Company says it's improving testing processes to avoid a repeat. Security firm CrowdStrike has posted a preliminary post-incident report about the botched update to its Falcon security software that caused as many as 8.5 million Windows PCs to crash over the weekend, delaying flights, disrupting emergency respo...
Published: 2024-07-24T17:33:05
The code was used to sabotage a heating utility in Lviv at the coldest point in the year. As Russia has tested every form of attack on Ukraine's civilians over the past decade, both digital and physical, it's often used winter as one of its weapons launching cyberattacks on electric utilities to trigger December blackouts and ruthlessl...
Published: 2024-07-24T11:15:43
Yep, passwords for administrators can be changed, too. Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, including those of administrators with accounts, on Cisco Smart Software Manager On-Prem devi...
Published: 2024-07-17T19:47:38
But the books look good, because of real AI ServiceNow has parted ways with president and chief operating officer Chirantan "CJ" Desai after an internal investigation found he had violated company policy when hiring the former CIO of the US Army as t
Published: 2024-07-25T04:27:10
Boss faces grilling before Congress over disastrous software snafu The US House Committee on Homeland Security has requested public testimony from CrowdStrike CEO George Kurtz in the wake of the chaos caused by a faulty update.
Published: 2024-07-23T12:15:10
Who loves a global outage? Phishers, fraudsters and all manner of creeps Well that was fast. Criminals didn't waste any time taking advantage of the CrowdStrike-Microsoft chaos and quickly got to work phishing organizations and spinning up malicious
Published: 2024-07-19T15:22:07
Oh, was it supposed to be Y2K24? Today is one of those days that will go down in history as an unmitigated IT disaster, with CrowdStrike responsible for taking systems down all over the globe. We know airports, hospitals and the usual critical infras
Published: 2024-07-19T14:58:09
Microsoft is still helping CrowdStrike clean up the mess that kicked off a week ago when 8.5 million PCs went offline due to a buggy CrowdStrike update. Now, the software giant is calling for changes to Windows and has dropped some subtle h...
Published: 2024-07-26T06:27:38
A global IT outage grounded flights and resulted in outages at the London Stock Exchange and other systems early Friday morning. Industries ranging from healthcare to banking, air travel, and others were hit by a global IT outage on Friday,...
Published: 2024-07-24T15:41:08
...
Published: 2024-07-24T12:02:18
CrowdStrike has published a post incident review of the buggy update it published that took down 8.5 million Windows machines last week. The detailed post blames a bug in test software for not properly validating the content update that was...
Published: 2024-07-24T05:33:54
On Friday morning, shortly after midnight in New York, disaster started to unfold around the world. In Australia, shoppers were met with Blue Screen of Death (BSOD) messages at self-checkout aisles. In the UK, Sky News had to suspend its br...
Published: 2024-07-23T11:40:18
Cybersecurity startup Wiz has turned down a $23 billion takeover bid from Google’s parent, Alphabet, breaking off what would have been the largest acquisition in the search giant’s history. In an internal memo seen by CNBC, Wiz co-founder A...
Published: 2024-07-23T04:44:06
CrowdStrike CEO George Kurtz was called to testify before the House Homeland Security Committee over the major outage affecting Windows PCs spurred by a faulty update that brought flights, hospital procedures, and broadcasters to a halt on ...
Published: 2024-07-22T18:28:11
The CrowdStrike outage that hit millions of Windows machines on Friday has left IT workers scrambling to get their organizations’ computer infrastructure back up and running. Images and stories shared online are illustrating just how tediou...
Published: 2024-07-21T12:26:59
CrowdStrike has published a new “Remediation and Guidance Hub” that collects details related to its faulty update that crashed 8.5 million Windows computers across the globe on Friday. The page includes technical information on what caused...
Published: 2024-07-21T10:06:18
CrowdStrike’s faulty update caused a worldwide tech disaster that affected 8.5 million Windows devices on Friday, according to Microsoft. Microsoft says that’s “less than one percent of all Windows machines,” but it was enough to create pro...
Published: 2024-07-20T13:20:45
Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed. [...]
Published: 2024-07-26T15:31:09
Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US. [...]
Published: 2024-07-26T14:47:59
Acronis warned customers to patch a critical Cyber Infrastructure security flaw that lets attackers bypass authentication on vulnerable servers using default credentials. [...]
Published: 2024-07-26T12:39:58
Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000. [...]
Published: 2024-07-26T10:28:35
Hundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. [...]
Published: 2024-07-25T17:42:15
Threat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. [...]
Published: 2024-07-25T16:58:16
The U.S. State Department is offering a reward of up to $10 million for information that could help capture a North Korean military hacker. [...]
Published: 2024-07-25T13:17:00
Meta has removed 63,000 Instagram accounts from Nigeria that were involved in sextortion scams, including a coordinated network of 2,500 accounts linked to 20 individuals targeting primarily adult men in the United States. [...]
Published: 2024-07-25T12:54:38
The French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices in France. [...]
Published: 2024-07-25T11:24:55
Written by: Taylor Long, Jeff Johnson, Alice Revelli, Fred Plan, Michael Barnhart Executive Summary APT45 is a long-running, moderately sophisticated North Korean cyber operator that has carried out espionage campaigns as early as 2009. APT45 h
Published: 2024-07-25T14:00:00
Written by: Mike Stokkel, Pierre Gerlings, Renato Fontana, Luis Rocha, Jared Wilson, Stephen Eckels, Jonathan Lepore Executive Summary In collaboration with Google’s Threat Analysis Group (TAG), Mandiant has observed a sustained campaign by the
Published: 2024-07-18T10:00:00
Written by:Bernardo Quintero, Founder of VirusTotal and Security Director, Google Cloud SecurityAlex Berry, Security Manager of the Mandiant FLARE Team, Google Cloud SecurityIlfak Guilfanov, author of IDA Pro and CTO, Hex-RaysVijay Bolina, Chief Info...
Published: 2024-07-15T14:00:00
The Chinese company in charge of handing out domain names ending in “.top” has been given until mid-August 2024 to show that it has put in place systems for managing phishing reports and suspending abusive domains, or else forfeit its lic...
Published: 2024-07-23T19:41:51
At least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven’t set up their new accounts. Expe...
Published: 2024-07-15T15:24:46
And boy, did last Friday's Windows fiasco ever prove that yet again Opinion CrowdStrike's recent Windows debacle will surely earn a prominent place in the annals of epic tech failures. On July 19, the cybersecurity giant accomplished what legions of hackers could only dream of bringing millions of Windows systems worldwide to their knees with a single botched update.
Published: 2024-07-26T18:36:12
These are the kinds of bugs APTs thrive on, just ask the Feds Progress Software's latest security advisory warns customers about the second critical vulnerability targeting its Telerik Report Server in as many months.
Published: 2024-07-26T13:32:13
Microsoft, Mandiant, weigh in with info about methods used by Andariel gang alleged to have made many, many, heists The US Department of Justice on Thursday charged a North Korean national over a series of ransomware attacks on stateside hospitals and healthcare providers, US defense companies, NASA, and even a Chinese target.
Published: 2024-07-26T02:58:11
May even have targeted other malware gangs, and infosec researchers Infosec researchers have discovered a network of over three thousand malicious GitHub accounts used to spread malware, targeting groups including gamers, malware researchers, and even other threat actors who themselves seek to spread malware.
Published: 2024-07-26T01:34:07
We offer this formula instead: RND(100.0)*(10^9) The cost of CrowdStrike's apocalyptic Falcon update that brought down millions of Windows computers last week may be in the billions of dollars, and insurance isn't covering most of that.
Published: 2024-07-26T00:35:11
PSA: Only accept updates via official channels ... ironically enough CrowdStrike is the latest lure being used to trick Windows users into downloading and running the notorious Lumma infostealing malware, according to the security shop's threat intel team, which spotted the scam just days after the Falcon sensor update fiasco.
Published: 2024-07-25T22:30:49
And the forking Microsoft-owned code warehouse doesn't see this as much of a problem Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.
Published: 2024-07-25T19:51:32
Beijing has a long history of recruiting US residents to carry out various espionage activities The US is looking to prosecute a Chinese immigrant over claims he has been drip-feeding information of interest to Beijing since at least 2012.
Published: 2024-07-25T17:15:14
For some unknown reason, initial patch was omitted from later versions Docker is warning users to rev their Docker Engine into patch mode after it realized a near-maximum severity vulnerability had been sticking around for five years.
Published: 2024-07-25T13:46:13
Those national security threat claims? 'No evidence,' VP tells The Reg Exclusive Despite the Feds' determination to ban Kaspersky's security software in the US, the Russian business continues to push its proposal to open up its data and products to independent third-party review and prove to Uncle Sam that its code hasn't been and won't be compromised by Kremlin spies.
Published: 2024-07-25T12:01:14
Are your security and ops teams fighting to pass the buck? Comment Patching: The bane of every IT professional's existence. It's a thankless, laborious job that no one wants to do, goes unappreciated when it interrupts work, and yet it's more critical than ever in this modern threat landscape.
Published: 2024-07-25T07:27:06
This one weird trick saved countless hours and stress no, really Not long after Windows PCs and servers at the Australian limb of audit and tax advisory Grant Thornton started BSODing last Friday, senior systems engineer Rob Woltz remembered a small but important fact: When PCs boot, they consider barcode scanners no differently to keyboards.
Published: 2024-07-25T02:29:13
'In the short term, they're going to have to do a lot of groveling' Analysis The great irony of the CrowdStrike fiasco is that a cybersecurity company caused the exact sort of massive global outage it was supposed to prevent. And it all started with an effort to make life more difficult for criminals and their malware, with an update to its endpoint detection and response tool Falcon.
Published: 2024-07-25T00:17:06
Yes, you can be fingerprinted and tracked via Privacy Sandbox tho the risk isn't as high as feared Apple last week celebrated a slew of privacy changes coming to its Safari browser and took the time to bash rival Google for its Topics system that serves online ads based on your Chrome history.
Published: 2024-07-24T20:44:06
Concerns abound over why it has taken so long to recover compared to competitors The US Department of Transportation (DoT) is investigating Delta Air Lines over its handling of the global IT outage caused by CrowdStrike's content update.
Published: 2024-07-24T17:02:11
Not now, Microsoft Some Windows devices are presenting users with a BitLocker recovery screen upon reboot following the installation of July's Patch Tuesday update.
Published: 2024-07-24T15:02:00
With numerous US government agency customers, any leak could be serious Updated Internal documents stolen from Leidos Holdings, an IT services provider contracted with the Department of Defense and other US government agencies, have been leaked on the dark web.
Published: 2024-07-24T13:31:08
Watchdog reprimand follows similar cases in 2021 The UK's data protection watchdog has reprimanded a school in Essex for using facial recognition for canteen payments, nearly three years after other schools were warned about doing the same.
Published: 2024-07-24T08:32:09
Web puzzles don't protect against bots, but humans have spent 819 million unpaid hours solving them Updated Google promotes its reCAPTCHA service as a security mechanism for websites, but researchers affiliated with the University of California, Irvine, argue it's harvesting information while extracting human labor worth billions.
Published: 2024-07-24T06:33:11
Something called 'Content Validator' did not validate the content, and the rest is history CrowdStrike has blamed a bug in its own test software for the mass-crash-event it caused last week.
Published: 2024-07-24T05:17:01
If it can happen to folks that run social engineering defence training, what hope for the rest of us? Cybersecurity awareness and training provider KnowBe4 hired a North Korean fake IT worker for a software engineering role on its AI team, and only realized its mistake once the guy started using his company-provided computer for evil.
Published: 2024-07-24T04:57:14
President apologizes in advance for job losses The Philippines has decided to dismantle the worst of its offshored industries: the bits that run gambling and scam operations.
Published: 2024-07-24T00:30:15
Maybe next time some staged rollouts? A bit of QA too? Analysis Last week, at 0409 UTC on July 19, 2024, antivirus maker CrowdStrike released an update to its widely used Falcon platform that caused Microsoft Windows machines around the world to crash.
Published: 2024-07-23T20:52:12
How could this happen to us? We were supposed to be two versions behind? If administrators have learned anything from the CrowdStrike chaos, it's to understand exactly what delayed updates mean or don't mean in the anti-malware world.
Published: 2024-07-23T17:27:09
Join Intel, DETASAD, Juniper Networks, and Arqit to hear essential strategies in this webinar on July 30th Webinar Artificial Intelligence (AI) is revolutionizing industries worldwide, but with great power comes great responsibility.
Published: 2024-07-23T17:07:02
Latest trend follows various malware campaigns that began just hours after IT calamity Thousands of typosquatting domains are now registered to exploit the desperation of IT admins still struggling to recover from last week's CrowdStrike outage, researchers say.
Published: 2024-07-23T15:15:12
Cybersecurity outfit to go its own way to IPO and $1B ARR On the day of Alphabet's Q2 earnings call, cybersecurity firm Wiz has walked from a $23 billion takeover bid by Google's parent company.
Published: 2024-07-23T14:32:12
Gain insight by joining this AI security webinar on July 31 Webinar As artificial intelligence (AI) continues to transform industries in the Middle East, protecting systems from cyber threats is critical.
Published: 2024-07-23T08:17:10
Ad giant promises to protect privacy, as critics say surveillance continues Google no longer intends to drop support for third-party cookies the online identifiers used by the ad industry to track people and target them with ads based on their online activities.
Published: 2024-07-23T00:03:53
One arrest was made weeks ago but no word on the suspect's identity yet A DDoS-for-hire site described by the UK's National Crime Agency (NCA) as the world's most prolific operator in the field is out-of-action following a law enforcement sting dubbed Operation Power Off.
Published: 2024-07-22T20:15:07
Some rest for the wicked? Los Angeles County Superior Court, the largest trial court in America, closed all 36 of its courthouses today following an "unprecedented" ransomware attack on Friday.
Published: 2024-07-22T17:15:13
More baddies go it alone as trust in big gangs withers, claims Europol A fresh report from Europol suggests that the recent disruption of ransomware-as-a-service (RaaS) groups is fragmenting the threat landscape, making it more difficult to track.
Published: 2024-07-22T16:33:13
Big Red agrees not to capture personal details after two-year class action Oracle has agreed to cough up $115 million to settle a two-year class action lawsuit that alleged misuse of user data.
Published: 2024-07-22T13:45:11
Was a 2009 agreement on interoperability to blame? Did the EU force Microsoft to let third parties like CrowdStrike run riot in the Windows kernel as a result of a 2009 undertaking? This is the implication being peddled by the Redmond-based cloud and software titan.
Published: 2024-07-22T13:00:11
Supposed hacktivist efforts previously linked to the Kremlin's GRU Flying under the radar on Clownstrike day last week, two members of the Cyber Army of Russia Reborn (CARR) hacktivist crew are the latest additions to the US sanctions list.
Published: 2024-07-22T12:02:03
Also: Second-string Russian hackers sanctioned; Senators demand answers from Snowflake, and more Infosec in brief Unable to access the Samsung smartphone of the deceased Trump shooter for clues, the FBI turned to a familiar if controversial source to achieve its goal: digital forensics tools vendor Cellebrite.
Published: 2024-07-22T03:44:10
Rapid restore tool being tested as Microsoft estimates 8.5M machines went down Updated CrowdStrike's now-infamous Falcon Sensor software, which last week led to widespread outages of Windows-powered computers, has also been linked to crashes of Linux machines.
Published: 2024-07-21T23:51:18
17-year-old cuffed as FBI says it will 'relentlessly pursue' miscreants around the globe Cops in the UK have arrested a suspected member of the notorious Scattered Spider crime gang, which is accused of crippling MGM Resorts in Las Vegas with ransomware last summer.
Published: 2024-07-19T21:51:06
Our vultures gather to review this very freaky Friday Kettle If you're an IT administrator with Windows boxes on your network, Friday can't have been a lot of fun. What's likely millions of systems were or still are stuck in blue-screen boot loop hell, mostly requiring manual intervention to fix.
Published: 2024-07-19T17:54:07
Falcon Sensor putting hosts into deathloop - but there's a workaround Updated An update to a product from infosec vendor CrowdStrike is bricking computers running Windows globally.
Published: 2024-07-19T06:46:32
Firm halts trades after seeing $230 million disappear Indian crypto exchange WazirX has revealed it lost virtual assets valued at over $230 million after a cyber attack that has since been linked to North Korea.
Published: 2024-07-19T05:59:07
Run by the NSA, the FBI, and Five Eyes nations, who fooled infosec researchers, apparently China has wildly claimed the Volt Typhoon gang, which Five Eyes nations accuse of being a Beijing-backed attacker that targets critical infrastructure, was in fact made up by the US intelligence community.
Published: 2024-07-19T05:09:48
Russia-invaded software biz 'grateful for the support we have received' A judge has mostly thrown out a lawsuit brought by America's financial watchdog that accused SolarWinds and its chief infosec officer of misleading investors about its computer security practices and the backdooring of its Orion product.
Published: 2024-07-18T21:06:49
Stick an independent probe in our software, you won't find any Putin.DLL backdoor Kaspersky has hit back after the US government banned its products by proposing an independent verification that its software is above board and not backdoored by the Kremlin.
Published: 2024-07-18T16:29:05
Major vendors' products scuppered by novel techniques Prolific Russian cybercrime syndicate FIN7 is using various pseudonyms to sell its custom security solution-disabling malware to different ransomware gangs.
Published: 2024-07-18T13:40:24
You re going to want to patch this one Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins.
Published: 2024-07-18T10:37:09
Complicated, costly, time-consuming pick three Updated Cybersecurity workers review major updates to software applications only 54 percent of the time, according to a poll of tech managers.
Published: 2024-07-18T07:28:07
Nothing else can detect attackers with implants designed to foil physical security Sniffer dogs may soon become a useful means of improving physical security in datacenters, as increasing numbers of people are adopting implants like NFC chips that have the potential to enable novel attacks on access control tools.
Published: 2024-07-18T00:54:10
Unconfirmed reports suggest 30 percent reduction in headcount Exabeam and LogRhythm a pair of cyber security firms finalized their merger on Wednesday, an occasion The Register understands was marked by swift job cuts and shareholder action to investigate the transaction.
Published: 2024-07-17T23:27:13
So long, farewell, do svidaniya, goodbye Updated Embattled Russian infosec shop Kaspersky is giving US customers six months of security updates for free as a parting gift as Uncle Sam kicks the antivirus maker out of the American market.
Published: 2024-07-17T18:20:07
KnowBe4 detailed the incident in a recent blog post as a warning for other potential targets.
Published: 2024-07-26T12:00:00
The European Commission is allocating 7.3 billion for defense research over the next seven years. From drones and tanks of the future to battleships and space intelligence, here's what it funds.
Published: 2024-07-26T10:30:00
A controversial new surveillance system in Paris foreshadows a future where there are too many CCTV cameras for humans to physically watch.
Published: 2024-07-25T11:25:54
Cybersecurity researchers have spotted a 3,000-account network on GitHub that is manipulating the platform and spreading ransomware and info stealers.
Published: 2024-07-24T11:00:00
A former Google engineer has built a search engine, webXray, that aims to find illicit online data collection and tracking with the goal of becoming “the Henry Ford of tech lawsuits.”
Published: 2024-07-24T10:30:00
The code, the first of its kind, was used to sabotage a heating utility in Lviv at the coldest point in the year what appears to be yet another innovation in Russia’s torment of Ukrainian civilians.
Published: 2024-07-23T09:00:00
The DOD wants to refurbish ICBM silos that give it the ability to end civilization. But these missiles are useless as weapons, and their other main purpose attracting an enemy’s nuclear strikes serves no end.
Published: 2024-07-22T10:30:00
Plus: The FBI unlocks the Trump shooter’s phone, a security researcher gets legal threats for exposing hackable traffic lights, and more.
Published: 2024-07-20T10:30:00
Swindlers are spinning up bogus websites in an attempt to dupe people with “CrowdStrike support” scams following the security firm's catastrophic software update.
Published: 2024-07-19T22:19:42
A defective CrowdStrike update sent computers around the globe into a reboot death spiral, taking down air travel, hospitals, banks, and more with it. Here’s how that’s possible.
Published: 2024-07-19T14:46:19
A software update from cybersecurity company CrowdStrike appears to have inadvertently disrupted IT systems globally.
Published: 2024-07-19T08:40:01
The Republican VP nominee's Venmo network reveals connections ranging from the architects of Project 2025 to enemies of Donald Trump and the populist's close ties to the very elites he rails against.
Published: 2024-07-18T17:02:36
US prosecutors have charged Michail Chkhikvishvili, also known as “Commander Butcher,” with a litany of crimes, including alleged attempts to poison Jewish children in NYC.
Published: 2024-07-17T22:02:50
After the Supreme Court limited the power of federal agencies to craft regulations, it’s likely up to Congress to keep US cybersecurity policy intact.
Published: 2024-07-17T10:00:00
A hacker group called “NullBulge” says it stole more than a terabyte of Disney’s internal Slack messages and files from nearly 10,000 channels in an apparent protest over AI-generated art.
Published: 2024-07-15T21:10:24
Senator Mark Warner is trying to pass new limits on when the government can wiretap Americans. At least two senators are quietly trying to stop him.
Published: 2024-07-15T17:48:33
A security researcher who assisted with the deal says he believes the only copy of the complete dataset of call and text records of “nearly all” AT&T customers has been wiped but some risks may remain.
Published: 2024-07-14T17:57:27
Plus: The Heritage Foundation gets hacked over Project 2025, a car dealership software provider seems to have paid $25 million to a ransomware gang, and authorities disrupt a Russian bot farm.
Published: 2024-07-13T10:30:00
Telecom giant AT&T says a major data breach has exposed the call and text records of “nearly all” of its customers, epitomizing the dire state of data security.
Published: 2024-07-12T17:44:16
A new resolution echoes what 16 members of Congress have already said to the White House: It must do more to free one of the most storied crypto-focused federal agents in history.
Published: 2024-07-11T19:58:01
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024. "The malware uses a
Published: 2024-07-27T11:17:00
A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level. Singaporean cybersecurity company Group-IB, which has been tracking the e-crime actor since January 2023, described the crimeware solution as a "sophisticated AI-powered phishing-as-a-service platform"
Published: 2024-07-26T18:47:00
"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, which read "I'm the Creeper: catch me if you can." was the output of a program named
Published: 2024-07-26T16:30:00
The U.S. Department of Justice (DoJ) on Thursday unsealed an indictment against a North Korean military intelligence operative for allegedly carrying out ransomware attacks against healthcare facilities in the country and funneling the payments to orchestrate additional intrusions into defense, technology, and government entities across the world. "Rim Jong Hyok and his co-conspirators deployed
Published: 2024-07-26T14:25:00
Cybersecurity researchers are sounding the alarm over an ongoing campaign that's leveraging internet-exposed Selenium Grid services for illicit cryptocurrency mining. Cloud security firm Wiz is tracking the activity under the name SeleniumGreed. The campaign, which is targeting older versions of Selenium (3.141.59 and prior), is believed to be underway since at least April 2023. "Unbeknownst to
Published: 2024-07-26T11:49:00
CrowdStrike is alerting about an unfamiliar threat actor attempting to capitalize on the Falcon Sensor update fiasco to distribute dubious installers targeting German customers as part of a highly targeted campaign. The cybersecurity company said it identified what it described as an unattributed spear-phishing attempt on July 24, 2024, distributing an inauthentic CrowdStrike Crash Reporter
Published: 2024-07-26T11:22:00
Progress Software is urging users to update their Telerik Report Server instances following the discovery of a critical security flaw that could result in remote code execution. The vulnerability, tracked as CVE-2024-6327 (CVSS score: 9.9), impacts Report Server version 2024 Q2 (10.1.24.514) and earlier. "In Progress Telerik Report Server versions prior to 2024 Q2 (10.1.24.709), a remote code
Published: 2024-07-26T09:40:00
A North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is tracking the activity cluster under a new moniker APT45, which overlaps with names such as Andariel, Nickel Hyatt,
Published: 2024-07-25T19:38:00
Application security testing is a critical component of modern software development, ensuring that applications are robust and resilient against malicious attacks. As cyber threats continue to evolve in complexity and frequency, the need to integrate comprehensive security measures throughout the SDLC has never been more essential. Traditional pentesting provides a crucial snapshot of an
Published: 2024-07-25T16:50:00
Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said. "They targeted primarily adult men in the U.S. and used fake accounts to mask
Published: 2024-07-25T15:46:00
The browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed. Modern cybersecurity requires a new approach based on the protection of the browser itself, which offers both
Published: 2024-07-25T15:28:00
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the name ConfusedFunction. "An attacker could escalate their privileges to the Default Cloud Build Service Account and
Published: 2024-07-25T13:59:00
Docker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score of 10.0, indicating maximum severity. "An attacker could exploit a bypass using an API request with Content-Length set
Published: 2024-07-25T11:17:00
The Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. "A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition," the U.S. Cybersecurity and
Published: 2024-07-25T11:00:00
Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informed decisions," Jasika Bawa, Lily Chen, and Daniel Rubery from the Chrome Security team said. To that
Published: 2024-07-25T10:51:00
Security questionnaires aren’t just an inconvenience they’re a recurring problem for security and sales teams. They bleed time from organizations, filling the schedules of professionals with monotonous, automatable work. But what if there were a way to reduce or even altogether eliminate security questionnaires? The root problem isn’t a lack of great questionnaire products it’s the
Published: 2024-07-24T17:31:00
A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11. "
Published: 2024-07-24T17:29:00
There is one simple driver behind the modern explosion in SaaS adoption: productivity. We have reached an era where purpose-built tools exist for almost every aspect of modern business and it’s incredibly easy (and tempting) for your workforce to adopt these tools without going through the formal IT approval and procurement process. But this trend has also increased the attack surface and with
Published: 2024-07-24T15:31:00
The threat actor known as Patchwork has been linked to a cyber attack targeting entities with ties to Bhutan to deliver the Brute Ratel C4 framework and an updated version of a backdoor called PGoShell. The development marks the first time the adversary has been observed using the red teaming software, the Knownsec 404 Team said in an analysis published last week. The activity cluster, also
Published: 2024-07-24T15:13:00
Cybersecurity firm CrowdStrike on Wednesday blamed an issue in its validation system for causing millions of Windows devices to crash as part of a widespread outage late last week. "On Friday, July 19, 2024 at 04:09 UTC, as part of regular operations, CrowdStrike released a content configuration update for the Windows sensor to gather telemetry on possible novel threat techniques," the company
Published: 2024-07-24T14:02:00
A now-patched security flaw in the Microsoft Defender SmartScreen has been exploited as part of a new campaign designed to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs said it detected the stealer campaign targeting Spain, Thailand, and the U.S. using booby-trapped files that exploit CVE-2024-21412 (CVSS score: 8.1). The high-severity
Published: 2024-07-24T11:45:00
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerabilities are listed below - CVE-2012-4792 (CVSS score: 9.3) - Microsoft Internet Explorer Use-After-Free Vulnerability CVE-2024-39891 (CVSS score: 5.3) - Twilio Authy Information Disclosure
Published: 2024-07-24T11:26:00
Organizations in Taiwan and a U.S. non-governmental organization (NGO) based in China have been targeted by a Beijing-affiliated state-sponsored hacking group called Daggerfly using an upgraded set of malware tools. The campaign is a sign that the group "also engages in internal espionage," Symantec's Threat Hunter Team, part of Broadcom, said in a new report published today. "In the attack on
Published: 2024-07-23T17:58:00
Cybersecurity researchers have discovered what they say is the ninth Industrial Control Systems (ICS)-focused malware that has been used in a disruptive cyber attack targeting an energy company in the Ukrainian city of Lviv earlier this January. Industrial cybersecurity firm Dragos has dubbed the malware FrostyGoop, describing it as the first malware strain to directly use Modbus TCP
Published: 2024-07-23T16:24:00
The initial onboarding stage is a crucial step for both employees and employers. However, this process often involves the practice of sharing temporary first-day passwords, which can expose organizations to security risks. Traditionally, IT departments have been cornered into either sharing passwords in plain text via email or SMS, or arranging in-person meetings to verbally communicate these
Published: 2024-07-23T15:43:00
Threat actors have been observed using swap files in compromised websites to conceal a persistent credit card skimmer and harvest payment information. The sneaky technique, observed by Sucuri on a Magento e-commerce site's checkout page, allowed the malware to survive multiple cleanup attempts, the company said. The skimmer is designed to capture all the data into the credit card form on the
Published: 2024-07-23T15:42:00
Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation (CPC) Network has notified the social media giant that the model adopted for Facebook and Instagram might potentially violate
Published: 2024-07-23T15:07:00
The Computer Emergency Response Team of Ukraine (CERT-UA) has alerted of a spear-phishing campaign that targeted a scientific research institution in the country with malware known as HATVIBE and CHERRYSPY. The agency attributed the attack to a threat actor it tracks under the name UAC-0063, which was previously observed targeting various government entities to gather sensitive information using
Published: 2024-07-23T14:33:00
Google on Monday abandoned plans to phase out third-party tracking cookies in its Chrome web browser more than four years after it introduced the option as part of a larger set of a controversial proposal called the Privacy Sandbox. "Instead of deprecating third-party cookies, we would introduce a new experience in Chrome that lets people make an informed choice that applies across their web
Published: 2024-07-23T09:58:00
The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" that runs the whole cybercrime supply chain spectrum to spearhead its operations. Infoblox is tracking the proprietor
Published: 2024-07-22T18:35:00
A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use," Google
Published: 2024-07-22T17:56:00
The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already
Published: 2024-07-22T16:55:00
As a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended
Published: 2024-07-22T16:11:00
The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source "volunteer computing" platform maintained by the University of California with an aim to carry out "large-scale
Published: 2024-07-22T12:15:00
Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMware ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations," Trend Micro researchers said in a
Published: 2024-07-22T09:26:00
Cybersecurity firm CrowdStrike, which is facing the heat for causing worldwide IT disruptions by pushing out a flawed update to Windows devices, is now warning that threat actors are exploiting the situation to distribute Remcos RAT to its customers in Latin America under the guise of providing a hotfix. The attack chains involve distributing a ZIP archive file named "crowdstrike-hotfix.zip,"
Published: 2024-07-20T21:31:00
Law enforcement officials in the U.K. have arrested a 17-year-old boy from Walsall who is suspected to be a member of the notorious Scattered Spider cybercrime syndicate. The arrest was made "in connection with a global cyber online crime group which has been targeting large organizations with ransomware and gaining access to computer networks," West Midlands police said. "The arrest is part of
Published: 2024-07-20T09:58:00
Businesses across the world have been hit by widespread disruptions to their Windows workstations stemming from a faulty update pushed out by cybersecurity company CrowdStrike. "CrowdStrike is actively working with customers impacted by a defect found in a single content update for Windows hosts," the company's CEO George Kurtz said in a statement. "Mac and Linux hosts are not impacted. This is
Published: 2024-07-19T18:08:00
Two Russian nationals have pleaded guilty in a U.S. court for their participation as affiliates in the LockBit ransomware scheme and helping facilitate ransomware attacks across the world. The defendants include Ruslan Magomedovich Astamirov, 21, of Chechen Republic, and Mikhail Vasiliev, 34, a dual Canadian and Russian national of Bradford, Ontario. Astamirov was arrested in Arizona by U.S. law
Published: 2024-07-19T18:00:00
Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. In the current cyber threat landscape, the protection of personal and corporate identities has become vital.
Published: 2024-07-19T16:30:00
A suspected pro-Houthi threat group targeted at least three humanitarian organizations in Yemen with Android spyware designed to harvest sensitive information. These attacks, attributed to an activity cluster codenamed OilAlpha, entail a new set of malicious mobile apps that come with their own supporting infrastructure, Recorded Future's Insikt Group said. Targets of the ongoing campaign
Published: 2024-07-19T14:59:00
Several organizations operating within global shipping and logistics, media and entertainment, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. have become the target of a "sustained campaign" by the prolific China-based APT41 hacking group. "APT41 successfully infiltrated and maintained prolonged, unauthorized access to numerous victims' networks since
Published: 2024-07-19T12:54:00
Event Overview The "AI Leaders Spill Their Secrets" webinar, hosted by Sigma Computing, featured prominent AI experts sharing their experiences and strategies for success in the AI industry. The panel included Michael Ward from Sardine, Damon Bryan from Hyperfinity, and Stephen Hillian from Astronomer, moderated by Zalak Trivedi, Sigma Computing's Product Manager. Key Speakers and Their
Published: 2024-07-19T12:50:00
SolarWinds has addressed a set of critical security flaws impacting its Access Rights Manager (ARM) software that could be exploited to access sensitive information or execute arbitrary code. Of the 13 vulnerabilities, eight are rated Critical in severity and carry a CVSS score of 9.6 out of 10.0. The remaining five weaknesses have been rated High in severity, with four of them having a CVSS
Published: 2024-07-19T12:43:00
Indian cryptocurrency exchange WazirX has confirmed that it was the target of a security breach that led to the theft of $230 million in cryptocurrency assets. "A cyber attack occurred in one of our [multi-signature] wallets involving a loss of funds exceeding $230 million," the company said in a statement. "This wallet was operated utilizing the services of Liminal's digital asset custody and
Published: 2024-07-19T09:37:00
Cybersecurity researchers have shed light on an adware module that purports to block ads and malicious websites, while stealthily offloading a kernel driver component that grants attackers the ability to run arbitrary code with elevated permissions on Windows hosts. The malware, dubbed HotPage, gets its name from the eponymous installer ("HotPage.exe"), according to new findings from ESET, which
Published: 2024-07-18T18:56:00
Let's face it: AppSec and developers often feel like they're on opposing teams. You're battling endless vulnerabilities while they just want to ship code. Sound familiar? It's a common challenge, but there is a solution. Ever wish they proactively cared about security? The answer lies in a proven, but often overlooked, strategy: Security Champion Programs a way to turn developers from
Published: 2024-07-18T17:15:00
As the travel industry rebounds post-pandemic, it is increasingly targeted by automated threats, with the sector experiencing nearly 21% of all bot attack requests last year. That’s according to research from Imperva, a Thales company. In their 2024 Bad Bot Report, Imperva finds that bad bots accounted for 44.5% of the industry’s web traffic in 2023 a significant jump from 37.4% in 2022.
Published: 2024-07-18T16:30:00
Cybersecurity researchers have uncovered security shortcomings in SAP AI Core cloud-based platform for creating and deploying predictive artificial intelligence (AI) workflows that could be exploited to get hold of access tokens and customer data. The five vulnerabilities have been collectively dubbed SAPwned by cloud security firm Wiz. "The vulnerabilities we found could have allowed attackers
Published: 2024-07-18T15:03:00
Unknown threat actors have been observed leveraging open-source tools as part of a suspected cyber espionage campaign targeting global government and private sector organizations. Recorded Future's Insikt Group is tracking the activity under the temporary moniker TAG-100, noting that the adversary likely compromised organizations in at least ten countries across Africa, Asia, North America,
Published: 2024-07-18T14:40:00
Google addressed a Chrome’s Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily. An 18-hour outage impacted Google Chrome’s Password Manager on Wednesday, impacting users who rely on the tool to store and […]
Published: 2024-07-26T21:58:18
The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released security updates for BIND that address DoS vulnerabilities that could be remotely exploited. An attacker can exploit these vulnerabilities to disrupt DNS services. ISC addressed four high-severity vulnerabilities […]
Published: 2024-07-26T11:07:21
Terrorist groups are increasingly using cyberspace and digital communication channels to plan and execute attacks. Yesterday Federal Bureau of Investigation (FBI) Director Christopher Wray expressed growing concerns over the potential for a coordinated foreign terrorist attack in the United States. During his testimony to the House Oversight Committee, Mr. Wray cited the ISIS-K attack on […]
Published: 2024-07-26T06:54:06
Progress Software addressed a critical remote code execution vulnerability, tracked as CVE-2024-6327, in the Telerik Report Server. Telerik Report Server is a web-based application designed for creating, managing, and delivering reports in various formats. It provides tools for report design, scheduling, and secure delivery, allowing organizations to centralize their reporting processes. Progress Software addressed a critical […]
Published: 2024-07-25T20:27:05
A critical flaw in some versions of Docker Engine can be exploited to bypass authorization plugins (AuthZ) under specific circumstances. A vulnerability, tracked as CVE-2024-41110 (CVSS score of 10.0), in certain versions of Docker Engine can allow an attacker to bypass authorization plugins (AuthZ) under specific circumstances. “An attacker could exploit a bypass using an API request with […]
Published: 2024-07-25T14:54:06
The CVE-2024-21412 flaw in the Microsoft Defender SmartScreen has been exploited to deliver information stealers such as ACR Stealer, Lumma, and Meduza. Fortinet FortiGuard Labs researchers observed a malware campaign exploiting the vulnerability CVE-2024-21412 (CVSS score: 8.1) to spread information stealer, such as ACR Stealer, Lumma, and Meduza. The CVE-2024-21412 is an Internet Shortcut Files Security Feature Bypass Vulnerability. The flaw […]
Published: 2024-07-25T10:20:55
A cyber attack against Michigan Medicine resulted in the compromise of the personal and health information of approximately 57,000 patients. The academic medical center of the University of Michigan, Michigan Medicine, suffered a data breach that impacted 56953 patients. The security incident exposed the personal and health information of the patients. Michigan Medicine notified patients […]
Published: 2024-07-25T00:34:58
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Below are the descriptions of the flaws added to the KEV catalog: CVE-2012-4792 (CVSS score of […]
Published: 2024-07-24T20:49:37
China-linked APT group Daggerfly (aka Evasive Panda, Bronze Highland) Evasive Panda has been spotted using an updated version of the macOS backdoor Macma. The China-linked APT group Daggerfly (aka Evasive Panda or Bronze Highland) has significantly updated its malware arsenal, adding a new malware family based on the MgBot framework and an updated Macma macOS backdoor. […]
Published: 2024-07-24T10:09:37
In April 2024, Dragos researchers spotted the malware FrostyGoop that interacts with Industrial Control Systems (ICS) using the Modbus protocol. In April 2024, Dragos researchers discovered a new ICS malware named FrostyGoop that interacts with Industrial Control Systems using the Modbus protocol. FrostyGoop is the ninth ICS malware that was discovered an that a nation-state […]
Published: 2024-07-23T21:47:45
Network Of 3,000 GitHub Accounts Used For Malware Distribution
KnowBe4 Hires Fake North Korean IT Worker, Catches New Employee Planting Malware
Hackers Bypass Windows SmartScreen Flaw To Launch Malware
HHS Audit Finds Serious Gaps In Cloud Security At Agency Office
Physicists Just Created An Element Using A Particle Beam
Spain Arrested Three In Pro-Russian DDoS Crew Takedown
Chrome 127 Patches 24 Vulnerabilities
CrowdStrike Explains Why Bad Update Was Not Properly Tested
How Russian Malware Cut Heat To 600 Heat To Ukrainian Buildings In Deep Winter
School Gets An F For Using Facial Recognition On Kids In Canteen
Why CrowdStrike-Style Chaos Is Here To Stay
VMware ESXi Servers Targeted By New Linux Ransomware Variant
Telegram Zero-Day Enabled Malware Delivery
Ransomware Attack Shuts Down Three Dozen Los Angeles Courts
Google Won't Kill Third Party Cookies After All
Global Cops Power Down World's Most Prolific DDoS Dealership
Delta Cancels Another 600 Flights On Monday In Wake Of Cyber Outage
CrowdStrike's Falcon Sensor Also Linked To Linux Kernel Panics
Two Russians Sanctioned Over Cyberattacks On US Critical Infrastructure
Suspected Scattered Spider Suspect Arrested In UK
Judge Mostly Tosses SEC Lawsuit Against SolarWinds
North Korea May Have Hacked Crypto Exchange WazirX
SAP AI Core Flaws Show Risks Of Training AI In Shared Environments
Seems Like CrowdStrike Caused A Global BSOD?
MarineMax Notifying 123,000 Of Data Breach
IAM for MSPs Provider Evo Security Raises $6 MillionIndustry Moves for the week of July 22, 2024 - SecurityWeek
Progress Patches Critical Telerik Report Server Vulnerability
Threat Actors Exploit Fresh ServiceNow Vulnerabilities in Attacks
In Other News: FBI Cyber Action Team, Pentagon IT Firm Leak, Nigerian Gets 12 Years in Prison
US Offers $10 Million Reward for Information on North Korean Hacker
PKfail Vulnerability Allows Secure Boot Bypass on Hundreds of Computer Models
97% of Devices Disrupted by CrowdStrike Restored as Insurer Estimates Billions in Losses
North Korean Charged in Cyberattacks on US Hospitals, NASA and Military Bases
Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads
BIND Updates Resolve High-Severity DoS Vulnerabilities
Statement from CISA Director Easterly on Leadership Changes at CISA
CISA Announces Key Leadership Appointments in Cybersecurity and Stakeholder Engagement
CISA Releases Playbook for Infrastructure Resilience Planning
CISA Releases Guide to Operational Security for Election Officials
CISA Releases the Marine Transportation System Resilience Assessment Guide
CISA and Fauquier County Hold K-12 Active Shooter Exercise
CISA Releases Guide to Enhance Election Security Through Public Communications
CISA, JCDC, Government and Industry Partners Conduct AI Tabletop Exercise
Readout from CISA’s 2024 Second Quarter Cybersecurity Advisory Committee Meeting
CISA Hosts First Annual Information and Communications Technology Supply Chain Risk Management Task Force Conference
NCSWIC’s Planning, Training, and Exercise Committee releases “Set Your PACE Plan” Flyer
SAFECOM and NCSWIC Publish Fall 2023 Joint SAFECOM-NCSWIC Bi-Annual Meeting Executive Summaries
NCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource Guide
Continued Progress Towards a Secure Open Source Ecosystem
Looking Ahead to Better Prepare Today
Why SMBs Don’t Deploy Single Sign On (SSO)
CISA, SAFECOM and NCSWIC Publish SAFECOM Guidance on Emergency Communications Grants
CISA Releases the FY 2024 Rural Emergency Medical Communications Demonstration Project (REMCDP) Notice of Funding Opportunity
National Internet Safety Month: This June, Take 4 Easy Steps to Stay Safe Online
NCSWIC releases the NCSWIC Video Series
Positron Broadcast Signal Processor
FBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage Activity
Siemens SICAM Products
North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
CISA Releases Two Industrial Control Systems Advisories
ISC Releases Security Advisories for BIND 9
Hitachi Energy AFS/AFR Series Products
CISA Adds Two Known Exploited Vulnerabilities to Catalog
National Instruments LabVIEW
National Instruments IO Trace
[local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
[webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
[webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
[webapps] Microweber 2.0.15 - Stored XSS
[webapps] Customer Support System 1.0 - Stored XSS
[webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
[webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
[webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
[webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
[webapps] Boelter Blue System Management 1.3 - SQL Injection
[webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
[webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
[webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Unauthenticated Remote Code Execution (RCE)
[webapps] XMB 1.9.12.06 - Stored XSS
[webapps] Carbon Forum 5.9.0 - Stored XSS
[webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
[webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
[webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
[webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
[webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
[webapps] Dotclear 2.29 - Remote Code Execution (RCE)
[webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
[webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
[webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
[webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)
[webapps] Check Point Security Gateway - Information Disclosure (Unauthenticated)
[webapps] Aquatronica Control System 5.1.6 - Information Disclosure
[webapps] changedetection < 0.45.20 - Remote Code Execution (RCE)
[webapps] ElkArte Forum 1.1.9 - Remote Code Execution (RCE) (Authenticated)
[webapps] iMLog < 1.307 - Persistent Cross Site Scripting (XSS)
[webapps] BWL Advanced FAQ Manager 2.0.3 - Authenticated SQL Injection
[webapps] htmlLawed 1.2.5 - Remote Code Execution (RCE)
[webapps] PopojiCMS 2.0.1 - Remote Command Execution (RCE)
[webapps] Backdrop CMS 1.27.1 - Authenticated Remote Command Execution (RCE)
[webapps] Apache OFBiz 18.12.12 - Directory Traversal
[webapps] Wordpress Theme XStore 9.3.8 - SQLi
[webapps] Rocket LMS 1.9 - Persistent Cross Site Scripting (XSS)
[webapps] Prison Management System - SQL Injection Authentication Bypass
[webapps] PyroCMS v3.0.1 - Stored XSS
[webapps] CE Phoenix Version 1.0.8.20 - Stored XSS
[webapps] Leafpub 1.1.9 - Stored Cross-Site Scripting (XSS)
[webapps] Chyrp 2.5.2 - Stored Cross-Site Scripting (XSS)
[remote] CrushFTP < 11.1.0 - Directory Traversal
[local] Plantronics Hub 3.25.1 - Arbitrary File Read
[webapps] Apache mod_proxy_cluster - Stored XSS
[webapps] iboss Secure Web Gateway - Stored Cross-Site Scripting (XSS)
[webapps] Clinic Queuing System 1.0 - RCE
[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Device Config Disclosure
[webapps] Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass
CyberDanube Security Research 20240722-0 | Multiple Vulnerabilities in Perten/PerkinElmer ProcessPlus
[KIS-2024-06] XenForo <= 2.2.15 (Template System) Remote Code Execution Vulnerability
[KIS-2024-05] XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability
CVE-2024-33326
CVE-2024-33327
CVE-2024-33328
CVE-2024-33329
CyberDanube Security Research 20240703-0 | Authenticated Command Injection in Helmholz Industrial Router REX100
SEC Consult SA-20240627-0 :: Local Privilege Escalation via MSI installer in SoftMaker Office / FreeOffice
SEC Consult SA-20240626-0 :: Multiple Vulnerabilities in Siemens Power Automation Products
Novel DoS Vulnerability Affecting WebRTC Media Servers
APPLE-SA-06-25-2024-1 AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8
40 vulnerabilities in Toshiba Multi-Function Printers
17 vulnerabilities in Sharp Multi-Function Printers
SEC Consult SA-20240624-0 :: Multiple Vulnerabilities allowing complete bypass in Faronics WINSelect (Standard + Enterprise)
Re: GStreamer Security Advisory 2024-0003: Orc compiler stack-based buffer overflow
Re: GStreamer Security Advisory 2024-0003: Orc compiler stack-based buffer overflow
GStreamer Security Advisory 2024-0003: Orc compiler stack-based buffer overflow
CVE-2024-25090: Apache Roller: Insufficient input validation for some user profile and bookmark fields when Roller in untested-users mode
[ANNOUNCE] Apache Traffic Server is vulnerable to request smuggling and DoS
Re: [SECURITY ADVISORY] curl: CVE-2024-6197: freeing stack buffer in utf8asn1str
inux kernel: virtio-net host dos
CVE-2023-48362: Apache Drill: XXE Vulnerability in XML Format Reader
[SECURITY ADVISORY] curl: CVE-2024-6874: macidn punycode buffer overread
[SECURITY ADVISORY] curl: CVE-2024-6197: freeing stack buffer in utf8asn1str
Re: linux-distros application for CentOS Project's Hyperscale SIG
CVE-2024-39676: Apache Pinot: Unauthorized endpoint exposed sensitive information
Re: linux-distros application for CentOS Project's Hyperscale SIG
CVE-2024-41178: Apache Arrow Rust Object Store: AWS WebIdentityToken exposure in log files
[OSSA-2024-002] OpenStack Nova: Incomplete file access fix and regression for QCOW2 backing files and VMDK flat descriptors (CVE-2024-40767)