Banking@home Security Vulnerabilities

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang #!/bin/zsh is being used.....

CVE-2024-27301

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang #!/bin/zsh is being used.....

CVE-2024-27301 Privilege Escalation Abusing installer in SupportApp

Support App is an opensource application specialized in managing Apple devices. It's possible to abuse a vulnerability inside the postinstall installer script to make the installer execute arbitrary code as root. The cause of the vulnerability is the fact that the shebang #!/bin/zsh is being used.....

Not everything has to be a massive, global cyber attack

Some of my Webex rooms recently have been blowing up with memes about blaming Canada or wild speculation that a state-sponsored actor is carrying out some sort of major campaign. After a widespread outage of cellular service with AT&T and other carriers a few weeks ago, people were sure it was...

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ)...

JetBrains TeamCity Unauthenticated Remote Code Execution

...

Malwarebytes Premium blocks 100% of malware during external AVLab test

Malwarebytes Premium earned a perfect score in the latest AVLab Cybersecurity Foundation “Advanced In-The-Wild Malware Test,” catching and stopping 100% of malware samples, outperforming multiple competitors in the field, and continuing a longstanding tradition of proven, perfect protection for...

PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app's icon from the home screen of the victim's device, IBM said...

Leading EV Charging Firm Spills Trove of Customer Info in Server Leak

By Waqas A massive data leak (585.81 GB) exposed customer information at Qmerit, including home images, charger locations, and potentially… This is a post from HackRead.com Read the original post: Leading EV Charging Firm Spills Trove of Customer Info in Server...

Exploit for Code Injection in Microsoft

🇮🇱 **#BringThemHome...

March 12, 2024—KB5035919 (Security-only update)

March 12, 2024—KB5035919 (Security-only update) Reminder As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see Update that enables...

March 12, 2024—KB5035933 (Security-only update)

March 12, 2024—KB5035933 (Security-only update) Reminder Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended Security...

March 12, 2024—KB5035885 (Monthly Rollup)

March 12, 2024—KB5035885 (Monthly Rollup) IMPORTANT If you plan to install this update on a domain controller (DC), we highly recommend that you install update KB5037426 instead (March 22, 2024). This out-of-band update addresses a known issue that affects the Local Security Authority Subsystem...

March 12, 2024—KB5035853 (OS Builds 22621.3296 and 22631.3296)

March 12, 2024—KB5035853 (OS Builds 22621.3296 and 22631.3296) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise, Education, IoT Enterprise, and Enterprise multi-session editions....

March 12, 2024—KB5035930 (Monthly Rollup)

March 12, 2024—KB5035930 (Monthly Rollup) Important The installation of this Extended Security Update (ESU) might fail when you try to install it on an Azure Arc-enabled device that is running Windows Server 2012. For a successful installation, please make sure all Subset of endpoints for ESU only....

March 12, 2024—KB5035845 (OS Builds 19044.4170 and 19045.4170)

March 12, 2024—KB5035845 (OS Builds 19044.4170 and 19045.4170) NEW 03/12/24 IMPORTANT The following editions of Windows 10, version 21H2 will reach end of service on June 11, 2024:- Windows 10 Enterprise and Education- Windows 10 IoT Enterprise- Windows 10 Enterprise multi-sessionAfter that date,.....

March 12, 2024—KB5035920 (Monthly Rollup)

March 12, 2024—KB5035920 (Monthly Rollup) Reminder Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended Security Updates for....

March 12, 2024—KB5035888 (Monthly Rollup)

March 12, 2024—KB5035888 (Monthly Rollup) Reminder As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see Update that enables you to...

The big play of autonomous vehicles

TL;DR The benefits of autonomous vehicles may not yet be for us consumers There are other areas where autonomy can benefit auto manufacturers and others Having your autonomous car drive you home from the bar may be some way off yet! Car manufacturers and technology startups make a big play of...

Exploit for CVE-2022-21445

Tổng quan CVE-2022-21445 (điểm CVSS 9,8), lỗ hổng là sự giải...

Exploit for CVE-2022-201145

Tổng quan CVE-2022-21445 (điểm CVSS 9,8), lỗ hổng là sự giải...

KB5035966: Servicing stack update for Windows 10: March 12, 2024

KB5035966: Servicing stack update for Windows 10: March 12, 2024 REMINDER Windows 10, version 1507 reached the end of support (EOS) on May 9, 2017 for devices running the Pro, Home, Enterprise, Education, and Enterprise LoT editions. After April 9, 2019, these devices are no longer offered...

Stable Channel Update for Desktop

The Stable channel has been updated to 122.0.6261.128/.129 for Windows and Mac and 122.0.6261.128 to Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. The Extended Stable channel has been updated to 122.0.6261.129 for Windows and...

KB5035962: Servicing stack update for Windows 10, version 1607 and Server 2016: March 12, 2024

KB5035962: Servicing stack update for Windows 10, version 1607 and Server 2016: March 12, 2024 REMINDER Windows 10, version 1607 Mobile and Mobile Enterprise editions reached the end of support (EOS) on October 9, 2018. These editions will no longer be offered servicing stack updates. Windows...

Going viral shouldn’t lead to bomb threats, with Leigh Honeywell: Lock and Code S05E06

This week on the Lock and Code podcast… A disappointing meal at a restaurant. An ugly breakup between two partners. A popular TV show that kills off a beloved, main character. In a perfect world, these are irritations and moments of vulnerability. But online today, these same events can sometimes.....

SSH-Private-Key-Looting-Wordlists - A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names

SSH Private Key Looting Wordlists. A Collection Of Wordlists To Aid In Locating Or Brute-Forcing SSH Private Key File Names. LFI for Lateral Movement? Gain SSH Access? ?file=../../../../../../../../home/user/.ssh/id_rsa ?file=../../../../../../../../home/user/.ssh/id_rsa-cert SSH Private Key...

A Close Up Look at the Consumer Data Broker Radaris

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the...

CVE-2024-2274

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument Title leads to...

CVE-2024-2274

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument Title leads to...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument Title leads to...

CVE-2024-2274 Bdtask G-Prescription Gynaecology & OBS Consultation Software Prescription Dashboard Index cross site scripting

A vulnerability, which was classified as problematic, has been found in Bdtask G-Prescription Gynaecology & OBS Consultation Software 1.0. This issue affects some unknown processing of the file /Home/Index of the component Prescription Dashboard. The manipulation of the argument Title leads to...

You’re going to start seeing more tax-related spam, but remember, that doesn’t actually mean there’s more spam

It's that time of the year when not only do you have to be worried about filing your federal taxes in the U.S., you must also be on the lookout for a whole manner of tax-related scams. These are something that pop up every year through email, texts, phone calls and even physical mail -- phony...

The 3 most common post-compromise tactics on network infrastructure

We've been discussing networking devices quite a lot recently and how Advanced Persistent Threat actors (APTs) are using highly sophisticated tactics to target aging infrastructure for espionage purposes. Some of these attacks are also likely prepositioning the APTs for future disruptive or...

Spam and phishing in 2023

The year in figures 45.60% of all email sent worldwide and 46.59% of all email sent in the Runet (the Russian web segment) was spam 31.45% of all spam email was sent from Russia Kaspersky Mail Anti-Virus blocked 135,980,457 malicious email attachments Our Anti-Phishing system thwarted 709,590,011.....

NDtaskmatic 1.0 SQL Injection

...

Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2023-1887 Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability March 7, 2024 CVE Number CVE-2023-48725 SUMMARY A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear...

CVE-2024-27287

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves...

CVE-2024-27287

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves...

CVE-2024-27287

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves...

Cross site scripting

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves...

CVE-2024-27287 ESPHome vulnerable to stored Cross-site Scripting in edit configuration file API

ESPHome is a system to control your ESP8266/ESP32 for Home Automation systems. Starting in version 2023.12.9 and prior to version 2024.2.2, editing the configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves...

ALPHV ransomware gang fakes own death, fools no one

For the second time in only four months, all is not well on the ALPHV (aka BlackCat) ransomware gang's dark web site. Gone are the lists of compromised victims. In their place, a veritable garden of law enforcement badges has sprouted beneath the ominous message "THIS WEBSITE HAS BEEN SEIZED." The....

esphome vulnerable to stored Cross-site Scripting in edit configuration file API

Summary Edit configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate...

esphome vulnerable to stored Cross-site Scripting in edit configuration file API

Summary Edit configuration file API in dashboard component of ESPHome version 2023.12.9 (command line installation and Home Assistant add-on) serves unsanitized data with “Content-Type: text/html; charset=UTF-8”, allowing remote authenticated user to inject arbitrary web script and exfiltrate...

BIT-gitlab-2020-10073

GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home...

BIT-mediawiki-2021-42048

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. Any admin can add arbitrary JavaScript code to the Newcomer home page footer, which can be executed by viewers with zero...

BIT-solr-2023-50291

Insufficiently Protected Credentials vulnerability in Apache Solr.This issue affects Apache Solr: from 6.0.0 through 8.11.2, from 9.0.0 before 9.3.0.One of the two endpoints that publishes the Solr process' Java system properties, /admin/info/properties, was only setup to hide system properties...

BIT-airflow-2022-38170

In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the --daemon flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via the....

BIT-gradle-2021-29429

In Gradle before version 7.0, files created with open permissions in the system temporary directory can allow an attacker to access information downloaded by Gradle. Some builds could be vulnerable to a local information disclosure. Remote files accessed through TextResourceFactory are downloaded.....

BIT-jupyter-notebook-2022-29238

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allow_hidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files....