Smarthome,HiAPP,HwParentControl,HwParentControlParent,Crowdtest,HiWallet,Huawei Pay,Skytone,HwCloudDrive(EMUI6.0),HwPhoneFinder Security Vulnerabilities

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-1585)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of...

EulerOS 2.0 SP10 : libuv (EulerOS-SA-2024-1572)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...

EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2024-1600)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

EulerOS 2.0 SP10 : python-cryptography (EulerOS-SA-2024-1576)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1579)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response....

EulerOS 2.0 SP10 : kernel (EulerOS-SA-2024-1570)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we...

EulerOS 2.0 SP10 : golang (EulerOS-SA-2024-1589)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not...

EulerOS 2.0 SP10 : glusterfs (EulerOS-SA-2024-1566)

According to the versions of the glusterfs packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use- after-free. (CVE-2022-48340) Note...

EulerOS 2.0 SP10 : libuv (EulerOS-SA-2024-1594)

According to the versions of the libuv package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libuv is a multi-platform support library with a focus on asynchronous I/O. The uv_getaddrinfo function in src/unix/getaddrinfo.c (and its...

EulerOS 2.0 SP10 : graphviz (EulerOS-SA-2024-1568)

According to the versions of the graphviz package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Graphviz 2.36.0 through 9.x before 10.0.1 has an out-of-bounds read via a crafted config6a file. NOTE: exploitability may be uncommon because...

EulerOS 2.0 SP10 : ghostscript (EulerOS-SA-2024-1565)

According to the versions of the ghostscript packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a...

EulerOS 2.0 SP10 : python-cryptography (EulerOS-SA-2024-1599)

According to the versions of the python-cryptography package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid...

EulerOS 2.0 SP10 : python-pillow (EulerOS-SA-2024-1577)

According to the versions of the python-pillow package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than...

EulerOS 2.0 SP10 : dnsmasq (EulerOS-SA-2024-1584)

According to the versions of the dnsmasq package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Certain DNSSEC aspects of the DNS protocol (in RFC 4033, 4034, 4035, 6840, and related RFCs) allow remote attackers to cause a denial of...

EulerOS 2.0 SP10 : libxml2 (EulerOS-SA-2024-1595)

According to the versions of the libxml2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and...

EulerOS 2.0 SP10 : expat (EulerOS-SA-2024-1586)

According to the versions of the expat package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. (CVE-2023-52426) Note that Tenable...

EulerOS 2.0 SP10 : openssl (EulerOS-SA-2024-1575)

According to the versions of the openssl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack...

EulerOS 2.0 SP10 : shim (EulerOS-SA-2024-1602)

According to the versions of the shim package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response....

EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2024-1571)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libtiff 4.5.0 is vulnerable to Buffer Overflow via /libtiff/tools/tiffcrop.c:8499. Incorrect updating of buffer size after rotateImage() in...

Desperate Taylor Swift fans defrauded by ticket scams

Ticket scams are very common and apparently hard to stop. When there are not nearly enough tickets for some concerts to accommodate all the fans that desperately want to be there, it makes for ideal hunting grounds for scammers. With a ticket scam, you pay for a ticket and you either don’t receive....

Rapid7 Signs 100% Talent Compact with Boston Women’s Workforce Council

The effort aims to help close gender and racial pay gaps Rapid7 is proud to announce their signing of the 100% Talent Compact through the Boston Women’s Workforce Council (BWWC). The Talent Compact is a collective effort among the Boston Mayor and local employers to close the gender and racial...

State of ransomware in 2024

Ransomware attacks continue to be one of the biggest contemporary cybersecurity threats, affecting organizations and individuals alike on a global scale. From high-profile breaches in healthcare and industrial sectors – compromising huge volumes of sensitive data or halting production entirely –...

U.S. Charges Russian Man as Boss of LockBit Ransomware Group

The United States joined the United Kingdom and Australia today in sanctioning 31-year-old Russian national Dmitry Yuryevich Khoroshev as the alleged leader of the infamous ransomware group LockBit. The U.S. Department of Justice also indicted Khoroshev and charged him with using Lockbit to attack....

Financial cyberthreats in 2023

Money is what always attracts cybercriminals. A significant share of scam, phishing and malware attacks is about money. With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets,...

Psychotherapy practice hacker gets jail time after extorting patients, publishing personal therapy notes online

On October 30, 2020, I started a article with the words: “Hell is too nice a place for these people.” The subject of this outrage focused on the cybercriminals behind an attack on Finnish psychotherapy practice Vastaamo. Because it was a psychotherapy practice, the records contained extremely...

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims. Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group...

Vulnerabilities in employee management system could lead to remote code execution, login credential theft

Cisco Talos' Vulnerability Research team has disclosed more than a dozen vulnerabilities over the past three weeks, five in a device that allows employees to check in and out of their shifts, and another that exists in an open-source library used in medical device imaging files. The Peplink Smart.....

Wireless carriers fined $200 million after illegally sharing customer location data

After four years of investigation, the Federal Communications Commission (FCC) has concluded that four of the major wireless carriers in the US violated the law in sharing access to customers’ location data. The FCC fined AT&T, Sprint, T-Mobile, and Verizon a total of almost $200 million for...

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients. On October 21, 2020, the Vastaamo...

Kaiser health insurance leaked patient data to advertisers

Health insurance giant Kaiser has announced it will notify millions of patients about a data breach after sharing patients’ data with advertisers. Kaiser said that an investigation led to the discovery that “certain online technologies, previously installed on its websites and mobile applications,....

A week in security (April 22 – April 28)

Last week on Malwarebytes Labs: Ring agrees to pay $5.6 million after cameras were used to spy on customers TikTok comes one step closer to a US ban Google ad for Facebook redirects to scam "Substantial proportion" of Americans may have had health and personal data stolen in Change Healthcare...

The Bug Report - April 2024 Edition

The Bug Report - April 2024 Edition By Jonathan Omakun and Tobi Olawale· April 29, 2024 Why am I here? Just when you thought it was safe to go back into the digital waters, out pops another series of rogue waves in the form of CVEs! It's like that beach vacation you planned to get away from it...

RHEL 7 : sensu (RHSA-2018:1112)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1112 advisory. Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Security Fix(es): * Sensu's redaction function fails to handle the...

RHEL 7 : sensu (RHSA-2018:0616)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0616 advisory. Sensu is a monitoring framework that aims to be simple, malleable, and scalable. Security Fix(es): * sensu: Password exposure in warn level log when...

Ring agrees to pay $5.6 million after cameras were used to spy on customers

Amazon's Ring has settled with the Federal Trade Commission (FTC) over charges that the company allowed employees and contractors to access customers' private videos, and failed to implement security protections which enabled hackers to take control of customers’ accounts, cameras, and videos. The....

Security Advisory - Connection Hijacking Vulnerability in Some Huawei Home Routers

A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of this vulnerability may cause DoS or information leakage.(Vulnerability ID:HWPSIRT-2023-34408) This vulnerability has been assigned a...

RHEL 6 : qemu-kvm-rhev (RHSA-2017:1441)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1441 advisory. KVM (Kernel-based Virtual Machine) is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages...

Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery

Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to research....

A week in security (April 15 – April 21)

Last week on Malwarebytes Labs: Law enforcement reels in phishing-as-a-service whopper Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million Cannabis investment scam JuicyFields ends in 9 arrests Should you share your location with your partner? Giant Tiger.....

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1532)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for sqlite (EulerOS-SA-2024-1536)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1534)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2024-1537)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1559)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1529)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for python-jinja2 (EulerOS-SA-2024-1554)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1540)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for ncurses (EulerOS-SA-2024-1551)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for pam (EulerOS-SA-2024-1553)

The remote host is missing an update for the Huawei...

Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1545)

The remote host is missing an update for the Huawei...