Suspected CoralRaider continues to expand victimology using three information stealers
_By Joey Chen, Chetan Raghuprasad and Alex Karkins. _ Cisco Talos discovered a new ongoing campaign since at least February 2024, operated by a threat actor distributing three famous infostealer malware, including Cryptbot, LummaC2 and Rhadamanthys. Talos also discovered a new PowerShell...
8.2AI Score
Cassia Gateway Firmware - Remote Code Execution
In Cassia Gateway firmware XC1000_2.1.1.2303082218 and XC2000_2.1.1.2303090947, the queueUrl parameter in /bypass/config is not sanitized. This leads to injecting Bash code and executing it with root privileges on device...
9.8CVSS
9.6AI Score
0.016EPSS
Time-of-check Time-of-use (TOCTOU) Attack
OpenStack Storlets is vulnerable to Time-of-check Time-of-use (TOCTOU) Attack. The vulnerability is caused due to a lack of strict permission checks and restriction, leading to improper permission settings on file creation. This allows an attacker to gain unauthorized access to or modify sensitive....
6.5AI Score
0.0004EPSS
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or GlobalProtect Portal enabled and telemetry...
10CVSS
10AI Score
0.957EPSS
10CVSS
9.8AI Score
0.957EPSS
Ubuntu 16.04 LTS / 18.04 LTS : LXD vulnerability (USN-6738-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6738-1 advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass...
5.9CVSS
7.5AI Score
0.963EPSS
Empowering Small Businesses in the Digital Age: A Must-Read Guide to Web Application & API Security
Small and medium-sized businesses have increasingly become reliant on web applications - whether they are developed or procured, to drive their operations, engage customers, and scale their businesses. The increasing reliance on online operations is underscored by 84% of businesses using digital...
7.4AI Score
Wallarm introduced its ongoing Open Source API Firewall project to the world at the recently concluded Blackhat Asia 2024 conference in Singapore. The open-source API Firewall by Wallarm is a free, lightweight API Firewall designed to protect REST and GraphQL API endpoints across cloud-native...
8.1AI Score
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1529)
The remote host is missing an update for the Huawei...
5.9CVSS
6.5AI Score
0.963EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1528)
The remote host is missing an update for the Huawei...
5.9CVSS
6.2AI Score
0.963EPSS
Huawei EulerOS: Security Advisory for libssh (EulerOS-SA-2024-1547)
The remote host is missing an update for the Huawei...
5.9CVSS
6.2AI Score
0.963EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1533)
The remote host is missing an update for the Huawei...
6.5CVSS
6.5AI Score
0.963EPSS
Huawei EulerOS: Security Advisory for openssh (EulerOS-SA-2024-1552)
The remote host is missing an update for the Huawei...
6.5CVSS
6.5AI Score
0.963EPSS
Huawei EulerOS: Security Advisory for libssh2 (EulerOS-SA-2024-1548)
The remote host is missing an update for the Huawei...
5.9CVSS
6.5AI Score
0.963EPSS
Palo Alto Networks Discloses More Details on Critical PAN-OS Flaw Under Attack
Palo Alto Networks has shared more details of a critical security flaw impacting PAN-OS that has come under active exploitation in the wild by malicious actors. The company described the vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), as "intricate" and a combination of two bugs in...
10CVSS
7.9AI Score
0.957EPSS
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 4ebdd56b-fe72-11ee-bc57-00e081b7aa2d advisory. The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other ...
5.9CVSS
7.6AI Score
0.963EPSS
How Attackers Can Own a Business Without Touching the Endpoint
Attackers are increasingly making use of "networkless" attack techniques targeting cloud apps and identities. Here's how attackers can (and are) compromising organizations – without ever needing to touch the endpoint or conventional networked systems and services. Before getting into the details...
7.5AI Score
EulerOS Virtualization 2.10.0 : libssh2 (EulerOS-SA-2024-1529)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.4AI Score
0.963EPSS
EulerOS Virtualization 2.10.1 : openssh (EulerOS-SA-2024-1552)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
6.5CVSS
8AI Score
0.963EPSS
EulerOS Virtualization 2.10.1 : libssh2 (EulerOS-SA-2024-1548)
According to the versions of the libssh2 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.5AI Score
0.963EPSS
EulerOS Virtualization 2.10.1 : libssh (EulerOS-SA-2024-1547)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.4AI Score
0.963EPSS
EulerOS Virtualization 2.10.0 : openssh (EulerOS-SA-2024-1533)
According to the versions of the openssh packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
6.5CVSS
8AI Score
0.963EPSS
EulerOS Virtualization 2.10.0 : libssh (EulerOS-SA-2024-1528)
According to the versions of the libssh package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote...
5.9CVSS
7.8AI Score
0.963EPSS
An unauthenticated attacker can reset the board and stop transmitter operations by sending a specially-crafted GET request to the command.cgi gateway, resulting in a denial-of-service...
5.3CVSS
6.8AI Score
0.0004EPSS
An unauthenticated attacker can reset the board and stop transmitter operations by sending a specially-crafted GET request to the command.cgi gateway, resulting in a denial-of-service...
5.3CVSS
5.8AI Score
0.0004EPSS
CVE-2024-21846 Electrolink FM/DAB/TV Transmitter Missing Authentication for Critical Function
An unauthenticated attacker can reset the board and stop transmitter operations by sending a specially-crafted GET request to the command.cgi gateway, resulting in a denial-of-service...
5.3CVSS
5.6AI Score
0.0004EPSS
New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks
A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android.....
7AI Score
Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide
As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers,...
7.2AI Score
Oracle Primavera Gateway (April 2024 CPU)
The versions of Primavera Gateway installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead...
7.5CVSS
7.1AI Score
0.001EPSS
Oracle Business Intelligence Publisher 7.0 (OAS) (April 2024 CPU)
The versions of Oracle Business Intelligence Publisher (OAS) installed on the remote host are affected by a vulnerability as referenced in the April 2024 CPU advisory. Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are...
9.8CVSS
7.2AI Score
0.001EPSS
Oracle Business Intelligence Publisher (April 2024 CPU)
The versions of Oracle Business Intelligence Publisher installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that...
9.8CVSS
7.6AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a...
8.1CVSS
8.2AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a...
8.1CVSS
8AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just...
8.1CVSS
7.6AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
8.1AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just...
8.1CVSS
8.1AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a...
8.1CVSS
7.6AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
7.9AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
7.6AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just...
8.1CVSS
7.9AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
8AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
7.6AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
8.2AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a...
8.1CVSS
8.4AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
8.3AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_submit_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
7AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the sms_decode_address_field() function during the SMS PDU decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just...
8.1CVSS
8.3AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
8.4AI Score
0.001EPSS
A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_status_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound....
8.1CVSS
7.1AI Score
0.001EPSS
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
This module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or GlobalProtect Portal enabled and telemetry collection on...
10CVSS
9.9AI Score
0.957EPSS