DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of.....
7.5AI Score
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...
5.3CVSS
5.7AI Score
0.0005EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...
6.5CVSS
6.7AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...
5.3CVSS
5.3AI Score
0.0005EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...
6.5CVSS
6.4AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...
7.8CVSS
7.6AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...
5.5CVSS
6.5AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...
6.2CVSS
5.3AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...
7.8CVSS
7.8AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...
9.8CVSS
9.4AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...
5.4CVSS
5.4AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...
5.4CVSS
5.8AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...
9.8CVSS
9.2AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...
5.5CVSS
6.9AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...
7.8CVSS
7.2AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...
6.5CVSS
7.1AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...
5.3CVSS
7AI Score
0.0005EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...
9.8CVSS
7AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...
5.4CVSS
7AI Score
0.0004EPSS
K000138460: Multiple MySQL vulnerabilities
Security Advisory Description CVE-2024-20960 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: RAPID). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access...
6.5CVSS
6.1AI Score
0.001EPSS
CVE-2024-21866 Generation of Error Message Containing Sensitive Information in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product responds back with an error message containing sensitive data if it receives a specific malformed...
5.3CVSS
5.5AI Score
0.0005EPSS
CVE-2024-21869 Plaintext Storage of a Password in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the affected product stores plaintext credentials in various places. This may allow an attacker with local access to see...
6.2CVSS
6.3AI Score
0.0004EPSS
CVE-2024-21764 Use of Hard-Coded Credentials in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, the product uses hard-coded credentials, which may allow an attacker to connect to a specific...
9.8CVSS
9.5AI Score
0.001EPSS
CVE-2024-21794 Open Redirect in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can redirect users to malicious pages through the login...
5.4CVSS
5.7AI Score
0.0004EPSS
CVE-2024-22016 Incorrect Permission Assignment for Critical Resource in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an authorized user can write directly to the Scada directory. This may allow privilege...
7.8CVSS
7.8AI Score
0.0004EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...
8.8CVSS
8.8AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...
8.8CVSS
8.7AI Score
0.001EPSS
CVE-2024-22096 Relative Path Traversal in Rapid SCADA
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can append path traversal characters to the filename when using a specific command, allowing them to read arbitrary files from the...
6.5CVSS
6.6AI Score
0.001EPSS
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...
8.8CVSS
7.9AI Score
0.001EPSS
CVE-2024-21852 Rapid SCADA Path Traversal
In Rapid Software LLC's Rapid SCADA versions prior to Version 5.8.4, an attacker can supply a malicious configuration file by utilizing a Zip Slip vulnerability in the unpacking routine to achieve remote code...
8.8CVSS
8.9AI Score
0.001EPSS
(RHSA-2024:0484) Important: OpenShift Container Platform 4.13.31 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.13.31. See the following advisory for the RPM...
7.4AI Score
0.732EPSS
How to Implement a Secure Incident Response Plan
Understanding the Basics of Secure Incident Response Plan A proactive strategy for coping with digital dangers calls for a well-planned process that can neutralize and diminish the harmful aftermath of unauthorized intrusion attempts and neglect of security principles. The primary aim of this...
8.3AI Score
containerd environment variable leak
Impact Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If.....
6.3CVSS
6.7AI Score
0.001EPSS
containerd environment variable leak
Impact Containers launched through containerd's CRI implementation (through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service) that share the same image may receive incorrect environment variables, including values that are defined for other containers. If.....
6.3CVSS
6.2AI Score
0.001EPSS
How to Prepare for a Cyberattack
Deciphering the Cyber Invasion Terrain We exist in an era deeply entrenched in digital dependence, where cyber invasions present significant risks for companies, government establishments, and solitary users. As we hurdle deeper into the digital era, the art of cyber misdemeanors continues to...
6.9AI Score
(RHSA-2024:0485) Important: OpenShift Container Platform 4.12.48 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.48. See the following advisory for the RPM...
7AI Score
0.732EPSS
Qualys Patch Management: A Review of New Features in 2023 for Faster Elimination of Cyber Risk
The recent debut of Qualys’ Enterprise TruRisk Platform promises three key benefits: measuring, communicating, and eliminating cyber risk across the extended enterprise. Qualys Patch Management plays a pivotal role in this process towards the rapid elimination of cyber risk. Our focus during 2023.....
7.1AI Score
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October...
7.5CVSS
7.7AI Score
0.732EPSS
ICS and OT threat predictions for 2024
We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Most of the below-described trends have been observed before, many for some years. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscape....
7.2AI Score
Jenkins cli Ampersand Replacement Arbitrary File Read
This module utilizes the Jenkins cli protocol to run the help command. The cli is accessible with read-only permissions by default, which are all thats required. Jenkins cli utilizes args4j's parseArgument, which calls expandAtFiles to replace any @ with the contents of a file. We are then able to....
9.8CVSS
7.1AI Score
0.96EPSS
Learn why Forrester recognized Wiz as the top ranked in the current offering category on the market out of the top 13 providers, and how their analysis connects with the Wiz...
7.2AI Score
An Intro to Kafka and RabbitMQ: The Masters of Messaging In the realm of messaging systems, two names stand out: Kafka and RabbitMQ. These two powerhouses have become the go-to solutions for developers and organizations looking to handle high-volume, real-time data processing and messaging. But...
7.2AI Score
Deepfake Taylor Swift images circulate online, politicians call for laws to ban deepfake creation
Deepfake images of Taylor Swift have really made some serious waves. Explicit images of the popstar, generated by Artificial Intelligence (AI) were posted on social media and Telegram. The images were viewed millions of times. The impact of the deepfake was enormous. Social media platform X...
7.3AI Score
Ubuntu 20.04 LTS / 22.04 LTS / 23.10 : MySQL vulnerabilities (USN-6615-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6615-1 advisory. Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected...
6.5CVSS
6.5AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Version 7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerability Details If you run your own Java code using the IBM Java Runtime...
5.6CVSS
8AI Score
0.038EPSS
Summary IBM Virtualization Engine TS7700 is susceptible to denial of service due to the use of IBM SDK Java Technology Edition, Version 8 (CVE-2023-22081, CVE-2023-5676). The Java SDK is used by the TS7700 to provide the Management Interface, to perform cache management, and to provide Transparent....
5.9CVSS
5.9AI Score
0.001EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 5 and 7 that is used by Content Manager Enterprise Edition. This also includes a fix for the Padding Oracle On Downgraded Legacy Encryption (POODLE) SSLv3 vulnerability (CVE-2014-3566). These...
3.4CVSS
3.3AI Score
0.975EPSS
Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 1.7 that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”. ...
5.9CVSS
6.2AI Score
0.003EPSS
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 5 and 7, that is used by Content Manager Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK: Factoring....
4.5AI Score
0.698EPSS
Summary There are multiple vulnerabilities in the IBM® SDK Java™ Technology Edition that is shipped with IBM Content Management Enterprise Edition. These issues were disclosed as part of the IBM Java SDK updates in July 2017. Information about the security vulnerability affecting IBM SDK Java...
7.1AI Score