Banking@home Security Vulnerabilities

Microsoft Windows 10 21H1 SEoL

Microsoft Windows 10 21H1 is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 21H2 Business SEoL

Microsoft Windows 10 21H2 Business is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 1809 Pro SEoL

Microsoft Windows 10 1809 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 1703 Home SEoL

Microsoft Windows 10 1703 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 20H2 Home SEoL

Microsoft Windows 10 20H2 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 1909 Home SEoL

Microsoft Windows 10 1909 Home is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Microsoft Windows 10 20H2 Pro SEoL

Microsoft Windows 10 20H2 Pro is no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...

Daily Habit Tracker 1.0 - Broken Access Control

...

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted....

A week in security (March 25 – March 31)

Last week on Malwarebytes Labs: MFA bombing taken to the next level How to back up your Mac How to back up your Windows 10/11 PC to OneDrive How to back up your iPhone to a Windows computer How to back up your iPhone to a Mac How to back up your iPhone to iCloud Powering the future of ThreatDown...

Ross Anderson

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can't remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and...

DroidLysis - Property Extractor For Android Apps

DroidLysis is a pre-analysis tool for Android apps: it performs repetitive and boring tasks we'd typically do at the beginning of any reverse engineering. It disassembles the Android sample, organizes output in directories, and searches for suspicious spots in the code to look at. The output helps....

R2Frida - Radare2 And Frida Better Together

This is a self-contained plugin for radare2 that allows to instrument remote processes using frida. The radare project brings a complete toolchain for reverse engineering, providing well maintained functionalities and extend its features with other programming languages and tools. Frida is a...

How to back up your Windows 10/11 PC to OneDrive

They say the only backup you ever regret is the one you didn't make. Starting in Windows 10, the operating system (OS) now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information. First, you’ll need to sign in with your...

How to back up your iPhone to iCloud

They say the only backup you ever regret is the one you didn't make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things you've lost, or to fix things that have failed. The most convenient way to backup your iPhone is to have it backup to iCloud. Backups.....

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots...

Lessons from a Ransomware Attack against the British Library

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything...

Siklu MultiHaul TG series < 2.0.0 - unauthenticated credential disclosure Exploit

...

Thread Hijacking: Phishes That Prey on Your Curiosity

Thread hijacking attacks. They happen when someone you know has their email account compromised, and you are suddenly dropped into an existing conversation between the sender and someone else. These missives draw on the recipient's natural curiosity about being copied on a private discussion,...

Exploit for Improper Input Validation in Microsoft

🇮🇱 **#BringThemHome...

BIT-airflow-2024-29735

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3.Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

liveSite Version 2019.1 - Remote Code Execution

...

Siklu MultiHaul TG Series Credential Disclosure

...

Siklu MultiHaul TG series &lt; 2.0.0 - unauthenticated credential disclosure

...

Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

Apache Airflow Improper Preservation of Permissions vulnerability

Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

CVE-2024-29735 Apache Airflow: Potentially harmful permission changing by log task handler

Improper Preservation of Permissions vulnerability in Apache Airflow.This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...

Internet Bug Bounty: Improper handling of wildcards in --allow-fs-read and --allow-fs-write

Summary: The permission model implementation does not process wildcards in the paths given via --allow-fs-read or --allow-fs-write correctly and may incorrectly grant access to paths that should be inaccessible. Description: There are two separate issues here: The implementation silently ignores...

U.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage Operation

The U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaobin (倪高彬), Weng...

Exploit for CVE-2023-42931

🇮🇱 **#BringThemHome...

Orange Station 1.0 Shell Upload

...

Stable Channel Update for Desktop

The Stable channel has been updated to 123.0.6312.86/.87 for Windows and Mac and 123.0.6312.86 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept...

Securing your home network is long, tiresome, and entirely worth it, with Carey Parker: Lock and Code S05E07

This week on the Lock and Code podcast… Few words apply as broadly to the public—yet mean as little—as “home network security.” For many, a “home network” is an amorphous thing. It exists somewhere between a router, a modem, an outlet, and whatever cable it is that plugs into the wall. But the...

3 important lessons from a devastating ransomware attack

In October 2023, The British Library was attacked by the Rhysida ransomware gang in a devastating cyberattack. The library, a vast repository of over 170 million items, is still deep in the recovery process, but recently released an eighteen page cyber incident review describing the attack, its...

CVE-2024-28386

An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin()...

CVE-2024-28386

An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin()...

CrushFTP Unauthenticated RCE

This exploit module leverages an Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability (CVE-2023-43177) to achieve unauthenticated remote code execution. This affects CrushFTP versions prior to 10.5.1. It is possible to set some user's session properties by...

home-based.eu Cross Site Scripting vulnerability OBB-3884862

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently...

CVE-2024-28386

An issue in Home-Made.io fastmagsync v.1.7.51 and before allows a remote attacker to execute arbitrary code via the getPhpBin()...

Exploit for Deserialization of Untrusted Data in Apache Log4J

CVE-2021-44228-POC exploit CVE-2021-44228 ...

Grav File Upload Path Traversal

Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....

Grav File Upload Path Traversal

Summary Grav is vulnerable to a file upload path traversal vulnerability, that can allow an adversary to replace or create files with extensions such as .json, .zip, .css, .gif, etc. This vulnerabiltiy can allow attackers to inject arbitrary code on the server, undermine integrity of backup files.....

January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2

January 9, 2024-KB5033920 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 11, version 22H2 and Windows 11, version 23H2 Release Date: January 9, 2024 Version: .NET Framework 3.5 and 4.8.1 The January 9, 2024 update for Windows 11, version 22H2 and Windows 11, version 23H2 includes...

January 9, 2024-KB5033910 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016

January 9, 2024-KB5033910 Cumulative Update for .NET Framework 4.8 for Windows 10, version 1607 and Windows Server 2016 Release Date: January 9, 2024 Version: .NET Framework 4.8 The January 9, 2024 update for Windows 10, version 1607 and Windows Server 2016 includes security and cumulative...

January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2

January 9, 2024-KB5034274 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 Release Date: January 9, 2024 Version: .NET Framework 3.5, 4.8 and 4.8.1 Summary This article describes the security and cumulative update for 3.5, 4.8 and 4.8.1 for Windows 10 Version...

January 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 (KB5034269)

January 9, 2024-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Embedded 7 Standard and Windows Server 2008 R2 SP1 (KB5034269) Applies to: Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework...

January 9, 2024-KB5034273 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019

January 9, 2024-KB5034273 Cumulative Update for .NET Framework 3.5, 4.7.2 and 4.8 for Windows 10, version 1809 and Windows Server 2019 Release Date: January 9, 2024 Version: .NET Framework 3.5, 4.7.2 and 4.8 Summary This article describes the security and cumulative update for 3.5, 4.7.2 and 4.8...