Qualys Patch Management: A Review of New Features in 2023 for Faster Elimination of Cyber Risk
The recent debut of Qualys’ Enterprise TruRisk Platform promises three key benefits: measuring, communicating, and eliminating cyber risk across the extended enterprise. Qualys Patch Management plays a pivotal role in this process towards the rapid elimination of cyber risk. Our focus during 2023.....
7.1AI Score
SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog...
10AI Score
0.001EPSS
RHCOS 4 : OpenShift Container Platform 4.12.48 (RHSA-2024:0489)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0489 advisory. OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server...
7.5CVSS
6.8AI Score
0.001EPSS
7.4AI Score
7.4AI Score
7.4AI Score
7.4AI Score
Who is Alleged Medibank Hacker Aleksandr Ermakov?
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the...
6.8AI Score
Why is the cost of cyber insurance rising?
I just bought an electric car last week, so I've been shopping for new car insurance policies that could offer me a discount for ditching gas. We're all familiar with the boring process of entering the same information 10 times over into 10 different companies' websites trying to see who comes out....
8.8CVSS
7.6AI Score
0.003EPSS
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)
Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67...
9.8CVSS
8.9AI Score
EPSS
Publitas: CVE-2018-6389 exploitation - using scripts loader
Hi Team ! Unauthenticated attackers can cause a denial of service (resource consumption) by using the large list of registered .js files (from wp-includes/script-loader.php) to construct a series of requests to load every file many times. The vulnerability is registered as CVE-2018-6389....
7.5CVSS
6.5AI Score
0.36EPSS
Imperva customers are protected against the recent GoAnywhere MFT vulnerability CVE-2024-0204
Recently, Fortra released a security advisory for CVE-2024-0204, a GoAnywhere MFT authentication bypass vulnerability. This bug allows an unauthenticated attacker to create an administrative user by exploiting an InitialAccountSetup.xhtml endpoint–accessible via path traversal–to initiate the...
9.8CVSS
8AI Score
0.582EPSS
Cross-site Scripting Vulnerability on Avatar Upload
Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2 and was tested on version 1.8.2. Overview Label Studio has a cross-site scripting (XSS) vulnerability that...
7.1CVSS
5.9AI Score
0.02EPSS
Cross-site Scripting Vulnerability on Avatar Upload
Introduction This write-up describes a vulnerability found in Label Studio, a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.9.2 and was tested on version 1.8.2. Overview Label Studio has a cross-site scripting (XSS) vulnerability that...
7.1CVSS
5.9AI Score
0.02EPSS
Security Testing: Types, Tools, and Best Practices
Opening Note: Understanding the Core Concepts of Security Analysis Continual developments in technology have elevated the significance of security analysis, a critical phase in software design. You can think of it as a vital diagram within the process of coding, engineered to identify and resolve.....
8.4AI Score
RHCOS 4 : OpenShift Container Platform 4.14.9 (RHSA-2024:0207)
The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:0207 advisory. OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary...
7.5CVSS
7.8AI Score
0.001EPSS
Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2024-499)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-499 advisory. A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP...
7.5CVSS
8.4AI Score
0.001EPSS
Amazon Linux 2023 : amazon-cloudwatch-agent (ALAS2023-2024-498)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-498 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by...
7.5CVSS
7.5AI Score
0.002EPSS
WolfNet IDX for WordPress <= 1.19.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) PoC 1. In the settings of the...
7.8AI Score
EPSS
WolfNet IDX for WordPress <= 1.19.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite...
7.9AI Score
EPSS
Amazon Linux 2 : amazon-cloudwatch-agent (ALAS-2024-2424)
The version of amazon-cloudwatch-agent installed on the remote host is prior to 1.300032.3-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2424 advisory. A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause...
7.5CVSS
7.5AI Score
0.002EPSS
Popup Box Pro < 20.9.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed PoC Create/edit a new popup and add the following payload in the Custom Content: Save, and.....
5.7AI Score
0.0004EPSS
Popup Box Pro < 7.9.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...
5.9AI Score
0.0004EPSS
Popup Box Pro < 20.9.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is...
5.9AI Score
0.0004EPSS
Popup Box Pro < 7.9.0 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed PoC Create/edit a new popup and add the following payload in the Custom Content: Save, and.....
5.7AI Score
0.0004EPSS
Description The plugin is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.7.4 via the 'ma_debu' parameter. This makes it possible for unauthenticated attackers to extract sensitive data including post author emails and names if...
7.5CVSS
6.5AI Score
0.001EPSS
Canadian Man Stuck in Triangle of E-Commerce Fraud
A Canadian man who says he's been falsely charged with orchestrating a complex e-commerce scam is seeking to clear his name. His case appears to involve "triangulation fraud," which occurs when a consumer purchases something online -- from a seller on Amazon or eBay, for example -- but the seller.....
6.8AI Score
Important: amazon-cloudwatch-agent
Issue Overview: 2024-02-29: CVE-2023-47108 was added to this advisory. The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-39325) A malicious...
7.5CVSS
7.3AI Score
0.002EPSS
The legal profession is known for being cautious or hesitant to adopt new technologies. However, when it comes to AI, it seems like legal professionals are ready to be on the leading edge of AI implementation. A Thomson Reuters survey of legal professionals found that 82% agree that AI can be...
6.8AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
Unified security operations with Microsoft Sentinel and Microsoft Defender XDR
Numerous cybersecurity tools exist to help organizations protect their data, people, and systems. There are different tools that check emails for phishing attempts, secure infrastructure and cloud, and provide generative AI to detect threats and uplevel response beyond human ability. While each of....
7.1AI Score
avo vulnerable to stored cross-site scripting (XSS) in key_value field
Summary A stored cross-site scripting (XSS) vulnerability was found in the key_value field of Avo v3.2.3. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. Details The value of the key_value is inserted directly into the HTML code. In the...
7.3CVSS
5.5AI Score
0.001EPSS
avo vulnerable to stored cross-site scripting (XSS) in key_value field
Summary A stored cross-site scripting (XSS) vulnerability was found in the key_value field of Avo v3.2.3. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. Details The value of the key_value is inserted directly into the HTML code. In the...
7.3CVSS
7AI Score
0.001EPSS
Case Study: The Cookie Privacy Monster in Big Global Retail
Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn't anything malicious, but with modern web environments being so complex, mistakes can happen, and...
6.8AI Score
K000138255 : Go OpenTelemetry Contrib vulnerability CVE-2023-47108
Security Advisory Description OpenTelemetry-Go Contrib is a collection of third-party packages for OpenTelemetry-Go. Prior to version 0.46.0, the grpc Unary Server Interceptor out of the box adds labels net.peer.sock.addr and net.peer.sock.port that have unbound cardinality. It leads to the...
7.5CVSS
6.5AI Score
0.001EPSS
Detect and Manage the Risk of Apache Struts (CVE-2023-50164) Comprehensively
Introduction In the vast landscape of cybersecurity, staying vigilant against potential threats is crucial. A critical vulnerability that surfaced recently is CVE-2023-50164, affecting Apache Struts 2, a widely used open-source framework for Java development. This path traversal vulnerability,...
9.8CVSS
10AI Score
0.09EPSS
Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI
Python Package Index (PyPI) is a platform that offers an extensive range of packages to simplify and enhance the development process. Malicious actors regularly upload phishing packages in the platform’s repository aimed at delivering malware to steal the victim's information, or more frequently,.....
7AI Score
Wordfence Intelligence Weekly WordPress Vulnerability Report (January 1, 2024 to January 7, 2024)
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Last week, there were 85 vulnerabilities disclosed in 74 WordPress Plugins and 2 WordPress themes that have been added to the Wordfence...
9.8CVSS
10AI Score
EPSS
The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in all versions up to, and including, 6.5.2. This makes it possible for authenticated attackers, with subscriber-level access and above, to...
4.3CVSS
4.6AI Score
0.0004EPSS
Microsoft and Adobe Patch Tuesday, January 2024 Security Update Review
The first edition of the Microsoft Patch Tuesday for 2024 is now live! Microsoft has released fewer than usual security fixes in this month's update. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft Patch Tuesday for January 2024 Microsoft....
8.8CVSS
9AI Score
0.004EPSS
Description of the security update for SharePoint Server Subscription Edition: January 9, 2024 (KB5002540) Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and...
8.8CVSS
9AI Score
0.002EPSS
January 9, 2024—KB5034127 (OS Build 17763.5329)
January 9, 2024—KB5034127 (OS Build 17763.5329) 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 1809, see its update history page. Highlights This update...
8.8CVSS
7.4AI Score
0.004EPSS
January 9, 2024—KB5034129 (OS Build 20348.2227)
January 9, 2024—KB5034129 (OS Build 20348.2227) For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows Server 2022, see its update history page. Note Follow @WindowsUpdate to find out...
8.8CVSS
7.3AI Score
0.004EPSS
NIST Warns of Security and Privacy Risks from Rapid AI System Deployment
The U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. "These security and privacy challenges include the potential for...
7.2AI Score
7.4AI Score
7.4AI Score
Wordfence just launched its bug bounty program. For the first 6 months, all awarded bounties receive a 10% bonus. View the announcement to learn more now! Over the last two weeks, there were 263 vulnerabilities disclosed in 217 WordPress Plugins and 3 WordPress themes that have been added to the...
9.8CVSS
10AI Score
EPSS
How to Protect Your Privacy Online
Decoding the Complexities of Digital Personhood and Its Private Aspects: Elemental Groundwork As we stride through this tech-propelled age, concerns related to internet-bound privacy have risen as pressing hurdles for all cyber inhabitants around the planet. Considering the ever-broadening...
7.4AI Score
Genie Aladdin Connect Retrofit Garage Door Opener: Multiple Vulnerabilities
Rapid7, Inc. (Rapid7) discovered vulnerabilities in Aladdin Connect retrofit kit garage door opener and Android mobile application produced by Genie. The affected products are: Aladdin Garage door smart retrofit kit, Model ALDCM Android Mobile application ALADDIN Connect, Version 5.65 Build 2075 .....
8.8CVSS
6.7AI Score
0.001EPSS