New ransomware group demands Change Healthcare ransom
The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...
7.2AI Score
New ransomware group demands Change Healthcare ransom
The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...
7.2AI Score
Microsoft is addressing 149 vulnerabilities this April 2024 Patch Tuesday, which is significantly more than usual. For the second month in a row, Microsoft indicated that they weren't aware of prior public disclosure or exploitation in the wild for any of the vulnerabilities patched today....
9CVSS
10AI Score
EPSS
April’s Patch Tuesday Brings Record Number of Fixes
If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month's patch batch -- a record 147....
8.8CVSS
8AI Score
0.004EPSS
Microsoft and Adobe Patch Tuesday, April 2024 Security Update Review
Welcome to another insightful dive into Microsoft's Patch Tuesday! This month's security updates address a vast number of vulnerabilities in multiple popular products, features, and roles. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft...
8.8CVSS
9.2AI Score
0.004EPSS
10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet
A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain,....
9.8CVSS
9.3AI Score
0.975EPSS
Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access
Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in...
8.7AI Score
0.0004EPSS
Starry Addax targets human rights defenders in North Africa with new malware
Cisco Talos is disclosing a new threat actor we deemed "Starry Addax" targeting mostly human rights activists associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware. Starry Addax conducts phishing attacks tricking their targets into installing malicious...
8.1AI Score
SUBNET PowerSYSTEM Server and Substation Server
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: SUBNET Solutions Inc. Equipment: PowerSYSTEM Server, Substation Server 2021 Vulnerabilities: Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in...
8.4CVSS
8.4AI Score
0.0004EPSS
CL0P's Ransomware Rampage - Security Measures for 2024
2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to....
9.8CVSS
7.4AI Score
EPSS
April 9, 2024—KB5036950 (Security-only update)
April 9, 2024—KB5036950 (Security-only update) Reminder Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended Security...
8.1AI Score
0.001EPSS
April 9, 2024—KB5036892 (OS Builds 19044.4291 and 19045.4291)
April 9, 2024—KB5036892 (OS Builds 19044.4291 and 19045.4291) 03/12/24 IMPORTANT The following editions of Windows 10, version 21H2 will reach end of service on June 11, 2024:- Windows 10 Enterprise and Education- Windows 10 IoT Enterprise- Windows 10 Enterprise multi-sessionAfter that date, these....
8.3AI Score
0.004EPSS
April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447)
April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2 will...
8.4AI Score
0.184EPSS
April 9, 2024—KB5036922 (Security-only update)
April 9, 2024—KB5036922 (Security-only update) Reminder As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see Update that enables you.....
8.1AI Score
0.001EPSS
Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks
Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy...
9.8CVSS
7.9AI Score
0.935EPSS
Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability
This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...
8.8CVSS
7.3AI Score
0.004EPSS
Releases Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages bind9 - Internet Domain Name Server Details Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue...
7.5CVSS
8.1AI Score
0.05EPSS
An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a...
8.2CVSS
6.8AI Score
0.0004EPSS
I'd like to report Apache httpd vulnerability (CVE-2024-27316) that was recently fixed. * Advisory: https://httpd.apache.org/security/vulnerabilities_24.html Impact HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...
7.5CVSS
7AI Score
0.005EPSS
GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...
9.8CVSS
9.6AI Score
0.0004EPSS
GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...
9.8CVSS
9.8AI Score
0.0004EPSS
GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...
9.8CVSS
7.6AI Score
0.0004EPSS
CVE-2024-31224 GPT Academic: Pickle deserializing cookies may pose RCE risk
GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...
9.8CVSS
9.9AI Score
0.0004EPSS
Porn panic imperils privacy online, with Alec Muffett (re-air): Lock and Code S05E08
This week on the Lock and Code podcast… A digital form of protest could become the go-to response for the world’s largest porn website as it faces increased regulations: Not letting people access the site. In March, PornHub blocked access to visitors connecting to its website from Texas. It marked....
7.1AI Score
Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.7.1.7)
The version of AOS installed on the remote host is prior to 6.7.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.7.1.7 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE...
7.5CVSS
7.2AI Score
0.001EPSS
Exploit for Path Traversal in Apache Http Server
CVE-2021-42013 Vulnerability Scanner This Python script...
9.8CVSS
10AI Score
0.974EPSS
60% of small businesses are concerned about cybersecurity threats
According to a recent poll by the US Chamber of Commerce, 60% of small businesses are concerned about cybersecurity threats, and 58% are concerned about a supply chain breakdown. Not surprisingly, small businesses in the professional services sector feel significantly more concerned about...
7.4AI Score
Summary:: Undici already cleared Authorization and Cookie headers on cross-origin redirects, but did not clear Proxy-Authorization and x-auth-token headers. Description: Like https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3, this is a fixed security issue in v5.28.3,...
3.9CVSS
7.1AI Score
0.0004EPSS
GDBFuzz - Fuzzing Embedded Systems Using Hardware Breakpoints
This is the companion code for the paper: 'Fuzzing Embedded Systems using Debugger Interfaces'. A preprint of the paper can be found here https://publications.cispa.saarland/3950/. The code allows the users to reproduce and extend the results reported in the paper. Please cite the above paper when....
7.5AI Score
Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites
Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way.....
9.1CVSS
8.3AI Score
0.001EPSS
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...
7.3CVSS
7AI Score
0.0004EPSS
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...
7.3CVSS
7.3AI Score
0.0004EPSS
Internet Bug Bounty: CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64
There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are....
5.3CVSS
6.9AI Score
0.002EPSS
CVE-2024-31220 Sunshine vulnerable to remote unauthenticated arbitrary file read
Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...
7.3CVSS
7.5AI Score
0.0004EPSS
Exploit for Embedded Malicious Code in Tukaani Xz
Ansible Role: xz backdoor (CVE-2024-3094) (for...
7.5AI Score
Lexmark Printer RCE Vulnerability (CVE-2023-50739)
Multiple Lexmark printer devices are prone to remote code execution (RCE)...
7.6AI Score
EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
6.8AI Score
0.0004EPSS
Security Advisory 0094 PDF Date: April 5, 2024 Revision | Date | Changes ---|---|--- 1.0 | April 3, 2024 | Initial release 1.1 | April 5, 2024 | Update required configuration for exploitation and mitigation Description Arista Networks is providing this security update in response to the...
7.5CVSS
6AI Score
0.005EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 25, 2024 to March 31, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 405 vulnerabilities disclosed in 320...
10CVSS
9.7AI Score
EPSS
Jackson County hit by ransomware, declares state of emergency
On April 2, 2024, Jackson County tweeted that it had identified significant disruptions within its IT systems, "potentially attributable to a ransomware attack". Jackson County is one of 114 counties in Missouri, with a population of approximately 718,000 people, mostly in Kansas City. We have...
6.9AI Score
Fake Lawsuit Threat Exposes Privnote Phishing Sites
A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and...
6.7AI Score
CoralRaider targets victims’ data and social media accounts
Cisco Talos discovered a new threat actor we're calling "CoralRaider" that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This group focuses on stealing victims'...
6.8AI Score
Schweitzer Engineering Laboratories SEL
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL 700 series relays Vulnerability: Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability could...
6.5CVSS
7.3AI Score
0.0004EPSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite 9 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use an...
5.3CVSS
7.5AI Score
0.0004EPSS
Considerations for Operational Technology Cybersecurity
Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT...
7.6AI Score
A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask
As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his...
7.2AI Score
Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com
Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...
5.9CVSS
7.4AI Score
0.962EPSS
Internet Bug Bounty: [CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing
I've made a report https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 Impact Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service...
5.3CVSS
6.1AI Score
0.0004EPSS