Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...
5.5CVSS
6.8AI Score
0.001EPSS
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20748 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A.....
5.5CVSS
6.9AI Score
0.001EPSS
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20747 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A....
5.5CVSS
7AI Score
0.001EPSS
Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1910 Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20749 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...
5.5CVSS
5.3AI Score
0.001EPSS
Intel® PROSet/Wireless and Killer™ Wi-Fi Software February 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. ...
7.1CVSS
7.7AI Score
0.0004EPSS
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you're still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability....
7.4AI Score
Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However,...
7.2AI Score
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
By Jungsoo An, Wayne Lee and Vanja Svajcer. Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named...
8.2AI Score
Digital Experience Monitoring | What Is DEM?
Introduction to Digital Experience Monitoring: Illuminating the Basics In an era governed by technology, the satisfaction of an end-user is of utmost importance. It has the power to stimulate or to halt business growth, and frequently determines if a client continues or discontinues their...
7.2AI Score
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a...
9.8CVSS
9.9AI Score
0.321EPSS
Directory Traversal: Examples, Testing, and Prevention
Unveiling the Enigma of Path Navigation: An Exhaustive Exploration and Insight Path Navigation, often referred to as Folder Navigation, symbolizes a kind of security extraction point allowing unauthorized individuals to gain unauthorized access to specific files held within a server's database...
7.8AI Score
Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew's...
6.9AI Score
Exploring the (Not So) Secret Code of Black Hunt Ransomware
It seems like every week, the cybersecurity landscape sees the emergence of yet another ransomware variant, with Black Hunt being one of the latest additions. Initially reported by cybersecurity researchers in 2022, this new threat has quickly made its presence known. In a recent incident, Black...
8.2AI Score
How to comply with GDPR requirements
Understanding the Basics of GDPR Compliance Within the sphere of cybersecurity, significant strides were made as the European Union (EU) introduced an innovative legislative tool called the General Data Protection Regulation (GDPR), unveiled on May 25, 2018. This regulation highlights the EU's...
7.2AI Score
Rapid7 in Prague: Pete Rubio Shares Insights and Excitement for the New Office
_As we continue to grow our customer base here at Rapid7, we’re growing our offices as well – this time with a new location in the Czech Republic. With a successful history of building innovation hubs from Boston to Belfast, our teams can’t wait to bring new talent from Prague into the business....
6.9AI Score
Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let's take a look at what's been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let's take a look at the Microsoft.....
10CVSS
10AI Score
0.973EPSS
Exploit for Cross-Site Request Forgery (CSRF) in Moxa Iologik E1210 Firmware
This repository contains a Python script and a nuclei template...
8.8CVSS
7AI Score
0.001EPSS
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
Introduction On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server, identified as CVE-2023-22527. This issue found in older versions, poses a serious risk as it allows attackers without any.....
10CVSS
8.7AI Score
0.973EPSS
OSINT in 60 seconds. Mind reading on TV
TL;DR We were asked to help with a Channel 5 consumer education series about online banking scams The presenter, Alexis Conran, was to ‘read’ the minds of members of the public walking past a coffee shop A release form was signed by the targets, with their name, email, and phone number, then...
6.9AI Score
Unspecified vulnerability in Linux kernel (CNVD-2024-06429)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.7.1 and earlier versions, which stems from the presence of an out-of-bounds access vulnerability. No details of the...
5.5CVSS
6.8AI Score
0.0004EPSS
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory.....
10CVSS
9.6AI Score
0.002EPSS
Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing...
7.3AI Score
Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems.....
9.8CVSS
8.5AI Score
0.002EPSS
AlmaLinux 9 : frr (ALSA-2024:0477)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0477 advisory. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow. (CVE-2023-38406) bgpd/bgp_label.c...
9.8CVSS
6.7AI Score
0.001EPSS
9.8CVSS
7.4AI Score
0.01EPSS
Oracle Linux 9 : frr (ELSA-2024-0477)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because...
9.8CVSS
6.5AI Score
0.001EPSS
Understanding the Basics of Security Operations (SecOps) SecOps represents the blending of cybersecurity proficiency with operational domains, forming a powerful bulwark. Its primary mission lies in safeguarding the fundamental data assets and technological infrastructures of an organization. More....
7AI Score
Cisco Unified Communications Manager IM & Presence RCE (cisco-sa-cucm-rce-bWNzQcUm)
According to its self-reported version, Cisco Unified Communications Manager IM & Presence running on the report host is affected by a remote code execution (RCE) vulnerability. Due to improper processing of user-provided data that is being read into memory, an unauthenticated, remote, attacker...
10CVSS
9.9AI Score
0.002EPSS
Cisco Unified Communications Manager RCE (cisco-sa-cucm-rce-bWNzQcUm)
According to its self-reported version, Cisco Unified Communications Manager running on the report host is affected by a remote code execution (RCE) vulnerability. Due to improper processing of user-provided data that is being read into memory, an unauthenticated, remote, attacker can execute...
10CVSS
9.9AI Score
0.002EPSS
Cisco Unified Communications Products Remote Code Execution Vulnerability
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory.....
8.2AI Score
0.002EPSS
"Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in the wild, said they are designed to target machines running macOS...
7AI Score
Cracked software beats gold: new macOS backdoor stealing cryptowallets
A month ago, we discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. We recently caught sight of a new,....
7.5AI Score
Exploit for Improper Authentication in Ivanti Connect Secure
Ivanti Connect Around Vulnerability Checker [Ivanti...
8.4AI Score
Privacy, Security, and Connected Devices: Key Takeaways From CES 2024
The topic of data privacy has become so relevant in our age of smart technology. With everything becoming connected, including our homes, workplaces, cities, and even our cars, those who develop this technology are obligated to identify consumers' expectations for privacy and then find the best...
7.4AI Score
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator. Kaspersky, which analyzed a set of iPhones that were...
6.3AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-2647)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to...
7.8CVSS
8.7AI Score
EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-2689)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to...
7.8CVSS
8.7AI Score
EPSS
EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2023-2724)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a...
7.8CVSS
8.8AI Score
EPSS
EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2023-2755)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a...
7.8CVSS
8.8AI Score
EPSS
On December 11, 2023, we added an Unauthenticated Stored XSS vulnerability in the Popup Builder WordPress plugin to our Wordfence Intelligence Vulnerability Database. This vulnerability, which was originally reported by WPScan, allows an unauthenticated attacker to inject arbitrary JavaScript that....
6.4AI Score
Detect and Manage the Risk of Apache Struts (CVE-2023-50164) Comprehensively
Introduction In the vast landscape of cybersecurity, staying vigilant against potential threats is crucial. A critical vulnerability that surfaced recently is CVE-2023-50164, affecting Apache Struts 2, a widely used open-source framework for Java development. This path traversal vulnerability,...
9.8CVSS
10AI Score
0.09EPSS
Deciphering the Danger: Decoding Mallox Ransomware. Mallox Ransomware embodies a harmful software element, contributing to an ever-expanding repertoire of digital extortion threats. This cyber menace executes its mission by snaking its way into your computer system, applying a cipher to your data,....
7.2AI Score
Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families
As many as five different malware families were deployed by suspected nation-state actors as part of post-exploitation activities leveraging two zero-day vulnerabilities in Ivanti Connect Secure (ICS) VPN appliances since early December 2023. "These families allow the threat actors to circumvent...
9.1CVSS
9.2AI Score
0.969EPSS
Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is particularly intriguing due to the attacker's use of packers and rootkits to conceal the malware," Aqua...
9.1AI Score
Rocky Linux 8 : frr (RLSA-2024:0130)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0130 advisory. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow. (CVE-2023-38406) bgpd/bgp_label.c...
9.8CVSS
6.7AI Score
0.001EPSS
Oracle Linux 8 : frr (ELSA-2024-0130)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0130 advisory. bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. (CVE-2023-38407) An...
9.8CVSS
6.5AI Score
0.001EPSS
Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions (matching the pattern 0.x.0) at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...
2.8CVSS
6.5AI Score
0.0004EPSS
Impact What kind of vulnerability is it? Who is impacted? An information leakage vulnerability is present in cdo-local-uuid at version 0.4.0, and in case-utils in unpatched versions (matching the pattern 0.x.0) at and since 0.5.0, before 0.15.0. The vulnerability stems from a Python function,...
2.8CVSS
6.5AI Score
0.0004EPSS