Medtronic N'vision Clinician Programmer Security Vulnerabilities

New Credit Card Skimmer Targets WordPress, Magento, and OpenCart Sites

Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment...

Cinterion EHS5 3G UMTS/HSPA Module Research

Modems play an important role in enabling connectivity for a wide range of devices. This includes not only traditional mobile devices and household appliances, but also telecommunication systems in vehicles, ATMs and Automated Process Control Systems (APCS). When integrating the modem, many...

QR code SQL injection and other vulnerabilities in a popular biometric terminal

Biometric scanners offer a unique way to resolve the conflict between security and usability. They help to identify a person by their unique biological characteristics – a fairly reliable process that does not require the user to exert any extra effort. Yet, biometric scanners, as any other tech,.....

Seeing Like a Data Structure

Technology was once simply a tool--and a small one at that--used to amplify human intent and capacity. That was the story of the industrial revolution: we could control nature and build large, complex human societies, and the more we employed and mastered technology, the better things got. We...

How Did Authorities Identify the Alleged Lockbit Boss?

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy, saying the charges don't explain how...

CVE-2024-31412

Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being...

CVE-2024-31412

Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being...

CVE-2024-31412

Out-of-bounds read vulnerability exists in CX-Programmer included in CX-One CXONE-AL[][]D-V4 Ver. 9.81 or lower. Opening a specially crafted project file may lead to information disclosure and/or the product being...

Unitronics Vision Legacy Series (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Unitronics Equipment: Vision Legacy series Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

RHEL 8 : Red Hat OpenStack Platform 17.1 (python-eventlet) (RHSA-2024:0188)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0188 advisory. Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining...

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites......

OfflRouter virus causes Ukrainian users to upload confidential documents to VirusTotal

During a threat-hunting exercise, Cisco Talos discovered documents with potentially confidential information originating from Ukraine. The documents contained malicious VBA code, indicating they may be used as lures to infect organizations. The results of the investigation have shown that the...

Django REST Framework SimpleJWT 5.3.1 Information Disclosure

...

djangorestframework-simplejwt 5.3.1 - Information Disclosure

...

djangorestframework-simplejwt 5.3.1 - Information Disclosure Exploit

...

Python's PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...

Python's PyPI Reveals Its Secrets

GitGuardian is famous for its annual State of Secrets Sprawl report. In their 2023 report, they found over 10 million exposed passwords, API keys, and other credentials exposed in public GitHub commits. The takeaways in their 2024 report did not just highlight 12.8 million new exposed secrets in...

Disrupting AMD SEV-SNP on Linux® With Interrupts

AMD ID: AMD-SB-3008 Potential Impact: N/A Severity: N/A Summary Researchers from ETH Zurich have shared with AMD a paper titled “Heckler: Disrupting AMD SEV-SNP with Interrupts.” In their paper, the researchers report that a malicious hypervisor can potentially break confidentiality and integrity.....

Noia - Simple Mobile Applications Sandbox File Browser Tool

Noia is a web-based tool whose main aim is to ease the process of browsing mobile applications sandbox and directly previewing SQLite databases, images, and more. Powered by frida.re. Please note that I'm not a programmer, but I'm probably above the median in code-savyness. Try it out, open an...

Bootiful Spring Boot in 2024 (part 1)

NB: the code is here on my Github account: github.com/joshlong/bootiful-spring-boot-2024-blog. Hi, Spring fans! I'm Josh Long, and I work on the Spring team. I'm excited to be keynoting and giving a talk at Microsoft's JDConf this year. I'm a Kotlin GDE and a Java Champion, and I'm of the opinion.....

Fedora: Security Advisory for antlrworks (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

Fedora: Security Advisory for log4j (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

Fedora: Security Advisory for jdom (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for...

[SECURITY] Fedora 40 Update: log4j-2.20.0-7.fc40

Log4j is a tool to help the programmer output log statements to a variety of output...

[SECURITY] Fedora 40 Update: jdom-1.1.3-37.fc40

JDOM is, quite simply, a Java representation of an XML document. JDOM provides a way to represent that document for easy and efficient reading, manipulation, and writing. It has a straightforward API, is a lightweight and fast, and is optimized for the Java programmer. It's an alternative to DOM...

[SECURITY] Fedora 40 Update: antlrworks-1.5.2-29.fc40

ANTLRWorks is a novel grammar development environment for ANTLR v3 grammars written by Jean Bovet (with suggested use cases from Terence Parr). It combin es an excellent grammar-aware editor with an interpreter for rapid prototyping a nd a language-agnostic debugger for isolating grammar errors....

The Dark Side of Innovation: Cybercriminals and Their Adoption of GenAI

The Dark Side of Innovation: Cybercriminals and Their Adoption of GenAI By Jambul Tologonov and John Fokker · March 06, 2024 In the ever-evolving threat landscape, the Trellix Advanced Research Center has been at the forefront of understanding and combating the dual-edged sword of Generative...

XSS sidekiq-unique-jobs UI server vulnerability

Summary Cross site scripting (XSS) potentially exposing cookies / sessions / localStorage, fixed by sidekiq-unique-jobs v8.0.7. Specifically, this is a Reflected (Server-Side), Non-Self, Cross Site Scripting vulnerability, considered a P3 on the BugCrowd taxonomy with the following categorization:....

XSS sidekiq-unique-jobs UI server vulnerability

Summary Cross site scripting (XSS) potentially exposing cookies / sessions / localStorage, fixed by sidekiq-unique-jobs v8.0.7. Specifically, this is a Reflected (Server-Side), Non-Self, Cross Site Scripting vulnerability, considered a P3 on the BugCrowd taxonomy with the following categorization:....

Chatbots and Human Conversation

For most of history, communicating with a computer has not been like communicating with a person. In their earliest years, computers required carefully constructed instructions, delivered through punch cards; then came a command-line interface, followed by menus and options and text boxes. If you.....

tRPC vs GraphQL

Deciphering the Cloud Conundrum: An Introduction to tRPC & GraphQL The dynamic domain of cloud technology presents a couple of instrumental methodologies in the arena of APIs: tRPC and GraphQL. Each serves as a potent asset for developers in crafting applications that are resilient, scalable, and.....

Exploring malicious Windows drivers (Part 1): Introduction to the kernel and drivers

Drivers have long been of interest to threat actors, whether they are exploiting vulnerable drivers or creating malicious ones. Malicious drivers are difficult to detect and successfully leveraging one can give an attacker full access to a system. Real-world examples can be found in our previous...

Fedora: Security Advisory for libssh (FEDORA-2023-55800423a8)

The remote host is missing an update for...

(RHSA-2024:0188) Moderate: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high programmer usability by using coroutines to make the non-blocking io operations appear blocking at the source code level. Security Fix(es): patch...

(RHSA-2024:0213) Moderate: Red Hat OpenStack Platform 17.1 (python-eventlet) security update

Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining high programmer usability by using coroutines to make the non-blocking io operations appear blocking at the source code level. Security Fix(es): patch...

Case Study: The Cookie Privacy Monster in Big Global Retail

Explore how an advanced exposure management solution saved a major retail industry client from ending up on the naughty step due to a misconfiguration in its cookie management policy. This wasn't anything malicious, but with modern web environments being so complex, mistakes can happen, and...

RHEL 9 : Red Hat OpenStack Platform 17.1 (python-eventlet) (RHSA-2024:0213)

The remote Redhat Enterprise Linux 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:0213 advisory. Eventlet is a networking library written in Python. It achieves high scalability by using non-blocking io while at the same time retaining...

[SECURITY] Fedora 38 Update: libssh-0.10.6-2.fc38

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

Fedora: Security Advisory for libssh (FEDORA-2023-0733306be9)

The remote host is missing an update for...

[SECURITY] Fedora 39 Update: libssh-0.10.6-1.fc39

The ssh library was designed to be used by programmers needing a working SSH implementation by the mean of a library. The complete control of the client is made by the programmer. With libssh, you can remotely execute programs, trans fer files, use a secure and transparent tunnel for your remote...

Story of the year: the impact of AI on cybersecurity

In the whirlwind of technological advancements and societal transformations, the term "AI" has undoubtedly etched itself into the forefront of global discourse. Over the past twelve months, this abbreviation has resonated across innumerable headlines, business surveys and tech reports, firmly...

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak sensitive information from kernel memory on current and upcoming CPUs from Intel, AMD, and Arm. The attack is an end-to-end exploit for Spectre based on a new...

Android phones can be taken over remotely – update when you can

Android phones are vulnerable to attacks that could allow someone to takeover a device remotely without the device owner needing to do anything. Updates for these vulnerabilities and more are included in Google's Android security bulletin for December. In total, there are patches for 94...

LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks

The Unified Extensible Firmware Interface (UEFI) code from various independent firmware/BIOS vendors (IBVs) has been found vulnerable to potential attacks through high-impact flaws in image parsing libraries embedded into the firmware. The shortcomings, collectively labeled LogoFAIL by Binarly,...

Will ChatGPT write ransomware? Yes.

This morning I decided to write some ransomware, and I asked ChatGPT to help. Not because I wanted to turn to a life of crime, but because I wanted to see if anything had changed since March, when I last tried the same exact thing. In short: ChatGPT has helped me, worryingly so. But more on that...

FREE Cybersecurity Education Courses

Navigating the nuanced realm of digital defense doesn't need to feel like a herculean task. This section aims to shed light on the intricacies of digital defense and aid you in leveraging freely available Cybersecurity Learning Programs. Deciphering Digital Defense Digital defense, also referred...

Qualys API Best Practices: Web Application Scanning API

This API Best Practices Series is designed for Qualys customer programmers or stakeholders with a general knowledge of programming who want to implement best practices for improving the development, design, and performance of their programs that use the Qualys API. For non-customers, the Qualys...

Spoofy - Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records. You may be asking, "Why do we need another tool that can check if a domain can be spoofed?" Well, Spoofy is different and here is why: Authoritative lookups on all lookups with known fallback...

IoT Secure Development Guide

Introduction This guide deals with threat modelling and early stages of development so that security issues and controls are identified before committing to manufacturing. Current attack methods, and the pitfalls we find in embedded designs, have been highlighted so that a finished product is as...

curl: [Critical] Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet

Summary: Curl CVE-2023-38545 vulnerability code changes are disclosed on the internet Steps To Reproduce: To replicate the issue, I have searched in the Bard about this vulnerability. It disclosed what this vulnerability is about, code changes made for this fix, who made these changes, commit...