ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A, Security Vulnerabilities

AlmaLinux 9 : thunderbird (ALSA-2023:3150)

The remote AlmaLinux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:3150 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

Rocky Linux 8 : firefox (RLSA-2023:3220)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3220 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

Rocky Linux 8 : thunderbird (RLSA-2023:3221)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3221 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

AlmaLinux 9 : firefox (ALSA-2023:3143)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3143 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaThunderbird (SUSE-SU-2023:2211-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2211-1 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content....

Oracle Linux 7 : thunderbird (ELSA-2023-3151)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3151 advisory. A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. (CVE-2023-32207) ...

Oracle Linux 9 : thunderbird (ELSA-2023-3150)

The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3150 advisory. When reading a file, an uninitialized value could have been used as read limit. (CVE-2023-32213) Mozilla developers and community members Gabriele...

Oracle Linux 7 : firefox (ELSA-2023-3137)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2023-3137 advisory. A missing delay in popup notifications could have made it possible for an attacker to trick a user into granting permissions. (CVE-2023-32207) ...

Mageia: Security Advisory (MGASA-2023-0171)

The remote host is missing an update for...

Updated firefox/nss/rootcerts packages fix security vulnerability

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks (CVE-2023-32205). An out-of-bounds read could have led to a crash in the RLBox Expat driver (CVE-2023-32206). A missing delay in popup...

Microsoft Security highlights from RSA Conference 2023

The RSA Conference (RSAC) gave us an incredible opportunity to meet with security professionals from around the world, learn about exciting advances in the world of cybersecurity, and share our own security innovations. Defenders everywhere serve an important mission of protecting our world, and...

Microsoft Security highlights from RSA Conference 2023

The RSA Conference (RSAC) gave us an incredible opportunity to meet with security professionals from around the world, learn about exciting advances in the world of cybersecurity, and share our own security innovations. Defenders everywhere serve an important mission of protecting our world, and...

Debian DLA-3421-1 : thunderbird - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3421 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing...

Ubuntu 18.04 LTS / 20.04 LTS : Firefox vulnerabilities (USN-6074-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6074-1 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user...

SUSE SLES15 Security Update : MozillaFirefox (SUSE-SU-2023:2175-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2175-1 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : MozillaFirefox (SUSE-SU-2023:2173-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2173-1 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content....

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2023:2176-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2176-1 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential...

Debian DLA-3417-1 : firefox-esr - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3417 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing...

Slackware Linux 15.0 / current mozilla-thunderbird Multiple Vulnerabilities (SSA:2023-130-01)

The version of mozilla-thunderbird installed on the remote host is prior to 102.11.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-130-01 advisory. An out-of-bound read could have led to a crash in the RLBox Expat driver. (CVE-2023-32206) A missing...

Debian DSA-5400-1 : firefox-esr - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5400 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing...

Slackware Linux 15.0 / current mozilla-firefox Multiple Vulnerabilities (SSA:2023-129-01)

The version of mozilla-firefox installed on the remote host is prior to 102.11.0esr / 113.0. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2023-129-01 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These...

Mozilla Firefox Security Advisory (MFSA2023-16) - Linux

This host is missing a security update for Mozilla...

Mozilla Thunderbird < 102.11

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 102.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-18 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These...

Security Vulnerabilities fixed in Thunderbird 102.11 — Mozilla

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. An out-of-bound read could have led to a crash in the RLBox Expat driver. A missing delay in popup notifications could have made it...

Mozilla Firefox ESR < 102.11

The version of Firefox ESR installed on the remote macOS or Mac OS X host is prior to 102.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-17 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These...

Security Vulnerabilities fixed in Firefox ESR 102.11 — Mozilla

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. An out-of-bound read could have led to a crash in the RLBox Expat driver. A missing delay in popup notifications could have made it...

Mozilla Firefox ESR < 102.11

The version of Firefox ESR installed on the remote Windows host is prior to 102.11. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-17 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have...

Mozilla Firefox < 113.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 113.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-16 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could ...

Mozilla Firefox < 113.0

The version of Firefox installed on the remote Windows host is prior to 113.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2023-16 advisory. In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to...

Security Vulnerabilities fixed in Firefox 113 — Mozilla

In multiple cases browser prompts could have been obscured by popups controlled by content. These could have led to potential user confusion and spoofing attacks. An out-of-bound read could have led to a crash in the RLBox Expat driver. A missing delay in popup notifications could have made it...

Promising Jobs at the U.S. Postal Service, ‘US Job Services’ Leaks Customer Data

A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network's chief...

YARPP - Yet Another Related Posts Plugin < 5.30.3 - Subscriber+ SQLi

The plugin does not validate and escape some of its shortcode attributes before using them in SQL statement/s, which could allow any authenticated users, such as subscribers to perform SQL Injection...

charlotte-theater.com Cross Site Scripting vulnerability OBB-3266786

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The malware, dubbed Domino, is primarily designed to facilitate follow-on....

Typhon Reborn V2: Updated stealer features enhanced anti-analysis and evasion capabilities

The developer of the Typhon Reborn information stealer released version 2 (V2) in January, which included significant updates to its codebase and improved capabilities. Most notably, the new version features additional anti-analysis and anti-virtual machine (VM) capabilities to evade detection and....

Researcher Spotlight: How David Liebenberg went from never having opened Terminal to hunting international APTs

When Dave Liebenberg started his first day at Talos, he had never even opened Terminal on a Mac before -- let alone written a Snort rule or infiltrated a dark web forum. He jokes that he was a trendsetter at Talos, becoming the first of many to break into security without having any prior...

New research, tooling, and partnerships for more secure AI and machine learning

Today we’re on the verge of a monumental shift in the technology landscape that will forever change the security community. AI and machine learning may embody the most consequential technology advances of our lifetime, bringing huge opportunities to build, discover, and create a better world. Brad....

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom....

X (Formerly Twitter): Ability to getting Twitter Blue verified badge without purchase it

Summary: Hi there. In this report, I submit a bug about getting Twitter Blue verified badge without purchasing it. Steps To Reproduce: First, you should buy a Twitter Blue subscription for your account. Change the profile photo of your Twitter account 1 day before your Twitter Blue...

Hacked Ring Cams Used to Record Swatting Victims

Photo: BrandonKleinPhoto / Shutterstock.com Two U.S. men have been charged with hacking into the Ring home security cameras of a dozen random people and then "swatting" them -- falsely reporting a violent incident at the target's address to trick local police into responding with force....

Unbreakable Enterprise kernel security update

[5.15.0-5.76.5.1] - proc: proc_skip_spaces() shouldn't think it is working on C strings (Linus Torvalds) [Orabug: 34883037] {CVE-2022-4378} - proc: avoid integer type confusion in get_proc_long (Linus Torvalds) [Orabug: 34883037] {CVE-2022-4378} [5.15.0-5.76.5] - KVM: x86: Use SRCU to protect...

Ubuntu Server snap-confine must_mkdir_and_open_with_perms() Race Condition Vulnerability

Qualys discovered a race condition (CVE-2022-3328) in snap-confine, a SUID-root program installed by default on Ubuntu. In this advisory,they tell the story of this vulnerability (which was introduced in February 2022 by the patch for CVE-2021-44731) and detail how they exploited it in Ubuntu...