Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based information-stealing malware called CryptBot and "decelerate" its growth. The tech giant's Mike Trinh and Pierre-Marc Bureau said the efforts are part of steps it takes to "not...

Upgraded Q -> 3 from #883 [1682591277339]

Judge has assessed an item in Issue 883 as 3 risk. The relevant finding follows: As such, if deposit or withdraw reverts for any derivative, stake and unstake will fail. This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and...

Upgraded Q -> 2 from #883 [1682591284215]

Judge has assessed an item in Issue 883 as 2 risk. The relevant finding follows: This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and withdraw to revert due to unchecked external conditions: Reth The rocket pool DAO can disabl...

Updated squirrel/supertux packages fix security vulnerability

sqclass.cpp in Squirrel 3.1 allows an out-of-bounds read in the core interpreter that can lead to Code Execution. If a victim executes an attacker-controlled squirrel script, it is possible for the attacker to break out of the squirrel script sandbox even if all dangerous functionality such as Fi...

CyberPower PowerPanel Business Edition 安全漏洞

Cyber Power Systems CyberPower PowerPanel Business Edition is a suite of power management software from Cyber Power Systems, USA. The software automates the shutdown of physical and virtual infrastructures and monitors and manages CyberPower UPS systems and network-connected PDUs Power Distributi...

[SECURITY] [DSA 5393-1] chromium security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5393-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 22, 2023 https://www.debian.org/security/faq -...

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Pay

Impact A payments info page of Pay is susceptible to reflected Cross-site scripting. An attacker could create a working URL that renders a javascript link to a user on a Rails application that integrates Pay. This URL could be distributed via email to specifically target certain individuals. If t...

cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2023-20862 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2023-20862 Source advisory: OSV:GHSA-X873-6RGC-94JC...

YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader

Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er " read: invalid printer that's used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations...

YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader

Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" read: invalid printer that's used to deliver the Aurora information stealer malware. "The in2al5d p3in4er loader is compiled with Embarcadero RAD Studio and targets endpoint workstations...

New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware

A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spai...

QBot banker delivered through business correspondence

In early April, we detected a significant increase in attacks that use banking Trojans of the QBot family aka QakBot, QuackBot, and Pinkslipbot. The malware would be delivered through e-mail letters written in different languages — variations of them were coming in English, German, Italian, and...

org.apache.iotdb:iotdb-distribution (>=0.13.0 <=0.13.3) potentially affected by CVE-2023-24831 via org.apache.iotdb:iotdb-grafana-connector (>=0.13.0 <=0.13.3)

org.apache.iotdb:iotdb-grafana-connector MAVEN version =0.13.0, =0.13.0, =0.13.3 Source cves: CVE-2023-24831 Source advisory: OSV:GHSA-PVJV-386F-C8WH...

Fake Chrome updates spread malware

Compromised websites are causing big headaches for Chrome users. A campaign running since November 2022 is using hacked sites to push fake web browser updates to potential victims. Researcher Rintaro Koike says this campaign has now expanded to also target those who speak Korean, Spanish, and...

[SECURITY] [DSA 5389-1] rails security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5389-1 [email protected] https://www.debian.org/security/ Aron Xu April 14, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...

Mozilla: Files with malicious extensions could have been downloaded unsafely on Linux

The Mozilla Foundation Security Advisory describes this flaw as: Firefox did not properly handle downloads of files ending in .desktop, which can be interpreted to run attacker-controlled commands. This bug only affects Firefox for Linux on certain Distributions. Other operating systems are...

RHEL 7 : firefox (RHSA-2023:1791)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:1791 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

The vulnerability of the Apache Commons FileUpload library, related to unlimited resource distribution, allows attackers to cause service failures.

The vulnerability of the Apache Commons FileUpload library is related to the unlimited distribution of resources. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

ATEN International PE8108 安全漏洞

The ATEN International PE8108 is an intelligent PDU from China-based ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which stems from incorrect access control...

ATEN International PE8108 跨站请求伪造漏洞

The ATEN International PE8108 is an intelligent PDU from ATEN International. A security vulnerability exists in ATEN International PE8108 version 2.4.232, which is susceptible to Cross Site Request Forgery CSRF attacks...