducing Generative AI Hallucinations and Trusting Your Data: Interview With Cognite CPO Moe Tanabian π¦Ώ
π Read
via "Tech Republic".
In a conversation with Cognite CPO Moe Tanabian, learn how industrial software can combine human and AI skills to create smarter digital twins.π Read
via "Tech Republic".
TechRepublic
Reducing Generative AI Hallucinations and Trusting Your Data: Interview With Cognite CPO Moe Tanabian
What should tech professionals who are concerned about AI hallucinations have in mind when determining whether to use generative AI products?
βΌ CVE-2022-42183 βΌ
π Read
via "National Vulnerability Database".
Precisely Spectrum Spatial Analyst 20.01 is vulnerable to Server-Side Request Forgery (SSRF).π Read
via "National Vulnerability Database".
β€1