A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an unknown function of the file /index.php?app=main&inc=feature_phonebook&op=phonebook_list of the component New Phonebook Handler. The manipulation of the argument name/email leads to basic cross site...
2.4CVSS
3.4AI Score
0.0004EPSS
CVE-2024-6251 playSMS New Phonebook cross site scripting
A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an unknown function of the file /index.php?app=main&inc=feature_phonebook&op=phonebook_list of the component New Phonebook Handler. The manipulation of the argument name/email leads to basic cross site...
2.4CVSS
0.0004EPSS
U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to....
7.2AI Score
SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2135-1)
The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2135-1 advisory. The SUSE Linux Enterprise 15 SP6 Azure kernel was updated to receive various security bugfixes. The following...
8CVSS
8.4AI Score
EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
6.8AI Score
0.0004EPSS
Metasploit Weekly Wrap-Up 06/21/2024
Argument Injection for PHP on Windows This week includes modules that target file traversal and arbitrary file read vulnerabilities for software such as Apache, SolarWinds and Check Point, with the highlight being a module for the recent PHP vulnerability submitted by sfewer-r7. This module...
9.8CVSS
8.9AI Score
0.967EPSS
AdsExhaust Adware Distributed in Fake Oculus Installer via Google Search
New adware "AdsExhaust" disguises itself as an Oculus installer to steal screenshots, generate fake clicks, and drain resources. Learn how to protect yourself from AdsExhaust and similar...
7.3AI Score
First million breached Ticketmaster records released for free
The cybercriminal acting under the name "Sp1d3r" gave away the first 1 million records that are part of the data set that they claimed to have stolen from Ticketmaster/Live Nation. The files were released without a price, for free. When Malwarebytes Labs first learned about this data breach, it...
7.2AI Score
Military-themed Email Scam Spreads Malware to Infect Pakistani Users
Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the....
7.2AI Score
Takeaways From The Take Command Summit: Understanding Modern Cyber Attacks
In today's cybersecurity landscape, staying ahead of evolving threats is crucial. The State of Security Panel from our Take Command summit held May 21st delved into how artificial intelligence (AI) is reshaping cyber attacks and defenses. The discussion highlighted the dual role of AI in...
7.4AI Score
Unveiling SpiceRAT: SneakyChef's latest tool targeting EMEA and Asia
Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, used by the threat actor SneakyChef in a recent campaign targeting government agencies in EMEA and Asia. We observed that SneakyChef launched a phishing campaign, sending emails delivering SugarGh0st and SpiceRAT with the...
7.5AI Score
SneakyChef espionage group targets government agencies with SugarGh0st and more infection techniques
Cisco Talos recently discovered an ongoing campaign from SneakyChef, a newly discovered threat actor using SugarGh0st malware, as early as August 2023. In the newly discovered campaign, we observed a wider scope of targets spread across countries in EMEA and Asia, compared with previous...
7AI Score
Summary IBM Security SOAR uses an older version of ElasticSearch that may be identified and exploited. An update has been released which addresses these issues. It is recommended upgrading to Version 51.0.2.1 or later of IBM Security SOAR. Vulnerability Details ** CVEID: CVE-2024-23450 ...
7.5CVSS
6.9AI Score
0.005EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
6.9AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
6.4AI Score
0.0004EPSS
How to Use Tines's SOC Automation Capability Matrix
Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents. A...
7AI Score
CVE-2024-36478 null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues'
In the Linux kernel, the following vulnerability has been resolved: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' Writing 'power' and 'submit_queues' concurrently will trigger kernel panic: Test script: modprobe null_blk nr_devices=0 mkdir -p...
0.0004EPSS
Oyster Backdoor Spreading via Trojanized Popular Software Downloads
A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious...
7.5AI Score
US bans Kaspersky, warns: “Immediately stop using that software”
The US government will ban the sale of Kaspersky antivirus products to new customers in the United States starting July 20, with a follow-on deadline to prohibit the cybersecurity company from providing users with software updates after September 29. The move follows years of allegations that the.....
7.1AI Score
Was T-Mobile compromised by a zero-day in Jira?
A moderator of the notorious data breach trading platform BreachForums is offering data for sale they claim comes from a data breach at T-Mobile. The moderator, going by the name of IntelBroker, describes the data as containing source code, SQL files, images, Terraform data, t-mobile.com...
10CVSS
8.2AI Score
0.001EPSS
Summary IBM Storage Protect for Space Management can be affected by security flaws in IBM Java. The flaws can lead to denial of service, confidentiality impact, integrity impact, availability impact, and sensitive information disclosure, as described in the "Vulnerability Details" section....
7.5CVSS
7.7AI Score
0.001EPSS
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
0.001EPSS
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
9.7AI Score
0.001EPSS
This script is designed to exploit vulnerabilities in a Mailcow...
6.2CVSS
7AI Score
0.0004EPSS
The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the db parameter in all versions up to, and including, 5.7.23 due to insufficient escaping on the user supplied...
9.8CVSS
0.001EPSS
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
0.0005EPSS
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
5.1AI Score
0.0005EPSS
CVE-2024-3961 ConvertKit <= 2.4.9 - Missing Authorization
The ConvertKit – Email Newsletter, Email Marketing, Subscribers and Landing Pages plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tag_subscriber function in all versions up to, and including, 2.4.9. This makes it possible for...
5.3CVSS
0.0005EPSS
PCI DSS 4.0.1: New Clarifications on Client-Side Security – What You Need to Know
As a leading provider of web application and API security solutions, Imperva is committed to helping merchants, payment processors, and anyone seeking to comply with the latest PCI DSS requirements. We previously discussed the changes introduced in PCI DSS 4.0. This blog will cover the...
7AI Score
CVE-2024-37742: Clipboard Exploit in SEB ≤ 3.5.0 (Windows)...
7.4AI Score
0.0004EPSS
KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The...
6.8AI Score
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is...
5.4CVSS
0.0004EPSS
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is...
5.4CVSS
5.6AI Score
0.0004EPSS
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is...
5.4CVSS
7.1AI Score
0.0004EPSS
Tabletop exercises are headed to the next frontier: Space
I think we can all agree that tabletop exercises are a good thing. They allow organizations of all sizes to test their incident response plans without the potentially devastating effects of a real-world cyber attack or intrusion. As part of my role at Talos, I've read hundreds of tabletop...
9.8CVSS
8.2AI Score
0.321EPSS
UK Health Club Chain ‘Total Fitness’ Data Leak Exposes KYC and Card Data
UK-based health and fitness chain Total Fitness suffered a significant data breach leaving member photos, names, and even bank details vulnerable online. Learn how to protect yourself and what went wrong at Total...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not protected by locks. When CQ asynchronous events and CQ destruction are concurrent, CQ may have been released, which will cause UAF. Use the xa_lock() to protect the CQ....
7.1AI Score
0.0004EPSS
CVE-2024-37897 Insufficient access control for password reset in sftpgo
SFTPGo is a full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob. SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is...
5.4CVSS
0.0004EPSS
Chromium: CVE-2024-6103: Use after free in Dawn
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
8.8CVSS
6.7AI Score
0.001EPSS
Chromium: CVE-2024-6102: Out of bounds memory access in Dawn
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
8.8CVSS
6.7AI Score
0.001EPSS
Chromium: CVE-2024-6101: Inappropriate implementation in WebAssembly
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
8.8CVSS
6.7AI Score
0.001EPSS
Chromium: CVE-2024-6100 Type Confusion in V8
This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more...
8.8CVSS
6.7AI Score
0.001EPSS
SFTPGo has insufficient access control for password reset
Impact SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is enabled, even users with access restrictions (e.g. expired) can reset their password and log in. Patches Fixed in v2.6.1....
5.4CVSS
7.4AI Score
0.0004EPSS
SFTPGo has insufficient access control for password reset
Impact SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is enabled, even users with access restrictions (e.g. expired) can reset their password and log in. Patches Fixed in v2.6.1....
5.4CVSS
7.1AI Score
0.0004EPSS
A proof-of-concept User-Defined Reflective Loader (UDRL) which aims to recreate, integrate, and enhance Cobalt Strike's evasion features! Contributors: Contributor | Twitter | Notable Contributions ---|---|--- Bobby Cooke | @0xBoku | Project original author and maintainer Santiago Pecin |...
7.5AI Score
AIX is vulnerable to security restrictions bypass due to cURL libcurl (CVE-2024-0853)
IBM SECURITY ADVISORY First Issued: Thu Jun 20 15:10:42 CDT 2024 The most recent version of this document is available here: https://aix.software.ibm.com/aix/efixes/security/curl_advisory5.asc Security Bulletin: AIX is vulnerable to security restrictions bypass due to cURL libcurl...
5.3CVSS
6.2AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable The function performs a check on the "phy" input parameter, however, it is used before the check. Initialize the "dev" variable after the sanity check to avoid a possible.....
6.9AI Score
0.0004EPSS
Summary In addition to updates to operating system level packages, IBM Business Automation Workflow Machine Learning Server 23.0.2-IF003 addresses the following vulnerability CVE-2024-1135. Vulnerability Details ** CVEID: CVE-2024-1135 DESCRIPTION: **Gunicorn is vulnerable to HTTP request...
7.5CVSS
6AI Score
0.0004EPSS
On March 31st, 2024, The Payments Card Industry Standards Security Council (PCI SSC) officially retired version 3.2.1 of the PCI Data Security Standard (PCI DSS) with the publication of its new sets of protocols and security standards for v4.0. With the continued rise in cyber threats against...
7.6AI Score