Microsoft Uncovers 'Moonstone Sleet' — New North Korean Hacker Group
A never-before-seen North Korean threat actor codenamed Moonstone Sleet has been attributed as behind cyber attacks targeting individuals and organizations in the software and information technology, education, and defense industrial base sectors with ransomware and bespoke malware previously...
7.4AI Score
The AppPresser plugin for WordPress is vulnerable to improper missing encryption exception handling on the 'decrypt_value' and on the 'doCookieAuth' functions in all versions up to, and including, 4.3.2. This makes it possible for unauthenticated attackers to log in as any existing user on the...
8.1CVSS
6.8AI Score
0.001EPSS
EulerOS Virtualization 2.11.1 : bind (EulerOS-SA-2024-1712)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...
7.5CVSS
7.3AI Score
0.05EPSS
EulerOS Virtualization 2.11.0 : kernel (EulerOS-SA-2024-1735)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...
8CVSS
7.2AI Score
EPSS
EulerOS Virtualization 2.11.0 : bind (EulerOS-SA-2024-1723)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : To keep its cache database efficient, named running as a recursive resolver occasionally attempts to clean up the database. It...
7.5CVSS
7.4AI Score
0.05EPSS
EulerOS Virtualization 2.11.1 : kernel (EulerOS-SA-2024-1734)
According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation...
8CVSS
7.2AI Score
EPSS
pcTattletale spyware leaks database containing victim screenshots, gets website defaced
The idea behind the software is simple. When the spying party installs the stalkerware, they grant permission to record what happens on the targeted Android or Windows device. The observer can then log in on an online portal and activate recording, at which point a screen capture is taken on the...
7.2AI Score
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...
8.6CVSS
8.3AI Score
0.945EPSS
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...
CVE-2024-24919 Information disclosure
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...
8.6CVSS
8.4AI Score
0.945EPSS
CVE-2024-24919 Information disclosure
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is...
8.6CVSS
8.3AI Score
0.945EPSS
Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks
Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and...
7.7AI Score
Pyrit - The Famous WPA Precomputed Cracker
Pyrit allows you to create massive databases of pre-computed WPA/WPA2-PSK authentication phase in a space-time-tradeoff. By using the computational power of Multi-Core CPUs and other platforms through ATI-Stream,Nvidia CUDA and OpenCL, it is currently by far the most powerful attack against one of....
7.2AI Score
Lattice-Based Cryptosystems and Quantum Cryptanalysis
Quantum computers are probably coming, though we don't know when--and when they arrive, they will, most likely, be able to break our standard public-key cryptography algorithms. In anticipation of this possibility, cryptographers have been working on quantum-resistant public-key algorithms. The...
7.2AI Score
Trusted relationship attacks: trust, but verify
IT outsourcing market continues to demonstrate strong growth globally – such services are becoming increasingly popular. But along with the advantages, such as saved time and resources, delegating non-core tasks creates new challenges in terms of information security. By providing third-party...
7.8AI Score
7.4AI Score
0.0004EPSS
AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability
Talos Vulnerability Report TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability May 28, 2024 CVE Number CVE-2024-21785 SUMMARY A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E...
9.8CVSS
7.8AI Score
0.001EPSS
Oracle Linux 8 : libssh (ELSA-2024-3233)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3233 advisory. [0.9.6-14] - Fix CVE-2023-48795 Prefix truncation attack on Binary Packet Protocol (BPP) - Fix CVE-2023-6918 Missing checks for return values for...
8.8CVSS
8.3AI Score
0.962EPSS
Oracle Linux 8 : python39:3.9 / and / python39-devel:3.9 (ELSA-2024-2985)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2985 advisory. mod_wsgi [4.7.1-7] - Bump release for rebuild Resolves: rhbz#2213595 [4.7.1-6] - Remove rpath Resolves: rhbz#2213837 [4.7.1-5] - Core...
8.2CVSS
7.2AI Score
0.016EPSS
Oracle Linux 8 : container-tools:ol8 (ELSA-2024-2988)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2988 advisory. The crypto/tls package of Go through 1.16.5 does not properly assert that the type of public key in an X.509 certificate matches the expected type...
7.5CVSS
7.1AI Score
0.962EPSS
Amazon Linux 2023 : oci-add-hooks (ALAS2023-2024-632)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-632 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP...
5.3CVSS
7AI Score
0.001EPSS
Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. Recent assessments: remmons-r7 at May...
8.6CVSS
7.3AI Score
0.945EPSS
Oracle Linux 8 : python27:2.7 (ELSA-2024-2987)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2987 advisory. babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves:...
9.8CVSS
7.2AI Score
0.032EPSS
Talos Vulnerability Report TALOS-2024-1936 AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24851 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn...
7.5CVSS
7.8AI Score
0.0005EPSS
Expert Invoice <= 1.0.2 -Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. Navigate to Expert Invoice >...
5.2AI Score
0.0004EPSS
7.4AI Score
Expert Invoice <= 1.0.2 -Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
5.6AI Score
0.0004EPSS
Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2024-631)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-631 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP...
5.3CVSS
7AI Score
0.001EPSS
Releases Ubuntu 24.04 LTS Ubuntu 23.10 Ubuntu 22.04 LTS Ubuntu 20.04 LTS Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages jinja2 - small but fast and easy to use stand-alone template engine Details It was discovered that Jinja2 incorrectly handled certain HTML attributes that were...
5.4CVSS
6AI Score
0.0004EPSS
silverstripe/framework CSV Excel Macro Injection
In the CSV export feature of the CMS it's possible for the output to contain macros and scripts, which if imported without sanitisation into software (including Microsoft Excel) may be executed. In order to safeguard against this threat all potentially executable cell values exported from CSV will....
7.1AI Score
silverstripe/framework CSV Excel Macro Injection
In the CSV export feature of the CMS it's possible for the output to contain macros and scripts, which if imported without sanitisation into software (including Microsoft Excel) may be executed. In order to safeguard against this threat all potentially executable cell values exported from CSV will....
7.1AI Score
Moroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card Fraud
Microsoft is calling attention to a Morocco-based cybercrime group dubbed Storm-0539 that's behind gift card fraud and theft through highly sophisticated email and SMS phishing attacks. "Their primary motivation is to steal gift cards and profit by selling them online at a discounted rate," the...
7AI Score
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote...
7.2CVSS
7.4AI Score
0.001EPSS
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote...
7.2CVSS
7.9AI Score
0.001EPSS
CVE-2024-5403 ASKEY 5G NR Small Cell - Command Injection
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote...
7.2CVSS
8AI Score
0.001EPSS
CVE-2024-5403 ASKEY 5G NR Small Cell - Command Injection
ASKEY 5G NR Small Cell fails to properly filter user input for certain functionality, allowing remote attackers with administrator privilege to execute arbitrary system commands on the remote...
7.2CVSS
7.4AI Score
0.001EPSS
Pakistan-linked Hackers Deploy Python, Golang, and Rust Malware on Indian Targets
The Pakistan-nexus Transparent Tribe actor has been linked to a new set of attacks targeting Indian government, defense, and aerospace sectors using cross-platform malware written in Python, Golang, and Rust. "This cluster of activity spanned from late 2023 to April 2024 and is anticipated to...
7.6AI Score
Fedora: Security Advisory for git (FEDORA-2024-ecba8476e2)
The remote host is missing an update for...
9CVSS
6.9AI Score
0.001EPSS
Fedora: Security Advisory for nano (FEDORA-2024-93f31f5de6)
The remote host is missing an update for...
7.5AI Score
Fedora: Security Advisory for libfilezilla (FEDORA-2024-8401d42de6)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.002EPSS
IRZ Mobile Routers Cross-Site Request Forgery (CVE-2022-27226)
A CSRF issue in /api/crontab on iRZ Mobile Routers through 20.6.1 allows a threat actor to create a crontab entry in the router administration panel. The cronjob will consequently execute the entry on the threat actor's defined interval, leading to remote code execution, allowing the threat actor.....
8.8CVSS
9.2AI Score
0.073EPSS
Fedora: Security Advisory for git (FEDORA-2024-4c06645f07)
The remote host is missing an update for...
7.5AI Score
Fedora: Security Advisory for libfilezilla (FEDORA-2024-ff9a2fb31c)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.002EPSS
Fedora: Security Advisory for libfilezilla (FEDORA-2024-0489e7ba1e)
The remote host is missing an update for...
5.9CVSS
5.8AI Score
0.002EPSS
Fedora: Security Advisory for nano (FEDORA-2024-8abde32a6e)
The remote host is missing an update for...
7.5AI Score
mobile-university-anmeldung.de Cross Site Scripting vulnerability OBB-3930407
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...
6.2AI Score
Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which...
7.4AI Score
7.3AI Score
EPSS
pki-core:10.6 and pki-deps:10.6 security update
apache-commons-collections apache-commons-lang apache-commons-net bea-stax fasterxml-oss-parent [49-1] - Rebase to upstream version 49 [26-6] - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild [26-5] - Fix license tag [26-4] - Rebuilt for...
7.5CVSS
7.2AI Score
0.002EPSS
babel [2.5.1-10] - Fix CVE-2021-20095 Resolves: rhbz#1955615 [2.5.1-9] - Bumping due to problems with modular RPM upgrade path - Resolves: rhbz#1695587 [2.5.1-8] - Fix unversioned requires/buildrequires - Resolves: rhbz#1628242 [2.5.1-7] - Remove unversioned binaries - Resolves: rhbz#1613343...
9.8CVSS
6.7AI Score
0.005EPSS