The UK’s GPS Tagging of Migrants Has Been Ruled Illegal
The UK’s privacy regulator says the government did not take into account the intrusiveness of ankle tags that continuously monitor a person’s...
7.3AI Score
New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems
Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML "enables the exploitation of SAML to launch attacks from an identity provider like Entra ID against...
7.5AI Score
How to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROI
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And what cybersecurity...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.4AI Score
0.0004EPSS
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the dbus-1.12.20-8.el9 build changelog. D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the...
6.5CVSS
6.8AI Score
0.001EPSS
Multiple vulnerabilities in Adobe Acrobat Reader could lead to remote code execution
Cisco Talos has disclosed more than 30 vulnerabilities in February, including seven in Adobe Acrobat Reader, one of the most popular PDF editing and reading software currently available. Adversaries could exploit these vulnerabilities to trigger the reuse of a previously freed object, thus causing....
10CVSS
9.5AI Score
0.001EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.4AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.3AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.6AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.6AI Score
0.0004EPSS
CVE-2021-47029 mt76: connac: fix kernel warning adding monitor interface
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.6AI Score
0.0004EPSS
CVE-2021-47029 mt76: connac: fix kernel warning adding monitor interface
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.7AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: mt76: connac: fix kernel warning adding monitor interface Fix the following kernel warning adding a monitor interface in mt76_connac_mcu_uni_add_dev routine. [ 507.984882] ------------[ cut here ]------------ [ 507.989515]...
6.5AI Score
0.0004EPSS
Summary IBM Maximo Application Suite - Monitor Component uses follow-redirects which is vulnerable to CVE-2023-26159. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-26159 DESCRIPTION: **follow-redirects could allow a remote...
7.3CVSS
7.1AI Score
0.001EPSS
Summary IBM Maximo Application Suite - Monitor Component uses urllib3 which is vulnerable to CVE-2023-45803. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-45803 DESCRIPTION: **urllib3 could allow a remote authenticated attacker...
4.2CVSS
6AI Score
0.0004EPSS
Summary IBM Maximo Application Suite - Monitor Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-46158 and CVE-2023-44483. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-46158 DESCRIPTION:...
9.8CVSS
6.9AI Score
0.001EPSS
Summary IBM Maximo Application Suite - Monitor Component uses logback which is vulnerable to CVE-2023-6481 and CVE-2023-6378. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-6481 DESCRIPTION: **QOS.ch Sarl Logback is vulnerable to...
7.5CVSS
8.5AI Score
0.0005EPSS
Summary IBM Maximo Application Suite - Monitor Component uses json-path which is vulnerable to CVE-2023-51074. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-51074 DESCRIPTION: **json-path is vulnerable to a denial of service,...
5.3CVSS
7.7AI Score
0.0005EPSS
Summary IBM Maximo Application Suite - Monitor Component uses netty-codec-http2 which is vulnerable to CVE-2023-44487. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-44487 DESCRIPTION: **Multiple vendors are vulnerable to a denial.....
7.5CVSS
7.2AI Score
0.732EPSS
Summary IBM Maximo Application Suite - Monitor Component uses PyArrow which is vulnerable to CVE-2023-47248. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-47248 DESCRIPTION: **PyArrow could allow a remote authenticated attacker...
9.8CVSS
7.4AI Score
0.005EPSS
Summary IBM Maximo Application Suite - Monitor Component uses Axios which is vulnerable to CVE-2023-45857. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details ** CVEID: CVE-2023-45857 DESCRIPTION: **Axios is vulnerable to cross-site request forgery,...
6.5CVSS
6.4AI Score
0.001EPSS
7.4AI Score
Healthcare Needs Risk-Based Cybersecurity for Comprehensive, Effective Protection
In the first blog post of this three-blog series, we discussed the extraordinarily powerful “perfect storm” of cyber risk faced by healthcare organizations. The second blog post reviews how data security risks persist despite HIPAA compliance. In this third blog, we will discuss how to get started....
7.3AI Score
Joomla! patches XSS flaws that could lead to remote code execution
On February 20, Joomla! posted details about four vulnerabilities it had fixed in its Content Management System (CMS), and one in the Joomla! Framework that affects the CMS. Joomla! is an open-source CMS that’s been around since 2005, and has been one of the most popular CMS platforms by market...
7.2AI Score
0.001EPSS
TruRisk™️ Insights – The Story Behind a TruRisk Score
In the world of cloud and SaaS security, where risks arise not only from vulnerabilities but also from misconfigurations and various threats, the task of prioritizing and managing them becomes increasingly complex. It's not just about identifying vulnerabilities; it's also crucial to recognize and....
7.7AI Score
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
9.8CVSS
9.9AI Score
0.0004EPSS
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
9.8CVSS
9.8AI Score
0.0004EPSS
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
9.8CVSS
8.2AI Score
0.0004EPSS
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
9.8CVSS
8.3AI Score
0.0004EPSS
CVE-2023-51653 Hertzbeat JMX JNDI RCE
Hertzbeat is a real-time monitoring system. In the implementation of JmxCollectImpl.java, JMXConnectorFactory.connect is vulnerable to JNDI injection. The corresponding interface is /api/monitor/detect. If there is a URL field, the address will be used by default. When the URL is...
9.8CVSS
10AI Score
0.0004EPSS
In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or...
9.8CVSS
9.7AI Score
0.074EPSS
Threat Hunting Powered by Efficient and Straightforward Anomaly Detection on Your Data Lake
Effective monitoring and anomaly detection within a data environment are crucial, particularly in today's data-driven landscape. At Imperva Threat Research, our data lake serves as the backbone for a range of critical functions, including threat hunting, risk analysis, and trend detection....
10CVSS
7.9AI Score
0.975EPSS
SpeedyTest - Command-Line Tool For Measuring Internet Speed
SpeedyTest is a powerful command-line tool for measuring internet speed. With its advanced features and intuitive interface, it provides accurate and comprehensive speed test results. Whether you're a network administrator, developer, or simply want to monitor your internet connection, SpeedyTest.....
7.4AI Score
6 Ways to Simplify SaaS Identity Governance
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for....
9.7AI Score
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions...
9.8CVSS
9.7AI Score
0.074EPSS
Summary IBM Maximo Application Suite - Monitor Component uses scipy which is vulnerable to CVE-2023-25399. Vulnerability Details ** CVEID: CVE-2023-25399 DESCRIPTION: **SciPy is vulnerable to a denial of service, caused by a memory leak flaw in the Py_FindObjects function due to new reference is...
5.5CVSS
6.1AI Score
0.0004EPSS
Mozilla: IDOR on Delete Email address features
An Insecure direct object reference vulnerability was found in Mozilla Monitor which allowed any user to delete secondary email addresses in other users' accounts, using the email address ID. The vulnerability was fixed by ensuring that the delete operation is properly scoped to a particular user.....
7AI Score
Astaroth, Mekotio & Ousaban abusing Google Cloud Run in LATAM-focused malware campaigns
Google Cloud Run is currently being abused in high-volume malware distribution campaigns, spreading several banking trojans such as Astaroth (aka Guildma), Mekotio and Ousaban to targets across Latin America and Europe. The volume of emails associated with these campaigns has significantly...
7AI Score
SaaS Compliance through the NIST Cybersecurity Framework
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS. One of the challenges facing those tasked with securing SaaS applications is.....
9.8CVSS
9.7AI Score
0.074EPSS
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715)
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) UPDATED 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise, Education, IoT Enterprise, and Enterprise multi-session.....
9.8CVSS
8.2AI Score
0.57EPSS
[SECURITY] Fedora 39 Update: qemu-8.1.3-3.fc39
qemu is an open source virtualizer that provides hardware emulation for the KVM hypervisor. qemu acts as a virtual machine monitor together with the KVM kernel modules, and emulates the hardware for a full system such as a PC and its associated...
5.3CVSS
7.2AI Score
0.0004EPSS
Fedora: Security Advisory for qemu (FEDORA-2024-c601293124)
The remote host is missing an update for...
5.3CVSS
7.1AI Score
0.0004EPSS
Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities
Talos Vulnerability Report TALOS-2024-1931 Imaging Data Commons libdicom DICOM File Meta Information Parsing Use-After-Free vulnerabilities February 20, 2024 CVE Number CVE-2024-24793,CVE-2024-24794 SUMMARY A use-after-free vulnerability exists in the DICOM Element Parsing as implemented in...
8.1CVSS
8.3AI Score
0.001EPSS
Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices
Meta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report for the fourth quarter of...
9.8CVSS
9.6AI Score
0.074EPSS
How to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)
Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Response (NDR) and how...
9.5AI Score
Amazon Linux 2 : jetty (ALAS-2024-2460)
It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2460 advisory. Jetty is a Java based web server and servlet engine. Prior to versions 9.4.52, 10.0.16, 11.0.16, and 12.0.1, Jetty accepts the + character proceeding the content-length value in a HTTP/1 header field....
5.3CVSS
7.1AI Score
0.001EPSS
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source....
10CVSS
8.6AI Score
0.971EPSS
TinyTurla Next Generation - Turla APT spies on Polish NGOs
Cisco Talos has identified a new backdoor authored and operated by the Turla APT group, a Russian cyber espionage threat group. This new backdoor we're calling "TinyTurla-NG" (TTNG) is similar to Turla's previously disclosed implant, TinyTurla, in coding style and functionality implementation....
8.3AI Score
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
9.8CVSS
9.9AI Score
EPSS
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services |.....
9.8CVSS
9.7AI Score
0.033EPSS