MAX PRESENCE,TP3106,TP3206 Security Vulnerabilities

Conform contains a Prototype Pollution Vulnerability in `parseWith...` function

Summary Conform allows the parsing of nested objects in the form of object.property. Due to an improper implementation of this feature, an attacker can exploit it to trigger prototype pollution by passing a crafted input to parseWith... functions. PoC ```javascript const { parseWithZod } =...

Suspected CoralRaider continues to expand victimology using three information stealers

_By Joey Chen, Chetan Raghuprasad and Alex Karkins. _ Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell...

Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security

Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...

ToddyCat Hacker Group Uses Advanced Tools for Industrial-Scale Data Theft

The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data. Russian cybersecurity firm Kaspersky characterized the adversary as relying on various programs to harvest data on an "industrial scale" from...

ToddyCat is making holes in your infrastructure

We continue covering the activities of the APT group ToddyCat. In our previous article, we described tools for collecting and exfiltrating files (LoFiSe and PcExter). This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Vulnerability

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an authentication bypass vulnerability through a direct and unauthorized access to the password management functionality. The issue allows attackers to bypass authentication by manipulating the set_pwd endpoint that enables....

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference Vulnerability

Elber Cleber/3 Broadcast Multi-Purpose Platform version 1.0.0 suffers from an unauthenticated device configuration and client-side hidden functionality disclosure...

How Attackers Can Own a Business Without Touching the Endpoint

Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. Before getting into the details...

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at...

Fortinet FortiSandbox OS Command Injection Vulnerability (CNVD-2024-20429)

Fortinet FortiSandbox is an APT (Advanced Persistent Threat) protection appliance from Fortinet. The appliance offers dual sandboxing technology, dynamic threat intelligence system, real-time control panel and reporting. Fortinet FortiSandbox suffers from an operating system command injection...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

IPv6 enabled on IPv4-only network interfaces

In 26.0.0 and 26.0.1, IPv6 is not disabled on network interfaces, including those belonging to networks where --ipv6=false. Impact A container with an ipvlan or macvlan interface will normally be configured to share an external network link with the host machine. Because of this direct access,...

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform...

How to Conduct Advanced Static Analysis in a Malware Sandbox

Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Insecure Direct Object Reference

...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:1322-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1322-1 advisory. In the Linux kernel, the following vulnerability has been resolved: net/smc: fix kernel panic caused by race of smc_sock A...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

...

The Windows Registry Adventure #2: A brief history of the feature

Posted by Mateusz Jurczyk, Google Project Zero Before diving into the low-level security aspects of the registry, it is important to understand its role in the operating system and a bit of history behind it. In essence, the registry is a hierarchical database made of named "keys" and "values",...

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal

During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the...

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass

Title: Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Authentication Bypass Advisory ID: ZSL-2024-5816 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary Cleber offers a powerful, flexible and modular hardware...

Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config

Title: Elber Cleber/3 Broadcast Multi-Purpose Platform 1.0.0 Device Config Advisory ID: ZSL-2024-5817 Type: Local/Remote Impact: Security Bypass, Privilege Escalation, System Access, DoS Risk: (5/5) Release Date: 17.04.2024 Summary Cleber offers a powerful, flexible and modular hardware and...

llama-index-core Command Injection vulnerability

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

llama-index-core Command Injection vulnerability

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

gradio Server-Side Request Forgery vulnerability

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

gradio Server-Side Request Forgery vulnerability

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

CVE-2024-3271

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

CVE-2024-3271

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

CVE-2024-1183

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

CVE-2024-1183

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

CVE-2024-3271 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

CVE-2024-3271 Command Injection in run-llama/llama_index

A command injection vulnerability exists in the run-llama/llama_index repository, specifically within the safe_eval function. Attackers can bypass the intended security mechanism, which checks for the presence of underscores in code generated by LLM, to execute arbitrary code. This is achieved by.....

CVE-2024-1183 SSRF Vulnerability in gradio-app/gradio

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

CVE-2024-1183 SSRF Vulnerability in gradio-app/gradio

An SSRF (Server-Side Request Forgery) vulnerability exists in the gradio-app/gradio repository, allowing attackers to scan and identify open ports within an internal network. By manipulating the 'file' parameter in a GET request, an attacker can discern the status of internal ports based on the...

Exploit for CVE-2024-1642470

Windows USB Generic Parent Driver Remote Code Execution...

Exploit for Code Injection in Openplcproject Openplc V3 Firmware

CVE-2021-31630 OpenPLC 3 WebServer Authenticated Remote Code...

Intel and Lenovo BMCs Contain Unpatched Lighttpd Server Flaw

A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in...

OpenClinic GA 5.247.01 - Path Traversal (Authenticated)

...

OpenClinic GA 5.247.01 - Path Traversal (Authenticated) Vulnerability

...

OpenClinic GA 5.247.01 Path Traversal

...

De-risk the Software Supply Chain by Expanding Unparalleled Detection Coverage With Qualys VMDR and Software Composition Analysis

QIDs/CVEs When it comes to cybersecurity, speed is key in getting an edge over attackers. But when you consider that vulnerabilities weaponize 24 days faster than then they are remediated on average, cybersecurity stakeholders have a lot of catching up to do. While there are many ways defenders...

How to protect yourself from online harassment

It takes a little to receive a lot of online hate today, from simply working as a school administrator to playing a role in a popular movie or video game. But these moments of personal crisis have few, immediate solutions, as the current proposals to curb and stem online harassment zero in on the.....

CVE-2024-1792

The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject.....

CVE-2024-1792

The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject.....

CVE-2024-1792

The CMB2 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.10.1 via deserialization of untrusted input from the text_datetime_timestamp_timezone field. This makes it possible for authenticated attackers, with contributor access or higher, to inject.....

Starry Addax targets human rights defenders in North Africa with new malware

Cisco Talos is disclosing a new threat actor we deemed "Starry Addax" targeting mostly human rights activists associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware. Starry Addax conducts phishing attacks tricking their targets into installing malicious...

CL0P's Ransomware Rampage - Security Measures for 2024

2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to....

CVE-2024-3508

A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in the JSON. To perform this verification, the uploaded file must first be...

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447)

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2 will...

Oracle Linux 8 / 9 : Unbreakable Enterprise kernel (ELSA-2024-12272)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12272 advisory. [5.15.0-205.149.5.1] - KVM: x86: Add BHI_NO (Daniel Sneddon) [Orabug: 36384802] {CVE-2024-2201} - x86/bhi: Mitigate KVM by default (Pawan Gupta) [Orabug:...