27 matches found
CVE-2013-10075
Apache::Session versions through 1.94 for Perl re-creates deleted sessions. The session stores Apache::Session::Store::File and Apache::Session::Store::DBFile will create a session that does not exist. This can lead to sessions being revived, potentially with data that was to be deleted...
CVE-2025-12023 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Ticket Restore
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ehcrmrestoredata function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with...
CVE-2025-12023 ELEX WordPress HelpDesk & Customer Ticketing System <= 3.3.1 - Missing Authorization to Authenticated (Subscriber+) Ticket Restore
The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ehcrmrestoredata function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, with...
EUVD-2019-4480
Malware in sbrugna...
EUVD-2019-13747
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2024-26798
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon:...
New HIPAA Rules Mandate 72-Hour Data Restoration and Annual Compliance Audits
The United States Department of Health and Human Services' HHS Office for Civil Rights OCR has proposed new cybersecurity requirements for healthcare organizations with an aim to safeguard patients' data against potential cyber attacks. The proposal, which seeks to modify the Health Insurance...
DEBIAN-CVE-2021-4442
In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...
CVE-2024-26798
In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize failed started restoring old font data upon failure of vcresize. But it performs so only for user...
CVE-2023-26033 Gentoo soko contains DoS attack based on SQL Injection
Gentoo soko is the code that powers packages.gentoo.org. Versions prior to 1.0.1 are vulnerable to SQL Injection, leading to a Denial of Service. If the user selects in user preferences the "Recently Visited Packages" view for the index page, the value of the searchhistory cookie is used as a...
The True Impact of Ransomware Attacks
One of the most damaging myths about ransomware attacks is, “If your company does regular system backups, you don’t have to worry. Just restore from the backup.” While system backups are crucial — power outages, natural disasters, or even mistakes by employees can destroy data just as quickly as ...
Don’t Wanna Pay Ransom Gangs? Test Your Backups.
Browse the comments on virtually any story about a ransomware attack and you will almost surely encounter the view that the victim organization could have avoided paying their extortionists if only theyd had proper data backups. But the ugly truth is there are many non-obvious reasons why victims...
3 things the Kaseya attack can teach us about ransomware recovery
Only rarely do companies allow us a look inside their organization while they are recovering from a ransomware attack. Many find it more convenient to keep a low profile or to be secretive. A positive exception to this is found in the Dutch managed service provider MSP VelzArt, one of the many...
PT-2019-5300 · Fasterxml +8 · Jackson-Databind +8
Name of the Vulnerable Software and Affected Versions: FasterXML jackson-databind versions 2.0.0 through 2.9.10.1 FasterXML jackson-databind versions 2.6.0 through 2.6.7.3 FasterXML jackson-databind versions 2.7.0 through 2.7.9.6 FasterXML jackson-databind versions 2.8.0 through 2.8.11.4...
Ransomware Bites Dental Data Backup Firm
PerCSoft, a Wisconsin-based company that manages a remote data backup service relied upon by hundreds of dental offices across the country, is struggling to restore access to client systems after falling victim to a ransomware attack. West Allis, Wis.-based PerCSoft is a cloud management provider...
CB TAU Threat Intelligence Notification: GermanWiper Ransomware
GermanWiper Ransomware was found distributed via spam email campaign in Germany. It’s a data-wiping malware and the ransom note was written in German language. The malware pretends to be ransomware but is actually a wiper that destroys the data instead of encrypting it. Figure 1: Screenshot of th...
Code injection
IBM Tivoli Storage Manager Server IBM Spectrum Protect 7.1 and 8.1 could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336...
Input validation
Pydio Cells before 1.5.0 does incomplete cleanup of a user's data upon deletion. This allows a new user, holding the same User ID as a deleted user, to restore the deleted user's data...
CVE-2019-12902
Pydio Cells vulnerable before version 1.5.0. The issue is incomplete cleanup of a user’s data on deletion, allowing a new user with the same User ID to recover the deleted user’s data. Affected platform: Pydio Cells prior to 1.5.0; root cause: data cleanup gap during deletion. Impact: potential i...
City Pays $2K in Ransomware, Stirs ‘Never Pay’ Debate
The city of West Haven, Conn. made the hard choice to pay cyberattackers a $2,000 ransom after being hit with malware that ground their operations to a halt. West Haven said that its City Hall offices were the victim of a ransomware attack, which the U.S. Department of Homeland Security determine...