US agencies issue warning about DAIXIN Team ransomware

The FBI, Cybersecurity and Infrastructure Security Agency CISA, and the Department of Health and Human Services HHS have issued a joint advisory about DAIXIN Team, a fledgling ransomware and data exfiltration group that has been targeting US healthcare. First spotted in June 2022, the DAIXIN Team...

Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. An attacker could spoof historical messages from other users, and use a malicious key backup to the user's account unde...

Mozilla: Matrix SDK bundled with Thunderbird vulnerable to an impersonation attack

A flaw was found in Mozilla. According to the Mozilla Foundation Security Advisory, Thunderbird users who use the Matrix chat protocol are vulnerable to an impersonation attack. An attacker could spoof historical messages from other users, and use a malicious key backup to the user's account unde...

The vulnerability of the virtual learning environment Moodle, related to the restoration of unreliable data in memory, allows a perpetrator to execute arbitrary code.

The vulnerability in the virtual training environment Moodle is related to the insecure input verification during the restoration of backup files. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by loading the restored file...

CVE-2022-41574

An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal...

CVE-2022-41574

An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal...

Improper access control

An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal...

Gradle 安全漏洞

Gradle is a suite of JVM-based project build tools from Gradle, Inc. that supports maven, Ivy repositories, and more. A security vulnerability exists in Gradle Enterprise versions 2022.3.1 through 2022.4, which stems from a vulnerability that allows remote attackers to prevent backups from...

CVE-2022-41574

An access-control vulnerability in Gradle Enterprise 2022.4 through 2022.3.1 allows remote attackers to prevent backups from occurring, and send emails with arbitrary text content to the configured installation-administrator contact address, via HTTP access to an accidentally exposed internal...

Security Bulletin: TSM Client Scheduler Denial Of Service Vulnerability (CVE-2013-0471)

Abstract A Denial of Service vulnerability exists in the IBM Tivoli Storage Manager TSM client traditional scheduler Content DESCRIPTION: A Denial of Service vulnerability in the TSM client traditional scheduler allows a remote attacker to disable the traditional scheduler when it is in Prompted...

Moodle 安全漏洞

Moodle is a free, open source e-learning software platform, also known as a course management system, learning management system or virtual learning environment. A security vulnerability exists in Moodle, which poses a remote code execution risk when restoring an incorrectly formatted backup file...

Europol and Bitdefender Release Free Decryptor for LockerGoga Ransomware

A decryptor for the LockerGoga ransomware has been made available by Romanian cybersecurity firm Bitdefender in collaboration with Europol, the No More Ransom project, and Zurich law enforcement authorities. Identified in January 2019, LockerGoga drew headlines for its attacks against the Norwegi...

GHSA-VQ4H-XRWC-M639 rdiffweb CSRF vulnerability in profile's SSH keys can lead to unauthorized access

rdiffweb prior to 2.4.3 is vulnerable to Cross-Site Request Forgery CSRF. While adding SSH public keys to the profile, the server accepts the GET request, which results in adding an SSH public key to the profile and leads to unauthorized access to the system and backups. Version 2.4.3 contains a...

Iranian Islamic Revolutionary Guard Corps Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

CISA, Federal Bureau of Investigation FBI, National Security Agency NSA, U.S. Cyber Command USCC - Cyber National Mission Force CNMF, Department of the Treasury, Australian Cyber Security Centre ACSC, Canadian Centre for Cyber Security CCCS, and United Kingdom’s National Cyber Security Centre NCS...

mariadb: improper locking due to the unreleased lock in extra/mariabackup/ds_compress.cc

MariaDB Server before 10.7 is vulnerable to Denial of Service. In extra/mariabackup/dscompress.cc, when an error occurs pthreadcreate returns a nonzero value while executing the method createworkerthreads, the held lock is not released correctly, which allows local users to trigger a denial of...

2021 Top Malware Strains

Summary Immediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication MFA. • Secure Remote Desktop Protocol RDP and other risky services. • Make offline backups of your data. • Provi...

How to secure a Windows PC for your kids

With the return to school fast approaching, it's time to ready the things your kids will need to pass the next year with flying colors. Increasingly, that means computing devices, which means you'll need to spend time thinking about the safety and security of what they will be using. In our "Back...

CISA and FBI issue alert about Zeppelin ransomware

The Federal Bureau of Investigation FBI and the Cybersecurity and Infrastructure Security Agency CISA have released a joint Cybersecurity Advisory CSA about Zeppelin ransomware. The advisory contains indicators of compromise IOCs and tactics, techniques, and procedures TTPs associated with...

Facebook Testing Default End-to-End Encryption and Encrypted Backups in Messenger

Social media company Meta said it will begin testing end-to-end encryption E2EE on its Messenger platform this week for select users as the default option, as the company continues to slowly add security layers to its various chat services. "If you're in the test group, some of your most frequent...

What is ransomware and how can you defend your business from it?

Ransomware is a kind of malware used by cybercriminals to stop users from accessing their systems or files; the cybercriminals then threaten to leak, destroy or withhold sensitive information unless a ransom is paid. Ransomware attacks can target either the data held on computer systems known as...