NewStart CGSL MAIN 6.06 : kernel Multiple Vulnerabilities (NS-SA-2023-0083)
The remote NewStart CGSL host, running version MAIN 6.06, has kernel packages installed that are affected by multiple vulnerabilities: When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds. (CVE-2021-33655) When setting font with...
8.8CVSS
9.4AI Score
EPSS
K000138050 : Apache Tomcat vulnerability CVE-2023-41081
Security Advisory Description Important: Authentication Bypass CVE-2023-41081 The mod_jk component of Apache Tomcat Connectors in some circumstances, such as when a configuration included "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied....
7.5CVSS
6.8AI Score
0.001EPSS
Carbanak Banking Malware Resurfaces with New Ransomware Tactics
The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took...
7.8CVSS
7.5AI Score
0.026EPSS
Welcome to another installment of This Week in Spring! It's December 26th, 2023, and we're staring down the new year! And you know what that means, right? It's time for our annual roundup, looking at all the latest and greatest in the wild and wonderful world of Springdom. This is This Year in...
7.1AI Score
All In One WP Security < 5.2.5 - Protection Bypass of Renamed Login Page via URL Encoding
Description The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to protection bypass on the login page in all versions up to and including 5.2.4. This makes it possible for unauthenticated attackers to visit the login page in cases where it has been renamed by....
7.1AI Score
0.0004EPSS
MetaHub is an automated contextual security findings enrichment and impact evaluation tool for vulnerability management. You can use it with AWS Security Hub or any ASFF-compatible security scanner. Stop relying on useless severities and switch to impact scoring definitions based on YOUR context......
7AI Score
A week in security (December 18 – December 24)
Last week on Malwarebytes Labs: Comcast’s Xfinity breached by Citrix Bleed; 36 million customer’s data accessed How does ThreatDown Vulnerability Assessment and Patch Management work? How Outlook notification sounds can lead to zero-click exploits Update Chrome now! Emergency update patches...
7.3AI Score
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.38 before 3.7.39, 3.10.0 through 3.11.26 before 3.11.27, 4.0 through 4.3.21 before 4.3.22, and 4.4.0 through 4.6.8 before 4.6.9. An administrator with write access to the SNS firewall can configure a login disclaimer...
6.7AI Score
0.0004EPSS
Fedora: Security Advisory for libssh (FEDORA-2023-0733306be9)
The remote host is missing an update for...
5.9CVSS
6.6AI Score
0.963EPSS
Securely Build AI/ML Applications in the Cloud with Rapid7 InsightCloudSec
It’s been little over a year since ChatGPT was released, and oh how much has changed. Advancements in Artificial Intelligence and Machine Learning have marked a transformative era, influencing virtually every facet of our lives. These innovative technologies have reshaped the landscape of natural.....
6.9AI Score
Malicious code in tata-play-web (npm)
-= Per source details. Do not edit below this line.=- Source: ossf-package-analysis (867763daffba0b82c690fe9281aba9d22b6e1610b024ef7ee0fbf233160d8a36) The OpenSSF Package Analysis project identified 'tata-play-web' @ 2.0.0 (npm) as malicious. It is considered malicious because: The package...
7.1AI Score
[SECURITY] Fedora 39 Update: libssh-0.10.6-1.fc39
The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...
5.9CVSS
6.6AI Score
0.963EPSS
The 2023 Wordfence Holiday Bug Extravaganza Reaches An Exciting Conclusion!
After an incredibly successful few weeks, the Wordfence Holiday Bug Extravaganza came to a close yesterday. We’d like to sincerely thank everyone who spent time researching, finding, and submitting vulnerabilities. Your efforts have helped to make the WordPress community and the web safer. Many...
7.7AI Score
Summary Golang's x/net, x/crypto and x/text are used by IBM Storage Fusion HCI for networking, cryptography and internationalization. Vulnerabilities in these libraries include Inconsistent Interpretation of HTTP Requests, Uncontrolled Recursion, and Missing Release of Resource that could lead to.....
7.5CVSS
7.2AI Score
0.003EPSS
Shifting from reCAPTCHA to hCaptcha
We are adding another CAPTCHA vendor and helping our customers migrate from Google's reCAPTCHA to hCaptcha. Why We Are Making This Change We continuously evaluate our security measures to ensure they align with the evolving landscape of threats. After carefully evaluating several different...
7.2AI Score
Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication
Cybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon variant excels in...
7.2AI Score
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 16 vulnerabilities disclosed in 16 WordPress Plugins and no WordPress themes that have been added to the Wordfence...
9.8CVSS
7.8AI Score
0.935EPSS
Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices
John Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information about the financial.....
6.7AI Score
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access...
5.3CVSS
0.0005EPSS
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access...
5.3CVSS
5.3AI Score
0.0005EPSS
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access...
5.3CVSS
7.2AI Score
0.0005EPSS
It seems like it was just yesterday that we were in Las Vegas for AWS Re:Invent, but it’s already been almost two weeks since the conference wrapped up. As is always the case, AWS unveiled a host of new services throughout the week, including advancements around serverless, artificial intelligence....
7.6AI Score
4 Best War Games You Should Play
By Owais Sultan Online gaming is a luxury, especially if you are interested in strategic war games. So, here are the… This is a post from HackRead.com Read the original post: 4 Best War Games You Should...
7.3AI Score
An issue was discovered in Stormshield Network Security (SNS) 3.7.0 through 3.7.39, 3.11.0 through 3.11.27, 4.3.0 through 4.3.22, 4.6.0 through 4.6.9, and 4.7.0 through 4.7.1. It's possible to know if a specific user account exists on the SNS firewall by using remote access...
5.6AI Score
0.0005EPSS
FBI issues advisory over Play ransomware
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) have released a joint Cybersecurity Advisory (CSA) about Play ransomware. According to the FBI, Play made around 300.....
7.7AI Score
FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool
The U.S. Justice Department (DoJ) has officially announced the disruption of the BlackCat ransomware operation and released a decryption tool that more than 500 affected victims can use to regain access to files locked by the malware. Court documents show that the U.S. Federal Bureau of...
6.9AI Score
Play Ransomware A Global Threat Impacting Businesses
Summary: The Play ransomware group, active since June 2022, employs a double-extortion model, impacting businesses globally. Utilizing legitimate tools for malicious activities, the group has affected approximately 300 entities. Threat Level - Red | Attack Report For a detailed threat advisory,...
7.2AI Score
Mitsubishi Electric MELSEC iQ-R, Q and L Series (Update D)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q, and L Series Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a...
7.5CVSS
7.7AI Score
0.003EPSS
Are We Ready to Give Up on Security Awareness Training?
Some of you have already started budgeting for 2024 and allocating funds to security areas within your organization. It is safe to say that employee security awareness training is one of the expenditure items, too. However, its effectiveness is an open question with people still engaging in...
6.8AI Score
Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide
The threat actors behind the Play ransomware are estimated to have impacted approximately 300 entities as of October 2023, according to a new joint cybersecurity advisory from Australia and the U.S. "Play ransomware actors employ a double-extortion model, encrypting systems after exfiltrating data....
9.8CVSS
7.8AI Score
0.973EPSS
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending...
9.1CVSS
7.5AI Score
0.001EPSS
K000137969 : OpenSSL vulnerability CVE-2023-3817
Security Advisory Description Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or...
5.3CVSS
6.9AI Score
0.003EPSS
K000137965 : Apache Tomcat vulnerability CVE-2023-45648
Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid...
5.3CVSS
6.8AI Score
0.002EPSS
K000137966 : Apache Tomcat vulnerability CVE-2023-42794
Security Advisory Description Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in progress refactoring that exposed a potential denial of service on Windows....
5.9CVSS
6.6AI Score
0.0004EPSS
We Asked ChatGPT for 2024 Cybersecurity Predictions but You Should Make These Resolutions Instead
By Caitlin Condon, Senior Manager, Vulnerability Research at Rapid7, and Christiaan Beek, Senior Director, Threat Analytics at Rapid7 It’s that time of year again — time for the annual tradition of cybersecurity predictions. Here at Rapid7 we’ve seen a whole lot of threats and exploited...
7.3AI Score
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components (e.g., framework libraries) that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details ** CVEID: CVE-2023-26049 DESCRIPTION: **Eclipse Jetty could allow a remote authenticated...
10CVSS
10AI Score
0.964EPSS
Security Bulletin: An Eclipse Jetty vulnerability affects IBM Rational Functional Tester
Summary There are multiple vulnerabilities in Eclipse Jetty used by Rational Functional Tester. Rational Functional Tester has addressed the applicable CVEs. Vulnerability Details ** CVEID: CVE-2023-41900 DESCRIPTION: **Eclipse Jetty could allow a remote authenticated attacker to bypass security...
5.3CVSS
7.1AI Score
0.001EPSS
#StopRansomware: Play Ransomware
Actions to take today to mitigate cyber threats from Play ransomware: Prioritize remediating known exploited vulnerabilities. Enable multifactor authentication (MFA) for all services to the extent possible, particularly for webmail, VPN, and accounts that access critical systems. Regularly patch...
9.8CVSS
7.5AI Score
0.973EPSS
K000137926 : Apache Tomcat vulnerability CVE-2023-46589
Security Advisory Description Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.1.15, from 9.0.0-M1 through 9.0.82 and from 8.5.0 through 8.5.95 did not correctly parse HTTP trailer headers. A trailer header that exceeded...
7.5CVSS
6.8AI Score
0.005EPSS
K000137940 : Multiple Oracle MySQL vulnerabilities
Security Advisory Description CVE-2023-22015 Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.42 and prior and 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network...
4.9CVSS
6AI Score
0.0004EPSS
Denial of Service and Malicious Code Execution Vulnerability exists in DHCP client function of VxWorks version 6.4, a real-time OS distributed by Wind River. A remote attacker may cause a denial of service (DoS) condition or execute malicious code on a target product by sending specially crafted...
9.8CVSS
7.6AI Score
0.006EPSS
Chrome starts the countdown to the end of tracking cookies
Google has announced that it will start rolling its Chrome web browser's new Tracking Protection feature from January of 2024. Tracking Protection is part of Google’s Privacy Sandbox initiative to phase out third-party cookies. The Tracking Protection feature aims to disable third-party cookies...
7.1AI Score
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server
Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server (“Perforce Server”), a source code management platform largely used in the videogame industry and by multiple...
9.8CVSS
9.2AI Score
0.001EPSS
Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server
Microsoft discovered, responsibly disclosed, and helped remediate four vulnerabilities that could be remotely exploited by unauthenticated attackers in Perforce Helix Core Server (“Helix Core Server”), a source code management platform largely used in the videogame industry and by multiple...
9.8CVSS
10AI Score
0.001EPSS
Summary Eclipse Jetty is used by the IBM Storage Protect Server and may be vulnerable to these attacks. Vulnerability Details ** CVEID: CVE-2023-40167 DESCRIPTION: **Jetty is vulnerable to HTTP request smuggling, caused by improper parsing of the HTTP/1 request header. By sending a specially...
7.5CVSS
7.9AI Score
0.004EPSS
Summary IBM Cloud Pak for Network Automation 2.6.4 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details ** CVEID: CVE-2023-4527 DESCRIPTION: **glibc is vulnerable to a stack-based buffer overflow, caused by improper bounds checking by the getaddrinfo function....
9.8CVSS
10AI Score
0.014EPSS
New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks
A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen...
9.8CVSS
9.5AI Score
0.135EPSS
New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now
Multiple security vulnerabilities have been discovered in the open-source Netgate pfSense firewall solution called pfSense that could be chained by an attacker to execute arbitrary commands on susceptible appliances. The issues relate to two reflected cross-site scripting (XSS) bugs and one...
8.8CVSS
8AI Score
0.001EPSS
K000137931 : Apache Struts vulnerability CVE-2023-50164
Security Advisory Description An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. Users are recommended to upgrade to versions Struts 2.5.33 or Struts...
9.8CVSS
7.1AI Score
0.09EPSS
Wordfence CLI 2.1.0 Adds Email Capability and Unattended Configuration
Note: This post refers to Wordfence CLI, the command line tool for operations teams to rapidly scan large numbers of WordPress websites for vulnerabilities and malware, not the Wordfence plugin which is deeply integrated into WordPress and provides additional functionality, like a firewall,...
7.4AI Score