CVE-2023-6784

A malicious user could potentially use the Sitefinity system for the distribution of phishing emails...

CVE-2023-6784

Progress Sitefinity (the platform referenced across multiple sources) has a reported input validation error vulnerability associated with CVE-2023-6784 that could enable a malicious user to use the system to distribute phishing emails. The connected documents describe the issue as an input valida...

com.clever-cloud:biscuit-pulsar (=3.2.1), com.github.shoothzj:test-pulsar (>=3.1.12 <=3.1.15) +12 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (>=1.19.0-incubating <=2.10.4)

org.apache.pulsar:pulsar-websocket MAVEN version =1.19.0-incubating, =3.1.12, =0.0.1, =2.0.0-rc1-incubating, =1.19.0-incubating, =1.19.0-incubating, =2.10.0, =2.10.0, =2.0.0-rc1-incubating, =2.10.0, =2.10.0, =1.19.0-incubating, =1.0.0, =1.1.0 Source cves: CVE-2023-37544 Source advisory:...

New MetaStealer malvertising campaigns

MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have become a very hot commodity in the criminal space, so much so that there is competition between various groups. Threat actors have primarily used malspam as an infection vector...

Debian: Security Advisory (DSA-5578-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 5579-1] freeimage security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5579-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff December 17, 2023 https://www.debian.org/security/faq -...

PikaBot distributed via malicious search ads

During this past year, we have seen an increase in the use of malicious ads malvertising and specifically those via search engines, to drop malware targeting businesses. In fact, browser-based attacks overall have been a lot more common if we include social engineering campaigns. Criminals have...

The vulnerability of the Django web application platform, related to unlimited resource distribution, allows attackers to trigger a Denial-of-Service attack.

The vulnerability of the Django web application framework is related to unlimited resource distribution. Exploiting this vulnerability can allow a malicious actor to trigger a Denial-of-Service attack remotely...

FakeSG campaign, Akira ransomware and AMOS macOS stealer

Introduction The crimeware landscape is diverse. Cybercriminals try to capitalize on their victims in every possible way by distributing various types of malware designed for different platforms. In recent months, we have written private reports on a wide range of topics, such as new cross-platfo...

Schweitzer Engineering Laboratories SEL-411L

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL-411L Vulnerability : Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability...

IT threat evolution in Q3 2023. Mobile statistics

IT threat evolution in Q3 2023 IT threat evolution in Q3 2023. Non-mobile statistics IT threat evolution in Q3 2023. Mobile statistics These statistics are based on detection verdicts of Kaspersky products received from users who consented to providing statistical data. Quarterly figures Accordin...

Apache ActiveMQ Deserialization of Untrusted Data vulnerability

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

CVE-2022-41678

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

CVE-2022-41678 Apache ActiveMQ: Insufficient API restrictions on Jolokia allow authenticated users to perform RCE

Once an user is authenticated on Jolokia, he can potentially trigger arbitrary code execution. In details, in ActiveMQ configurations, jetty allows org.jolokia.http.AgentServlet to handler request to /api/jolokia org.jolokia.http.HttpRequestHandlerhandlePostRequest is able to create JmxRequest...

[SECURITY] [DSA 5567-1] tiff security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5567-1 [email protected] https://www.debian.org/security/ Aron Xu November 27, 2023 https://www.debian.org/security/faq - -...

Dissemination of the Konni Campaign Through Malicious Documents

Summary: The Konni campaign has resurfaced in a new phishing attack employing a Russian-language Microsoft Word document to distribute malware. The malicious software aims to harvest sensitive information from compromised Windows hosts. Threat Level - Red | Attack Report For a detailed threat...

Virtuozzo Hybrid Infrastructure 6.0 (6.0.0-243)

In this release, Virtuozzo Hybrid Infrastructure provides an upgrade of the Linux distribution, kernel, and toolset packages. This release also contains a range of new features that cover storage performance, object storage, as well as monitoring and alerts. Additionally, this release delivers...

[SECURITY] [DSA 5564-1] gimp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5564-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso November 24, 2023 https://www.debian.org/security/faq -...

Atomic Stealer Sneaks In via Fake Browser Updates

Summary: The macOS information-stealing malware known as Atomic, or AMOS, is currently being delivered to targets through a deceptive web browser update chain known as ClearFake. ClearFake is a recent malware campaign that exploits compromised websites to distribute fake browser updates. Threat...

ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer

The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. "This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of...