New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand
A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021. Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal.....
7.1AI Score
Scanning Danger: Unmasking the Threats of Quishing
Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi, Raghav Kapoor and Rohan Shah · December 07, 2023 Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 percent of data breaches, making it a significant avenue for the theft of sensitive credentials and...
7.4AI Score
SUSE SLES15 / openSUSE 15 Security Update : frr (SUSE-SU-2023:4663-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4663-1 advisory. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow....
9.8CVSS
6.7AI Score
0.001EPSS
Scanning Danger: Unmasking the Threats of Quishing
Scanning Danger: Unmasking the Threats of Quishing By Shyava Tripathi and Rohan Shah · December 7, 2023 This blog was also written by Raghav Kapoor Phishing, a prevalent cybercrime worldwide, is responsible for as much as 90 percent of data breaches, making it a significant avenue for the theft...
7.4AI Score
PSA: Critical POP Chain Allowing Remote Code Execution Patched in WordPress 6.4.2
WordPress 6.4.2 was released today, on December 6, 2023. It includes a patch for a POP chain introduced in version 6.4 that, combined with a separate Object Injection vulnerability, could result in a Critical-Severity vulnerability allowing attackers to execute arbitrary PHP code on the site. We...
9.1AI Score
New Report: Unveiling the Threat of Malicious Browser Extensions
Compromising the browser is a high-return target for adversaries. Browser extensions, which are small software modules that are added to the browser and can enhance browsing experiences, have become a popular browser attack vector. This is because they are widely adopted among users and can easily....
7AI Score
New macOS Trojan-Proxy piggybacking on cracked software
Illegally distributed software historically has served as a way to sneak malware onto victims' devices. Oftentimes, users are not willing to pay for software tools they need, so they go searching the Web for a "free lunch". They are an excellent target for cybercriminals who realize that an...
7.7AI Score
Rocky Linux 8 : postgresql:13 (RLSA-2023:7581)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7581 advisory. IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a...
8.8CVSS
8.9AI Score
0.015EPSS
Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : PostgreSQL vulnerabilities (USN-6538-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6538-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving unknown-type arguments could...
8.8CVSS
9.3AI Score
0.015EPSS
The malware, attacker trends and more that shaped the threat landscape in 2023
The 2023 Cisco Talos Year in Review is now available to download. Once again, the Talos team has meticulously combed through a massive amount of data to analyze the major trends that have shaped the threat landscape in 2023. Global conflict influenced a lot of these trends, altering the tactics...
7AI Score
Imperva named an Overall Leader We're thrilled to share that Imperva has achieved the prestigious status of Overall Leader in the KuppingerCole Leadership Compass: API Security and Management report. Our Leadership excels across the sub-categories of Product, Innovation, and Market Leadership and.....
7.3AI Score
Bolstering API Security: Introducing Wallarm’s API Attack Surface Management (AASM)
In the fast-paced digital world, think of Application Programming Interfaces (APIs) as the threads that stitch together the fabric of our tech ecosystems. They're often overlooked, quietly ensuring that your apps communicate seamlessly and keep the digital world running smoothly. The majority of...
7.2AI Score
AlmaLinux 8 : postgresql:13 (ALSA-2023:7581)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7581 advisory. IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a...
8.8CVSS
8.9AI Score
0.015EPSS
CVE-2023-49103 - Critical Information Disclosure in ownCloud Graph API
Rapid7 is responding to CVE-2023-49103, an unauthenticated information disclosure vulnerability impacting ownCloud. Background ownCloud is a file sharing platform designed for enterprise environments. On November 21, 2023, ownCloud disclosed CVE-2023-49103, an unauthenticated information...
9.8CVSS
8.4AI Score
0.941EPSS
U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) on Thursday sanctioned the North Korea-linked adversarial collective known as Kimsuky as well as eight foreign-based agents who are alleged to have facilitated sanctions evasion. The agents, the Treasury said, helped in.....
7.2AI Score
Oracle Linux 8 : postgresql:13 (ELSA-2023-7581)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7581 advisory. PostgreSQL Project reports: Documentation says the pg_cancel_backend role cannot signal a backend owned by a superuser. On...
8.8CVSS
8.9AI Score
0.015EPSS
Apache Superset Authorization Issues Vulnerability (CNVD-2023-9666047)
Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. An authorization issue vulnerability exists in Apache Superset versions prior to 2.1.2 that stems from the presence of incorrect authorization checks. An attacker could exploit this...
8.8CVSS
7.1AI Score
0.005EPSS
Apache Superset Input Validation Error Vulnerability (CNVD-2023-9666130)
Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. An input validation error vulnerability exists in Apache Superset versions prior to 3.0.0. The vulnerability stems from the presence of improper input validation, which can be exploited by an...
5.4CVSS
6.4AI Score
0.001EPSS
Apache Superset Cross-Site Scripting Vulnerability (CNVD-2023-9665948)
Apache Superset is a data visualization and data exploration platform from the Apache (USA) Foundation. A cross-site scripting vulnerability exists in Apache Superset versions prior to 2.1.2, which stems from the presence of incorrect payload validation and incorrect REST API response type issues.....
5.4CVSS
6AI Score
0.003EPSS
In any strategy aimed at combating cyber threats, the essential peace is the adequate regulation of possible frailties or susceptibility points. This concept embodies a broad spectrum of actions covering the spotting, categorizing, ranking, and rectification of possible risk areas within a digital....
7.8AI Score
Maintaining a secure and optimized digital environment allows new ideas to flourish wherever they occur. In the modern workplace, where devices and locations are no longer fixed, Microsoft Intune eases the task of managing and protecting the endpoints of businesses everywhere. It helps secure...
7.3AI Score
Maintaining a secure and optimized digital environment allows new ideas to flourish wherever they occur. In the modern workplace, where devices and locations are no longer fixed, Microsoft Intune eases the task of managing and protecting the endpoints of businesses everywhere. It helps secure...
7.3AI Score
HERNDON, VA., Nov. 28, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, announced a strategic partnership with ICS Arabia, a front-runner in the development of Smart Cities and Digital Infrastructure in the Kingdom of Saudi Arabia and the Middle East. This partnership heralds a...
7.2AI Score
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what's suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named "hrserv.dll," exhibits "sophisticated features such as custom...
7.8AI Score
Linux kernel competitive conditions issue vulnerability (CNVD-2024-1477122)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel suffers from a Competitive Conditions Issue vulnerability, which stems from the presence of a competitive condition that could cause a local user to cause a system.....
4.7CVSS
6.1AI Score
0.0004EPSS
A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on the...
7CVSS
7.6AI Score
0.0004EPSS
N. Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
A North Korean state-sponsored threat actor tracked as Diamond Sleet is distributing a trojanized version of a legitimate application developed by a Taiwanese multimedia software developer called CyberLink to target downstream customers via a supply chain attack. "This malicious file is a...
9.8CVSS
9.9AI Score
0.97EPSS
10CVSS
8.8AI Score
0.941EPSS
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4495-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving...
8.8CVSS
8.5AI Score
0.015EPSS
What Is Network Security Management?
At the Heart of The Matter: Unraveling Essential Elements of Network Safeguard Administration in Digital Space The sphere of Online Network Safeguard Supervision presents a vast playground, humming with an abundance of methods, protocols, and modern-day tech tools. Together, their role is to...
8AI Score
Adobe ColdFusion Access Control Error Vulnerability
Adobe ColdFusion is the United States Odo than (Adobe) company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. An Access Control Error vulnerability exists in Adobe ColdFusion, which arises from the presence of...
7.5CVSS
6.5AI Score
0.003EPSS
Ubuntu 22.04 LTS / 23.04 / 23.10 : FRR vulnerabilities (USN-6498-1)
The remote Ubuntu 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6498-1 advisory. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow. (CVE-2023-38406) ...
9.8CVSS
6.7AI Score
0.001EPSS
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : postgresql14 (SUSE-SU-2023:4479-1)
The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4479-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving...
8.8CVSS
8.5AI Score
0.015EPSS
Dominating an imperative role in boosting the so-called 'efficiency quotient' within a networking system is the Quality of Service or QoS. Let's dive in and explore the crucial components that make QoS pivotal. In essence, QoS is a blend of a multitude of methodologies and hi-tech devices,...
7.9AI Score
Intel Graphics Drivers November 2023 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® Graphics drivers, which might allow escalation of privilege, denial of service and information disclosure. Intel is releasing software updates to mitigate these potential vulnerabilities. Intel has released updates to...
7.8CVSS
7.3AI Score
0.0004EPSS
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and...
7.8CVSS
7.7AI Score
0.214EPSS
A deep dive into Phobos ransomware, recently deployed by 8Base group
Cisco Talos has recently observed an increase in activity conducted by 8Base, a ransomware group that uses a variant of the Phobos ransomware and other publicly available tools to facilitate their operations. Most of the group's Phobos variants are distributed by SmokeLoader, a backdoor trojan....
7.4AI Score
27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts
An unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial gain. The 27...
7.6AI Score
Fortinet FortiClient Path Traversal Vulnerability (CNVD-2023-98182)
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A path traversal vulnerability exists in Fortinet...
7.8CVSS
6.9AI Score
0.001EPSS
Fortinet FortiEDR Access Control Error Vulnerability (CNVD-2023-98184)
Fortinet FortiEDR is an endpoint security solution built from the ground up by Fortinet. An Access Control Error vulnerability exists in Fortinet FortiEDR Collector Windows that stems from the presence of improper access controls in the application. A local attacker could exploit the vulnerability....
5.5CVSS
6.6AI Score
0.0004EPSS
SUSE SLES15 / openSUSE 15 Security Update : postgresql12 (SUSE-SU-2023:4454-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4454-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving unknown-type arguments...
8.8CVSS
8.5AI Score
0.015EPSS
SUSE SLES15 / openSUSE 15 Security Update : postgresql13 (SUSE-SU-2023:4455-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4455-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving unknown-type arguments...
8.8CVSS
8.5AI Score
0.015EPSS
kernel security, bug fix, and enhancement update
[4.18.0-513.5.1_9.OL8] - Update Oracle Linux certificates (Kevin Lyons) - Disable signing for aarch64 (Ilya Okomin) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] - Conflict with...
8.8CVSS
8AI Score
EPSS
Fortinet FortiClient Hardcoding Vulnerability
Fortinet FortiClient is a mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. A hard-coded vulnerability exists in Fortinet FortiClient....
5.5CVSS
7AI Score
0.0004EPSS
What is a Network Management Station (NMS) ?
The Bedrock of the Network Coordination Hub (NCH) Delving into the substantial domain of digital networks, the Network Coordination Hub (NCH) is unveiled as a critical component ensuring fluid network operations. Let us unravel this concept - an NCH signifies a control console employed for...
7.2AI Score
FREE Cybersecurity Education Courses
Navigating the nuanced realm of digital defense doesn't need to feel like a herculean task. This section aims to shed light on the intricacies of digital defense and aid you in leveraging freely available Cybersecurity Learning Programs. Deciphering Digital Defense Digital defense, also referred...
7.5AI Score
SUSE SLES12 Security Update : postgresql12 (SUSE-SU-2023:4433-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4433-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving unknown-type arguments could disclose...
8.8CVSS
8.6AI Score
0.015EPSS
SUSE SLES12 Security Update : postgresql13 (SUSE-SU-2023:4434-1)
The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4434-1 advisory. PostgreSQL Project reports: Certain aggregate function calls receiving unknown-type arguments could disclose...
8.8CVSS
8.6AI Score
0.015EPSS
Advanced threat predictions for 2024
Advanced persistent threats (APTs) are the most dangerous threats, as they employ complex tools and techniques, and often are highly targeted and hard to detect. Amid the global crisis and escalating geopolitical confrontations, these sophisticated cyberattacks are even more dangerous, as there is....
9.8CVSS
8.7AI Score
0.123EPSS
(RHSA-2023:7022) Moderate: tang security and bug fix update
Tang is a server for binding data to network presence. It includes a daemon which provides cryptographic operations for binding to a remote service. The tang package provides the server side of the Network Bound Disk Encryption (NBDE) project. Security Fix(es): tang: Race condition exists in the...
6.6AI Score
0.001EPSS