SINUMERIK 808D V4.7, SINUMERIK 808D V4.8, SINUMERIK 828D V4.7, SINUMERIK 840D Sl V4.7, SINUMERIK 840D Sl V4.8 Security Vulnerabilities

RHEL 9 : libreoffice (RHSA-2023:6508)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:6508 advisory. libreoffice: Empty entry in Java class path (CVE-2022-38745) libreoffice: Array index underflow in Calc formula parsing (CVE-2023-0950) ...

Mageia: Security Advisory (MGASA-2023-0309)

The remote host is missing an update for...

Mageia: Security Advisory (MGASA-2023-0308)

The remote host is missing an update for...

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion, with almost half....

Rocky Linux 9 : libreoffice (RLSA-2023:0304)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:0304 advisory. An Improper Certificate Validation vulnerability in LibreOffice existed where determining if a macro was signed by a trusted author was done by...

Amazon Linux 2023 : compat-libpthread-nonshared, glibc, glibc-all-langpacks (ALAS2023-2023-407)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-407 advisory. A flaw was found in the GNU C Library. A recent fix for CVE-2023-4806 introduced the potential for a memory leak, which may result in an application crash. (CVE-2023-5156) Note that Nessus has not...

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users

It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with mods that offer sought-after features besides aesthetic upgrades. Unfortunately, some of these mods contain...

Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 : Thunderbird vulnerabilities (USN-6468-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS / 23.04 / 23.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6468-1 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to...

Thunderbird vulnerabilities

Releases Ubuntu 23.10 Ubuntu 23.04 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages thunderbird - Mozilla Open Source mail and newsgroup client Details Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an...

Debian: Security Advisory (DLA-3637-1)

The remote host is missing an update for the...

Firefox vulnerabilities

Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive...

Debian: Security Advisory (DLA-3632-1)

The remote host is missing an update for the...

Ubuntu 20.04 LTS : Firefox vulnerabilities (USN-6456-1)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6456-1 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...

Debian: Security Advisory (DSA-5538-1)

The remote host is missing an update for the...

[SECURITY] [DLA 3637-1] thunderbird security update

Debian LTS Advisory DLA-3637-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 29, 2023 https://wiki.debian.org/LTS Package : thunderbird Version : 1:115.4.1-1~deb10u1 CVE...

Debian DLA-3637-1 : thunderbird - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3637 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay....

[SECURITY] [DSA 5538-1] thunderbird security update

Debian Security Advisory DSA-5538-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 27, 2023 https://www.debian.org/security/faq Package : thunderbird CVE ID : CVE-2023-5721 CVE-2023-5724...

Debian DSA-5538-1 : thunderbird - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5538 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...

[SECURITY] [DLA 3632-1] firefox-esr security update

Debian LTS Advisory DLA-3632-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort October 27, 2023 https://wiki.debian.org/LTS Package : firefox-esr Version : 115.4.0esr-1~deb10u1 CVE...

A cascade of compromise: unveiling Lazarus’ new campaign

Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What's remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor's systems continued to use the...

Debian DLA-3632-1 : firefox-esr - LTS security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3632 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient activation-delay....

How to catch a wild triangle

In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform (KUMA) SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern...

Debian: Security Advisory (DSA-5535-1)

The remote host is missing an update for the...

[SECURITY] [DSA 5535-1] firefox-esr security update

Debian Security Advisory DSA-5535-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2023 https://www.debian.org/security/faq Package : firefox-esr CVE ID : CVE-2023-5721 CVE-2023-5724...

Debian DSA-5535-1 : firefox-esr - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5535 advisory. It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an insufficient...

Stealer for PIX payment system, new Lumar stealer and Rhysida ransomware

Introduction As a cybersecurity company, Kaspersky is constantly dealing with known and brand-new malware samples. As part of our crimeware reporting service, we provide our customers with technical reports on the evolution of existing crimeware families, as well as newly emerging ones. In this...

The outstanding stealth of Operation Triangulation

Introduction In our previous blogpost on Triangulation, we discussed the details of TriangleDB, the main implant used in this campaign, its C2 protocol and the commands it can receive. We mentioned, among other things, that it is able to execute additional modules. We also mentioned that this...

Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4278-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4278-2 advisory. A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This...

Exploit for OS Command Injection in Hikvision Ds-2Cd2026G2-Iu/Sl Firmware

hikvision_brute Brute Hikvision CAMS with CVE-2021-36260...

Ubuntu 16.04 LTS / 18.04 LTS : Thunderbird vulnerabilities (USN-4150-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4150-1 advisory. Encrypted S/MIME parts in a crafted multipart/alternative message can leak plaintext when included in a a HTML reply/forward. This...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox regressions (USN-4234-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4234-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3896-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3896-1 advisory. An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a...

Ubuntu 18.04 LTS : Firefox regressions (USN-4278-3)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4278-3 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4020-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4020-1 advisory. A type confusion vulnerability can occur when manipulating JavaScript objects due to issues in Array.pop. This can allow for an exploitable crash....

Ubuntu 18.04 LTS : Thunderbird vulnerabilities (USN-4202-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4202-1 advisory. A crafted S/MIME message consisting of an inner encryption layer and an outer SignedData layer was shown as having a valid digital signature,...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox regression (USN-4122-2)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4122-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Ubuntu 16.04 LTS : Firefox vulnerabilities (USN-4216-2)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4216-2 advisory. When encrypting with a block cipher, if a call to NSC_EncryptUpdate was made with data smaller than the block size, a small out of bounds write...

Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerability (USN-4032-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4032-1 advisory. Insufficient vetting of parameters passed with the Prompt:Open IPC message between child and parent processes can result in the non-sandboxed...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3919-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3919-1 advisory. Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and...

Money-making scripts attack organizations

In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims' devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal...

Social Feed <= 2.2.0 - Reflected XSS

Description The plugin does not sanitise and escape some parameters before outputting them back in the page, leading to Reflected Cross-Site Scripting which could be used against high privilege users such as...

A hack in hand is worth two in the bush

The ongoing conflict between Israel and Hamas has also extended into the digital domain. The involvement of hackers highlights the evolving nature of warfare in the 21st century, where traditional military operations are complemented by sophisticated cyber tactics, and where the boundaries between....

ChatGPT at work: how chatbots help employees, but threaten business

Workhorse Only a few months ago, ChatGPT and other chatbots based on large language models (LLMs) were still a novelty. Users enjoyed using them to compose poems and lyrics in the style of famous artists (which left Nick Cave, for example, decidedly unimpressed), researchers debated blowing up...

ToddyCat: Keep calm and check logs

ToddyCat is an advanced APT actor that we described in a previous publication last year. The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Our first publication was focused on their main tools,.....

glibc security update

[2.28-225.0.4.6] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode. - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet (RHEL-2435). - CVE-2023-4813: work around RHEL-8 limitation in test (RHEL-2435). Reviewed by: Jose...

glibc security update

[2.34-60.0.3.7] - CVE-2023-4527: Stack read overflow in getaddrinfo in no-aaa mode (#2234716). - CVE-2203-4806: potential use-after-free in getaddrinfo. - CVE-2023-4813: potential use-after-free in gaih_inet. Reviewed by: Jose E. Marchesi [2.34-60.0.3] - CVE-2023-4911: tunables: Terminate...

Oracle Linux 9 : glibc (ELSA-2023-12873)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12873 advisory. A flaw was found in glibc. In an extremely rare situation, the getaddrinfo function may access memory that has been freed, resulting in an...

Oracle Linux 8 : glibc (ELSA-2023-12872)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12872 advisory. A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application...

Ubuntu 20.04 LTS : Firefox regressions (USN-6404-2)

The remote Ubuntu 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6404-2 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version...

Firefox regressions

Releases Ubuntu 20.04 LTS Packages firefox - Mozilla Open Source web browser Details USN-6404-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security...