Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software
The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security...
6.1CVSS
5.8AI Score
0.069EPSS
Important: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487]...
7.5CVSS
7.1AI Score
0.732EPSS
go-toolset and golang security and bug fix update
An update is available for go-toolset, golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and...
7.5CVSS
6.4AI Score
0.732EPSS
go-toolset:rhel8 security update
An update is available for module.golang, go-toolset, delve, module.go-toolset, module.delve, golang. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset....
7.5CVSS
7.4AI Score
0.732EPSS
Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable...
7.5CVSS
7.1AI Score
0.732EPSS
Rocky Linux 9 : go-toolset and golang (RLSA-2023:5738)
The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5738 advisory. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of...
7.5CVSS
7.9AI Score
0.732EPSS
Rocky Linux 8 : go-toolset:rhel8 (RLSA-2023:5721)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:5721 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the...
7.5CVSS
7.7AI Score
0.732EPSS
Oracle Linux 9 : go-toolset / and / golang (ELSA-2023-5738)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5738 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the...
7.5CVSS
7.8AI Score
0.732EPSS
go-toolset:ol8 security update
delve golang [1.19.13-1] - Rebase to Go 1.19.13 [CVE-2023-39325] [CVE-2023-44487] go-toolset [1.19.13-1] - Rebase to Go 1.19.13 [CVE-2023-39325] ...
8.1AI Score
0.732EPSS
go-toolset and golang security and bug fix update
golang [1.19.13-1] - Update to go 1.19.13 [CVE-2023-44487] [CVE-2023-39325] [CVE-2023-29409] go-toolset [1.19.13-1] - Update to Go version...
8.3AI Score
0.732EPSS
Oracle Linux 8 : go-toolset:ol8 (ELSA-2023-5721)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-5721 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the...
7.5CVSS
7.8AI Score
0.732EPSS
ILSpy is the open-source .NET assembly browser and decompiler. Decompiler Frontends Aside from the WPF UI ILSpy (downloadable via Releases, see also plugins), the following other frontends are available: Visual Studio 2022 ships with decompilation support for F12 enabled by default (using our...
7AI Score
For more than six years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have...
7.7AI Score
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2023:5721)
The remote AlmaLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ALSA-2023:5721 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total...
7.5CVSS
7.9AI Score
0.732EPSS
AlmaLinux 9 : go-toolset and golang (ALSA-2023:5738)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:5738 advisory. Extremely large RSA keys in certificate chains can cause a client/server to expend significant CPU time verifying signatures. With fix, the size of...
7.5CVSS
7.9AI Score
0.732EPSS
(RHSA-2023:5738) Important: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487]...
7AI Score
0.732EPSS
(RHSA-2023:5721) Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable...
7AI Score
0.732EPSS
(RHSA-2023:5719) Important: go-toolset-1.19 and go-toolset-1.19-golang security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable...
7AI Score
0.732EPSS
Important: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487]...
7.5CVSS
7AI Score
0.732EPSS
Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to...
7.5CVSS
7.1AI Score
0.732EPSS
RHEL 7 : go-toolset-1.19 and go-toolset-1.19-golang (RHSA-2023:5719)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5719 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): * golang:...
7.5CVSS
8.8AI Score
0.732EPSS
CentOS 8 : go-toolset:rhel8 (CESA-2023:5721)
The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:5721 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the...
7.5CVSS
8.3AI Score
0.732EPSS
Important: go-toolset:rhel8 security update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487] (CVE-2023-39325) HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to...
7.5CVSS
7AI Score
0.732EPSS
Important: go-toolset and golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fix(es): golang: net/http, x/net/http2: rapid stream resets can cause excessive work [CVE-2023-44487]...
7.5CVSS
7.1AI Score
0.732EPSS
RHEL 8 : go-toolset:rhel8 (RHSA-2023:5721)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5721 advisory. golang: net/http: insufficient sanitization of Host header (CVE-2023-29406) golang: crypto/tls: slow verification of certificate chains...
7.5CVSS
8.6AI Score
0.732EPSS
RHEL 9 : go-toolset and golang (RHSA-2023:5738)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:5738 advisory. golang: net/http: insufficient sanitization of Host header (CVE-2023-29406) golang: crypto/tls: slow verification of certificate chains...
7.5CVSS
8.6AI Score
0.732EPSS
ToddyCat: Keep calm and check logs
ToddyCat is an advanced APT actor that we described in a previous publication last year. The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Our first publication was focused on their main tools,.....
7.5AI Score
S4UTomato - Escalate Service Account To LocalSystem Via Kerberos
Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the "Potato" series of privilege escalation should know that it can elevate service account privileges to local system privileges. The early exploitation techniques of "Potato" are almost identical:...
7.5AI Score
Dissect is a digital forensics & incident response framework and toolset that allows you to quickly access and analyse forensic artefacts from various disk and file formats, developed by Fox-IT (part of NCC Group). This project is a meta package, it will install all other Dissect modules with the.....
7AI Score
Unlock Broader Detections and Forensics with Velociraptor in Rapid7 XDR
Nearly 70% of companies that are breached are likely to get breached again within twelve months (CPO). Effective remediation and addressing attacks at the root is key to staying ahead of threats and recurring breaches on the endpoint. Strong Digital Forensics and Incident Response (DFIR) ready to.....
7AI Score
Summary Multiple issues were identified in Red Hat UBI packages go-toolset and amicontained that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. Vulnerability Details ** CVEID: CVE-2020-29652 DESCRIPTION: **Golang Go is vulnerable to a denial of service, caused by.....
7.5CVSS
6.6AI Score
0.005EPSS
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a...
6.8AI Score
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in August 2023, with the...
7.2AI Score
Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware
The suspected Pakistan-linked threat actor known as Transparent Tribe is using malicious Android apps mimicking YouTube to distribute the CapraRAT mobile remote access trojan (RAT), demonstrating the continued evolution of the activity. "CapraRAT is a highly invasive tool that gives the attacker...
6.8AI Score
gcc [el8] [8.5.0-18.0.5] - CVE-2023-4039 GCC mitigation. Orabug 35751743. Includes removal of aarch64-preserve-args.patch. - CVE-2022-40982 'Intel Downfall' mitigation. Orabug 35751810. Add two patches originally from GCC upstream releases/gcc-11 branch. with major adjustment. ...
6.5CVSS
6.4AI Score
0.001EPSS
Oracle Linux 8 / 9 : gcc (ELSA-2023-12788)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12788 advisory. Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors...
6.5CVSS
6.2AI Score
0.001EPSS
Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.
The Iranian threat actor known as Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the U.A.E. using a previously undocumented backdoor named Sponsor. Slovak cybersecurity firm is tracking the cluster under the name Ballistic Bobcat....
6.7AI Score
Amazon Linux 2 : rust (ALAS-2023-2223)
The version of rust installed on the remote host is prior to 1.68.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2223 advisory. Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior...
7.9CVSS
6.1AI Score
0.0004EPSS
Oracle Linux 8 : go-toolset:rhel8 (ELSA-2019-1519)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1519 advisory. An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second...
6.1CVSS
6.8AI Score
0.005EPSS
Oracle Linux 8 : go-toolset:ol8 (ELSA-2019-3433)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3433 advisory. net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is...
9.8CVSS
6.5AI Score
0.037EPSS
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
A previously undocumented "phishing empire" has been linked to cyber attacks aimed at compromising Microsoft 365 business email accounts over the past six years. "The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors...
6.9AI Score
Docker Registry vulnerabilities
Releases Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Packages docker-registry - Docker toolset to pack, ship, store, and deliver content Details It was discovered that Docker Registry incorrectly handled certain crafted input, which allowed remote...
7.5CVSS
6.9AI Score
0.005EPSS
Threat Actors Targeting Microsoft SQL Servers to Deploy FreeWorld Ransomware
Threat actors are exploiting poorly secured Microsoft SQL (MS SQL) servers to deliver Cobalt Strike and a ransomware strain called FreeWorld. Cybersecurity firm Securonix, which has dubbed the campaign DB#JAMMER, said it stands out for the way the toolset and infrastructure is employed. "Some of...
7.2AI Score
Issue Overview: Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files...
7.9CVSS
7.1AI Score
0.0004EPSS
IT threat evolution in Q2 2023
IT threat evolution in Q2 2023 IT threat evolution in Q2 2023. Non-mobile statistics IT threat evolution in Q2 2023. Mobile statistics Targeted attacks Gopuram backdoor deployed through 3CX supply-chain attack Earlier this year, a Trojanized version of the 3CXDesktopApp, a popular VoIP program,...
9.8CVSS
10AI Score
0.975EPSS
Summary Multiple issues were identified in Red Hat UBI packages systemd, libcap, openssl-libs, libxml2, go-toolset, and prometheus-operator that were shipped with IBM MQ Operator and IBM supplied MQ Advanced container images. IBM has addressed the vulnerabilities. Vulnerability Details ** CVEID:...
9.8CVSS
9AI Score
0.005EPSS
Oracle Linux 8 : rust-toolset:ol8 (ELSA-2023-4635)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-4635 advisory. Cargo downloads the Rust project's dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not...
7.9CVSS
6.4AI Score
0.0004EPSS
rust-toolset:ol8 security update
[1.66.1-2] - rust-cargo: cargo does not respect the umask when extracting dependencies...
7.3CVSS
7.1AI Score
0.0004EPSS
Spacecolon Toolset Fuels Surge in Scarab Ransomware Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CosmicBeetle, an active cyber threat group, has been utilizing a malicious toolset called Spacecolon in an ongoing campaign. This toolset is used to distribute variants of the Scarab ransomware by...
6.8AI Score
[1.66.1-2] - rust-cargo: cargo does not respect the umask when extracting dependencies...
7.3CVSS
7.1AI Score
0.0004EPSS