CVE-2024-54910

Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function...

CVE-2024-54910

Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function...

CVE-2024-54910

Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function...

CVE-2024-54910

Hasleo Backup Suite Free v4.9.4 and before is vulnerable to Insecure Permissions via the File recovery function...

Hasleo Backup Suite Free 安全漏洞

Hasleo Backup Suite Free EasyUEFI Backup Suite Free is a completely free Windows backup software from Hasleo. A security vulnerability exists in Hasleo Backup Suite Free v4.9.4 and earlier versions, which stems from the vulnerability to unsecured privileges through the file recovery feature...

CVE-2024-54910

Hasleo Backup Suite Free before 4.9.5 is vulnerable to insecure permissions via the File recovery function. Affected versions include v4.9.4 and earlier; the root cause is unsecured privileges in File recovery, enabling potential unauthorized access or manipulation of files. Impact is described a...

PT-2025-3084 · Hasleo · Hasleo Backup Suite Free

Name of the Vulnerable Software and Affected Versions: Hasleo Backup Suite Free versions prior to 4.9.5 Description: The issue concerns insecure permissions through the file recovery function. This allows for potential unauthorized access or manipulation of files. Recommendations: For versions...

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

A decryptor for the Tortilla variant of the Babuk ransomware has been released by Cisco Talos, allowing victims targeted by the malware to regain access to their files. The cybersecurity firm said the threat intelligence it shared with Dutch law enforcement authorities made it possible to arrest...

Oops! Black Basta ransomware flubs encryption

Researchers at SRLabs have made a decryption tool available for Black Basta ransomware, allowing some victims of the group to decrypt files without paying a ransom. The decryptor works for victims whose files were encrypted between November 2022 and December 2023. The decryptor, called Black Bast...

CVE-2023-21521

An SQL Injection vulnerability in the Management Console Operator Audit Trail of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify database data Insert/Update/Delete, execute administration operations on the database, recover the...

CISA and FBI Release ESXiArgs Ransomware Recovery Guidance

Today, CISA and the Federal Bureau of Investigation FBI released a joint Cybersecurity Advisory, ESXiArgs Ransomware Virtual Machine Recovery Guidance. This advisory describes the ongoing ransomware campaign known as “ESXiArgs.” Malicious cyber actors may be exploiting known vulnerabilities in...

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

The vulnerability of the recovery mechanism of G Data antivirus software allows attackers to enhance their privileges.

The vulnerability of the file recovery mechanism of the G Data antivirus software is related to incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow a malicious actor, operating remotely, to increase their privileges...

CVE-2023-24069

Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker to obtain potentially sensitive attachments sent in messages from the attachments.noindex directory. Cached attachments are not effectively cleared. In some cases, even after a self-initiated file deletion, an attacker ca...

CVE-2023-24069

Signal Desktop before 6.2.0 (Windows/Linux/macOS) is affected by CVE-2023-24069 and CVE-2023-24068, with confirmed details in Red Hat advisories and NVD/osv entries. The issue centers on attachments.noindex: attackers with local filesystem access can access potentially sensitive attachments store...

Simplifying the fight against ransomware: An expert explains

Fighting against ransomware can be difficult—especially if your organization has limited IT resources to begin with. But Adam Kujawa, security evangelist and director of Malwarebytes Labs, has a few tips for overburdened IT folks looking to simplify their fight against ransomware. In this post,...

Decryptor Keys Published for Maze, Egregor, Sekhmet Ransomwares

The shackles have been broken for victims of Maze/Egregor/Sekhmet ransomware: On Wednesday, decryption keys were released for all three ransomware strains in a forum post. The liberator, using the handle “Topleak,” described themselves as the developer of the three ransomwares. It’s been lovely,...

[SECURITY] Fedora 35 Update: testdisk-7.1-7.fc35

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...

[SECURITY] Fedora 33 Update: testdisk-7.1-7.fc33

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...

[SECURITY] Fedora 34 Update: testdisk-7.1-7.fc34

Tool to check and undelete partition. Works with FAT12, FAT16, FAT32, NTFS, ext2, ext3, ext4, btrfs, BeFS, CramFS, HFS, JFS, Linux Raid, Linux Swap, LVM, LVM2, NSS, ReiserFS, UFS, XFS. PhotoRec is a signature based file recovery utility. It handles more than 440 file formats including JPG,...