How to connect with Microsoft Security at Black Hat USA 2023
Now in its twenty-sixth year, Black Hat USA takes place August 5 to 10, 2023, at Mandalay Bay in Las Vegas, Nevada, bringing together security professionals for the latest in information security research, development, and trends. Microsoft Security is pleased to have a presence at Black Hat, with....
7.2AI Score
Remote code execution in Apache Jackrabbit
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
8.2AI Score
0.087EPSS
Remote code execution in Apache Jackrabbit
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
8.2AI Score
0.087EPSS
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
10AI Score
0.087EPSS
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
10AI Score
0.087EPSS
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
7.5AI Score
0.087EPSS
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
9.9AI Score
0.087EPSS
Deserialization of untrusted data
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
10AI Score
0.087EPSS
CVE-2023-37895 Apache Jackrabbit RMI access can lead to RCE
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
10AI Score
0.087EPSS
Java object deserialization issue in Jackrabbit webapp/standalone on all platforms allows attacker to remotely execute code via RMIVersions up to (including) 2.20.10 (stable branch) and 2.21.17 (unstable branch) use the component "commons-beanutils", which contains a class that can be used for...
9.8CVSS
9.7AI Score
0.087EPSS
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. "This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH's forwarded...
6.5CVSS
7.9AI Score
0.028EPSS
Honest users could lose funds due to the current implementation of executeProposal()
Lines of code Vulnerability details Impact In the InterChainGovernance.sol contract, the executeProposal function lacks an explicit check to ensure that the msg.value provided with the function call is greater than or equal to the nativeValue specified. After an extensive discussion with the...
7.3AI Score
IBM Security Guardium Input Validation Error Vulnerability
IBM Security Guardium is a suite of platforms from International Business Machines (IBM) that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An input validation error vulnerability exists in IBM...
6.5CVSS
6.5AI Score
0.001EPSS
Exploit for Code Injection in Citrix Netscaler Application Delivery Controller
CVE-2023-3519 Inspector The cve_2023_3519_inspector.py is...
7AI Score
Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities
Multiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an unexpected state,.....
8.1CVSS
8.4AI Score
0.003EPSS
New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems
Cybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than....
10CVSS
9.1AI Score
0.971EPSS
OpenBSD OpenSSH < 9.3p2 RCE Vulnerability
OpenBSD OpenSSH is prone to a remote code execution (RCE) vulnerability in...
9.8CVSS
9.9AI Score
0.028EPSS
9.8CVSS
9.8AI Score
0.028EPSS
7.1AI Score
New openssh packages are available for Slackware 15.0 and -current to fix a security issue. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/openssh-9.3p2-i586-1_slack15.0.txz: Upgraded. This update fixes a security issue: ssh-agent(1) in OpenSSH between and 5.5 and...
9.8CVSS
7AI Score
0.028EPSS
Exploit for Deserialization of Untrusted Data in Apache Log4J
The Log4j vulnerability, also known as "Log4Shell" or...
10CVSS
10AI Score
0.976EPSS
Hive Pro Announces Relocation and Expansion of Headquarters to Support Growing Cybersecurity Demand
New Headquarters to Catalyze Innovation and Strengthen Commitment to Customer Success July 19, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market is thrilled to announce its upcoming corporate relocation to a new state-of-the-art headquarters in Herndon, Virginia. The....
6.7AI Score
Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 : ConnMan vulnerabilities (USN-6236-1)
The remote Ubuntu 16.04 ESM / 18.04 ESM / 20.04 LTS / 22.04 LTS / 23.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6236-1 advisory. A stack-based buffer overflow in dnsproxy in ConnMan before 1.39 could be used by network adjacent ...
9.8CVSS
8.1AI Score
0.021EPSS
OpenSSH -- remote code execution via a forwarded agent socket
OpenSSH project reports: Fix CVE-2023-38408 - a condition where specific libaries loaded via ssh-agent(1)'s PKCS#11 support could be abused to achieve remote code execution via a forwarded agent socket if the following conditions are met: * Exploitation requires the...
9.8CVSS
7.5AI Score
0.028EPSS
7.1AI Score
7.4AI Score
“Never Assume Anything” – that is the 4th Guiding Principle written in the Security section of the WordPress Common APIs Handbook for developers. When it comes to WordPress plugin security, assumptions can be dangerous. This became evident when the Wordfence Threat Intelligence team discovered an.....
6.1CVSS
5.6AI Score
0.001EPSS
LokiBot Data Exfiltrating Trojan Targets Windows Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LokiBot, an infamous data-exfiltrating Trojan, has maintained a prominent presence since 2015. This pernicious malware predominantly sets its sights on Windows systems, diligently striving to acquire...
6.8AI Score
Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware
Microsoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuard Labs researcher.....
7.8CVSS
7.4AI Score
0.969EPSS
CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise
The Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in most cases, using....
7.2AI Score
A local privilege escalation (LPE) vulnerability in Windows was...
7.8CVSS
8.3AI Score
0.0004EPSS
Introducing passwordless authentication on GitHub.com
Most security breaches are not the product of exotic zero-day attacks but rather involve lower-cost attacks like social engineering, credential theft or leakage, and other avenues that provide attackers with a broad range of access to victim accounts and the resources they have access to. In fact,....
7AI Score
Enhanced Monitoring to Detect APT Activity Targeting Outlook Online
SUMMARY In June 2023, a Federal Civilian Executive Branch (FCEB) agency identified suspicious activity in their Microsoft 365 (M365) cloud environment. The agency reported the activity to Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA), and Microsoft determined that...
9AI Score
Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector
Cybersecurity researchers have unearthed a novel rootkit signed by Microsoft that's engineered to communicate with an actor-controlled attack infrastructure. Trend Micro has attributed the activity cluster to the same actor that was previously identified as behind the FiveSys rootkit, which came...
6.8AI Score
July 12, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, announced today that they have closed $4 million in their seed funding round from private investors. The successful completion of Hive Pro’s second round of seed funding will support the continued delivery...
6.8AI Score
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
The number of vulnerabilities is steadily increasing over the years, as evidenced by the 206,000 vulnerabilities reported and still counting in the National Vulnerability Database (NVD). With each subsequent year, this trend has persisted since 2016, surpassing the previous vulnerability count. ...
8.8CVSS
9.7AI Score
0.138EPSS
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates
A developing piece of ransomware called Big Head is being distributed as part of a malvertising campaign that takes the form of bogus Microsoft Windows updates and Word installers. Big Head was first documented by Fortinet FortiGuard Labs last month, when it discovered multiple variants of the...
6.7AI Score
July 11, 2023—KB5028185 (OS Build 22621.1992)
July 11, 2023—KB5028185 (OS Build 22621.1992) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to find out.....
9.8CVSS
7.7AI Score
0.147EPSS
New TOITOIN Banking Trojan Targeting Latin American Businesses
Businesses operating in the Latin American (LATAM) region are the target of a new Windows-based banking trojan called TOITOIN since May 2023. "This sophisticated campaign employs a trojan that follows a multi-staged infection chain, utilizing specially crafted modules throughout each stage,"...
9.8CVSS
7.1AI Score
0.135EPSS
Well.sol::addLiquidity() Unauthorized Liquidity Addition for Fee-on-Transfer Tokens
Lines of code Vulnerability details Description The addLiquidity() in the Well.sol contract allows any address to add liquidity to tokens with a fee-on-transfer mechanism. Although there is a another function available to add liquidity for Fee-on-transfer token name addLiquidityFeeOnTransfer()....
6.5AI Score
virt:ol and virt-devel:rhel security and bug fix update
hivex libguestfs [1.44.0-9.0.1] - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 [Orabug: 29319324] - Set DISTRO_ORACLE_LINUX correspeonding to ol [1:1.44.0-9] - Fix CVE-2022-2211 Denial of Service in --key parameter resolves: rhbz#2101280...
5.5CVSS
7.8AI Score
0.0004EPSS
BlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 Days
Ransomware attacks are a major problem for organizations everywhere, and the severity of this problem continues to intensify. Recently, Microsoft's Incident Response team investigated the BlackByte 2.0 ransomware attacks and exposed these cyber strikes' terrifying velocity and damaging nature. The....
7.1AI Score
The five-day job: A BlackByte ransomware intrusion case study
As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – DART) of an...
9.8CVSS
8.1AI Score
EPSS
Increased Truebot Activity Infects U.S. and Canada Based Networks
SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Multi-State Information Sharing and Analysis Center (MS-ISAC), and the Canadian Centre for Cyber Security (CCCS) are releasing this joint Cybersecurity Advisory (CSA) in response to.....
9.8CVSS
10AI Score
0.969EPSS
Using the Jira Python library to make REST API calls with cookie auth bypasses Jira rate limiting
h3. Issue Summary When using the open-source [Jira Python library|https://github.com/pycontribs/jira] to make REST API calls to Jira, if [cookie-based authentication|https://jira.readthedocs.io/examples.html#cookie-based-authentication] is used then Jira's rate limits will be bypassed. This can...
6.9AI Score
Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1714 Milesight UR32L vtysh_ubus tcpdump_start_cb OS command injection vulnerability July 6, 2023 CVE Number CVE-2023-22653 SUMMARY An OS command injection vulnerability exists in the vtysh_ubus tcpdump_start_cb functionality of Milesight UR32L v32.3.0.5. A...
8.8CVSS
9.7AI Score
0.002EPSS
BugChecker - SoftICE-like Kernel Debugger For Windows 11
Introduction BugChecker is a SoftICE-like kernel and user debugger for Windows 11 (and Windows XP as well: it supports Windows versions from XP to 11, both x86 and x64). BugChecker doesn't require a second machine to be connected to the system being debugged, like in the case of WinDbg and KD....
7AI Score
Bouncy Castle For Java LDAP injection vulnerability
Bouncy Castle provides the X509LDAPCertStoreSpi.java class which can be used in conjunction with the CertPath API for validating certificate paths. Pre-1.73 the implementation did not check the X.500 name of any certificate, subject, or issuer being passed in for LDAP wild cards, meaning the...
5.3CVSS
6.2AI Score
0.001EPSS
Bouncy Castle For Java LDAP injection vulnerability
Bouncy Castle provides the X509LDAPCertStoreSpi.java class which can be used in conjunction with the CertPath API for validating certificate paths. Pre-1.73 the implementation did not check the X.500 name of any certificate, subject, or issuer being passed in for LDAP wild cards, meaning the...
5.3CVSS
6.2AI Score
0.001EPSS
The code uses arithmetic operations without explicitly checking for possible overflows or underflows
Lines of code Vulnerability details Impact The impact of the Integer Overflow/Underflow vulnerability can be summarized as follows: Data Inaccuracy: The vulnerability can lead to incorrect calculations and inaccurate data, potentially compromising the integrity of voting processes and other...
7.3AI Score