1237 matches found
Pakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber Attacks
A suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJI that's written ...
Fedora: Security Advisory for qt5-qtx11extras (FEDORA-2024-2e27372d4c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 39 Update: rust-speakersafetyd-0.1.9-3.fc39
Speaker protection daemon for embedded Linux systems...
SUSE CVE-2024-33899
RARLAB WinRAR before 7.00, on Linux and UNIX platforms, allows attackers to spoof the screen output, or cause a denial of service, via ANSI escape sequences...
Fedora: Security Advisory for rust-speakersafetyd (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Mirth Connect deserialization vulnerability
Added: 05/23/2024 Background Mirth Connect is an application which translates message standards for healthcare systems. Problem A deserialization vulnerability in Mirth Connect allows remote attackers to execute arbitrary commands by sending a specially crafted API request. Resolution Upgrade to...
Google gVisor 安全漏洞
Google gVisor is a user-space kernel written in the Go language for use in Linux systems. A security vulnerability exists in Google gVisor. An attacker exploited the vulnerability to cause a denial of service on the system...
Exploit for Embedded Malicious Code in Tukaani Xz
CVE-2024-3094 Checker The CVE-2024-3094 Checker is a powerful...
GHSA-CFF3-5QRP-HQX7 Apache Airflow Improper Preservation of Permissions vulnerability
Improper Preservation of Permissions vulnerability in Apache Airflow. This issue affects Apache Airflow from 2.8.2 through 2.8.3. Airflow's local file task handler in Airflow incorrectly set permissions for all parent folders of log folder, in default configuration adding write access to Unix...
Russian Hackers May Have Targeted Ukrainian Telecoms with Upgraded 'AcidPour' Malware
The data wiping malware called AcidPour may have been deployed in attacks targeting four telecom providers in Ukraine, new findings from SentinelOne show. The cybersecurity firm also confirmed connections between the malware and AcidRain, tying it to threat activity clusters associated with Russi...
PT-2024-2008
Name of the Vulnerable Software and Affected Versions pgAdmin versions prior to 8.4 Description The issue is related to a path-traversal vulnerability in the session handling code of pgAdmin, which can lead to unsafe deserialization and remote code execution. This vulnerability can be exploited b...
Exploit for Out-of-bounds Write in Polkit_Project Polkit
CVE-2021-4034 PoC de Polkit ¿En qué consiste Polkit? Policy...
Sea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom Companies
Telecommunication, media, internet service providers ISPs, information technology IT-service providers, and Kurdish websites in the Netherlands have been targeted as part of a new cyber espionage campaign undertaken by a Türkiye-nexus threat actor known as Sea Turtle. "The infrastructure of the...
Security Bulletin: A vulnerability in Apache ActiveMQ affects IBM Operations Analytics Predictive Insights
Summary IBM Operations Analytics Predictive Insights uses Apache ActiveMQ software, as a core module in processing analytics data. The vulnerability CVE-2023-46604 found in Apache ActiveMQ could be exploited to download and infect Linux systems with the Kinsing malware. This bulletin identifies t...
PT-2023-7577
Name of the Vulnerable Software and Affected Versions Insyde InsydeH2O versions 5.2 through 5.60.47 Acer, HP, Fujitsu, and Lenovo devices affected versions not specified Description A LogoFAIL issue exists in the BmpDecoderDxe component of Insyde InsydeH2O UEFI firmware. This flaw stems from an...
Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw
By Deeba Ahmed Patches for all affected versions of Apache ActiveMQ have been released, and clients are strongly advised to upgrade their systems. This is a post from HackRead.com Read the original post: Kinsing Crypto Malware Targets Linux Systems via Apache ActiveMQ Flaw...
CVE-2023-26031 Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote authenticated users, this MAY permit remote users to gain root privileges. Hadoop 3.3.0 updated the "...
Attacks, Vulnerabilities and Actors 23 October to 29 October 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...
DoNot Team's New Firebird Backdoor Hits Pakistan and Afghanistan
The threat actor known as DoNot Team has been linked to the use of a novel .NET-based backdoor called Firebird targeting a handful of victims in Pakistan and Afghanistan. Cybersecurity company Kaspersky, which disclosed the findings in its APT trends report Q3 2023, said the attack chains are als...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS when reading a maliciously crafted X.509 certificate. Note: This issue only affects Linux systems. Details Denial of Service DoS describes a family of attacks, all aimed at making a system inaccessible to its...