MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
9.8CVSS
9.3AI Score
0.001EPSS
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
9.8CVSS
6.5AI Score
0.001EPSS
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
9.8CVSS
9.3AI Score
0.001EPSS
Cisco Unified Communications Products Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM), Cisco Unified CM Session Management Edition (Unified CM SME), and Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker....
5.8AI Score
0.001EPSS
CVE-2023-4204 NPort IAW5000A-I/O Series Hardcoded Credential Vulnerability
NPort IAW5000A-I/O Series firmware version v2.2 and prior is affected by a hardcoded credential vulnerabilitywhich poses a potential risk to the security and integrity of the affected device. This vulnerability is attributed to the presence of a hardcoded key, which could potentially facilitate...
5.4CVSS
9.6AI Score
0.001EPSS
Beware malware posing as beta versions of legitimate apps, warns FBI
The FBI has issued a warning that cybercriminals are embedding malicious code in mobile beta-testing apps in attempts to defraud potential victims. The victims are typically contacted on dating sites and social media, and in some cases they are promised incentives such as large financial payouts......
6.7AI Score
Hardening repositories against credential theft
GitHub Security is constantly monitoring for abuse and security threats to GitHub, developers and communities that call GitHub home. In this blog, we are taking a moment to remind developers of some best practices and important defenses against common attack patterns against GitHub Actions. One...
6.8AI Score
Trawler - PowerShell Script To Help Incident Responders Discover Adversary Persistence Mechanisms
Dredging Windows for Persistence What is it? Trawler is a PowerShell script designed to help Incident Responders discover potential indicators of compromise on Windows hosts, primarily focused on persistence mechanisms including Scheduled Tasks, Services, Registry Modifications, Startup Items,...
7.4AI Score
Nine years of the GitHub Security Bug Bounty program
It was another record year for our Security Bug Bounty program! We're excited to highlight some achievements we’ve made together with the bounty community in 2022! The ninth year of GitHub’s Security Bug Bounty Program saw our program reach new heights. We’re very excited to provide a look into...
7AI Score
New Financial Malware 'JanelaRAT' Targets Latin American Users
Users in Latin America (LATAM) are the target of a financial malware called JanelaRAT that's capable of capturing sensitive information from compromised Microsoft Windows systems. "JanelaRAT mainly targets financial and cryptocurrency data from LATAM bank and financial institutions," Zscaler...
6.9AI Score
Phishers want their fake pages to cost minimum effort but generate as much income as possible, so they eagerly use various tools and techniques to evade detection, and save time and money. Examples include automation with phishing kits or Telegram bots. Another tactic, popular with scammers big...
7.6AI Score
Exploit for Incorrect Authorization in Canonical Ubuntu Linux
Check for CVE-2023-32629 GameOver(lay) Script Overview:...
7.8CVSS
7.9AI Score
0.0004EPSS
Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus
A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle (AitM) attacks at the....
7.3AI Score
IBM InfoSphere Information Server Information Disclosure Vulnerability (CNVD-2023-68779)
IBM InfoSphere Information Server is a set of data integration platforms from International Business Machines (IBM). The platform can be used to integrate data information obtained from various sources. An information disclosure vulnerability exists in IBM InfoSphere Information Server version...
6.5CVSS
5.8AI Score
0.0005EPSS
CVE-2023-21554 - QueueJumper - MSMQ RCE Check
This module checks the provided hosts for the CVE-2023-21554 vulnerability by sending a MSMQ message with an altered DataLength field within the SRMPEnvelopeHeader that overflows the given buffer. On patched systems, the error is caught and no response is sent back. On vulnerable systems, the...
9.8CVSS
9.5AI Score
0.951EPSS
Group signature validation bypass in github.com/supranational/blst
When complemented with a check for infinity, blst skips performing a signature group-check. Formally speaking, infinity is the identity element of the elliptic curve group and as such it is a member of the group, so the group-check should be performed. The fix performs the check even in the...
7.1AI Score
Common TTPs of attacks against industrial organizations
In 2022 we investigated a series of attacks against industrial organizations in Eastern Europe. In the campaigns, the attackers aimed to establish a permanent channel for data exfiltration, including data stored on air-gapped systems. Based on similarities found between these campaigns and...
7.7AI Score
Microsoft Project 2013 Remote Code Execution Vulnerability (KB4484489)
This host is missing a critical security update according to Microsoft...
7.5CVSS
7.8AI Score
0.115EPSS
Microsoft Project 2016 Remote Code Execution Vulnerability (KB5002328)
This host is missing a critical security update according to Microsoft...
7.5CVSS
7.8AI Score
0.115EPSS
Microsoft PowerPoint 2013 SP1 RCE Vulnerability (KB5002399)
This host is missing an important security update according to Microsoft...
7.5CVSS
7.8AI Score
0.115EPSS
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
With more than 90 percent of organizations adopting a multicloud strategy1 and cloud-based cyberattacks growing 48 percent year over year,2 securing multicloud and hybrid environments is more important than ever. To successfully protect multicloud infrastructure—where customers are utilizing two...
7.4AI Score
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
With more than 90 percent of organizations adopting a multicloud strategy1 and cloud-based cyberattacks growing 48 percent year over year,2 securing multicloud and hybrid environments is more important than ever. To successfully protect multicloud infrastructure—where customers are utilizing two...
7.4AI Score
Hive Pro Achieves ISO/IEC 27001: 2022 Certification
Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:2022....
6.5AI Score
New Yashma Ransomware Variant Targets Multiple English-Speaking Countries
An unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversary of likely...
7.1AI Score
Intel 2023.3 IPU – BIOS August 2023 Security Updates
Intel has informed HP of potential vulnerabilities identified for some Intel® Processors and/or supporting BIOS firmware, which might allow escalation of privilege, information disclosure, or denial of service. Intel is releasing firmware updates and prescriptive guidance to mitigate these...
8CVSS
7.2AI Score
0.001EPSS
Intel® PROSet/Wireless WiFi and Killer™ WiFi August 2023 Security Update
Intel has informed HP of potential vulnerabilities identified in some Intel® PROSet/Wireless WiFi and Killer™ WiFi products, which might allow escalation of privilege or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Intel has...
8.2CVSS
7.3AI Score
0.0005EPSS
Intel 2023.3 IPU – Chipset Firmware August 2023 Security Update
Intel has informed HP of potential vulnerabilities identified in the Intel® Converged Security Management Engine (CSME), Active Management Technology (AMT), and Intel® Standard Manageability software that might allow escalation of privilege or denial of service. Intel is releasing updates to...
8.6CVSS
7.3AI Score
0.001EPSS
Cisco Talos discovered an unknown threat actor, seemingly of Vietnamese origin, conducting a ransomware operation that began at least as early as June 4, 2023. This ongoing attack uses a variant of the Yashma ransomware likely to target multiple geographic areas by mimicking WannaCry...
7.6AI Score
F5 BIG-IP Data Forgery Issue Vulnerability
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. A data forgery issue vulnerability exists in the F5 BIG-IP Edge Client, which stems from the presence of insufficient data...
5.5CVSS
6.8AI Score
0.0004EPSS
Calculation Errors in calculateAndSendFee Function of OptionsPositionManager Contract
Lines of code Vulnerability details Bug Description In the OptionsPositionManager contract, specifically in the calculateAndSendFee function (lines 365 to 367), there are several mathematical errors that impact the accuracy of the feeAmount result. These errors can lead to incorrect fee...
6.7AI Score
Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems
Threat actors are using an open-source rootkit called Reptile to target Linux systems in South Korea. "Unlike other rootkit malware that typically only provide concealment capabilities, Reptile goes a step further by offering a reverse shell, allowing threat actors to easily take control of...
6.7AI Score
ChatGPT was released just nine months ago, and we are still learning how it will affect our daily lives, our careers, and even our systems of self-governance. But when it comes to how AI may threaten our democracy, much of the public conversation lacks imagination. People talk about the danger of.....
6.8AI Score
At Rapid7 we love a good pen test story. So often they show the cleverness, skill, resilience, and dedication to our customer’s security that can only come from actively trying to break it! In this series, we’re going to share some of our favorite tales from the pen test desk and hopefully...
6.9AI Score
Previewing Talos at BlackHat 2023
Welcome to this week's edition of the Threat Source newsletter. The time has come once again for all of us (well, not me specifically but lots of other Talos people) to descend on Las Vegas for Hacker Summer Camp. Cisco Talos will be well-represented at BlackHat and DEF CON over the course of the.....
6.6AI Score
"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches
A hacktivist group known as Mysterious Team Bangladesh has been linked to over 750 distributed denial-of-service (DDoS) attacks and 78 website defacements since June 2022. "The group most frequently attacks logistics, government, and financial sector organizations in India and Israel,"...
6.7AI Score
A Bootiful Podcast: UL Systems founder and chairman Shigeru Urushibara interviews.. me?
Hi, Spring fans! I just crossed 13 years on the Spring team! I just got to spend a lovely day in the presence of one of my heroes and friends, UL Systems founder and chairman, Shigeru Urushibara-san (@ulsystems), here in Tokyo, Japan, and in this episode, we sort of flip the script. We had a brief....
6.8AI Score
Beware of BOLA (IDOR) Vulnerabilities in Web Apps and APIs
Introduction In a recent advisory, the Cybersecurity and Infrastructure Security Agency (CISA) warned vendors, designers, developers, and end-user organizations of web applications about the dangers posed by Insecure Direct Object Reference (IDOR) vulnerabilities, now commonly referred to as BOLA.....
7.1AI Score
The many vulnerabilities Talos discovered in SOHO and industrial wireless routers post-VPNFilter
Since the discovery of the widespread VPNFilter malware in 2018, Cisco Talos researchers have been researching vulnerabilities in small and home office (SOHO) and industrial routers. During that research, Talos has worked with vendors to report and mitigate these vulnerabilities, totaling 141...
10CVSS
10.1AI Score
0.429EPSS
Imagine the scenario… A nation state recruits an asset / spy at age 18. Their education and living expenses are fully funded, all with the aim of getting them a job at a target organisation. All goes to plan, on paper they’re a good fit and they get a low profile graduate role in the company. Life....
7.1AI Score
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability
Advanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as part of a new joint...
6.8AI Score
0.968EPSS
The Bug Report - July 2023 Edition
The Bug Report – July 2023 Edition By Trellix · August 02, 2023 This story was also written by John Dunlap. A Storm is Brewing! Why am I here? Summer is now in full swing, and our July Bug Report is similarly coming out swinging. This month comes with a red-hot list of software...
8.2AI Score
0.97EPSS
MTE As Implemented, Part 3: The Kernel
By Mark Brand, Project Zero Background In 2018, in the v8.5a version of the ARM architecture, ARM proposed a hardware implementation of tagged memory, referred to as MTE (Memory Tagging Extensions). In Part 1 we discussed testing the technical (and implementation) limitations of MTE on the...
6.6AI Score
The Bug Report - July 2023 Edition
The Bug Report – July 2023 Edition By Trellix · August 02, 2023 This story was also written by John Dunlap. A Storm is Brewing! Why am I here? Summer is now in full swing, and our July Bug Report is similarly coming out swinging. This month comes with a red-hot list of software...
9.7AI Score
0.97EPSS
China's APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
A nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with medium to high...
7AI Score
6.8AI Score
Exploit for Improper Authentication in Ivanti Endpoint Manager Mobile
CVE-2023-35078 This script ethically checks for the presence...
9.8CVSS
9.3AI Score
0.968EPSS
Webinar: Riding the vCISO Wave: How to Provide vCISO Services
Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated enterprises was expected to grow by a whopping 1900% in just one year, from only 1% in 2021 to 20% in 2022! Offering vCISO services can be especially...
6.7AI Score
TeleAdapt RoomCast TA-2400 Trust Management Issues Vulnerability
The TeleAdapt RoomCast TA-2400 is an all-in-one, self-contained, top-of-the-line content streaming box for guest rooms from TeleAdapt UK. A trust management issue vulnerability exists in TeleAdapt RoomCast TA-2400 versions 1.0 through 3.1, which stems from the presence of an issue with the use of.....
9.8CVSS
6.7AI Score
0.001EPSS
A Data Exfiltration Attack Scenario: The Porsche Experience
As part of Checkmarx's mission to help organizations develop and deploy secure software, the Security Research team started looking at the security posture of major car manufacturers. Porsche has a well-established Vulnerability Reporting Policy (Disclosure Policy)[1], it was considered in scope...
6.5AI Score
How to connect with Microsoft Security at Black Hat USA 2023
Now in its twenty-sixth year, Black Hat USA takes place August 5 to 10, 2023, at Mandalay Bay in Las Vegas, Nevada, bringing together security professionals for the latest in information security research, development, and trends. Microsoft Security is pleased to have a presence at Black Hat, with....
8AI Score