Lucene search
K

253 matches found

The Hacker News
The Hacker News
added 2024/05/14 10:44 a.m.10 views

Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls

Cybersecurity researchers have uncovered an ongoing social engineering campaign that bombards enterprises with spam emails with the goal of obtaining initial access to their environments for follow-on exploitation. "The incident involves a threat actor overwhelming a user's email with junk and...

7.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2024/05/10 5:31 p.m.52 views

Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators

Co-authored by Rapid7 analysts Tyler McGraw, Thomas Elkins, and Evan McCann Executive Summary Rapid7 has identified an ongoing social engineering campaign that has been targeting multiple managed detection and response MDR customers. The incident involves a threat actor overwhelming a user's emai...

7.8AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/05/09 10:46 a.m.17 views

DocGo patient health data stolen in cyberattack

Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...

7.7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/26 12:0 a.m.7 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures, allowing attackers to execute arbitrary SQL queries against the database.

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of security measures for SQL query structures. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries against the database remotely...

6.4CVSS6AI score0.003EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2024/03/25 7:37 a.m.18 views

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

The Iran-affiliated threat actor tracked as MuddyWater aka Mango Sandstorm or TA450 has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management RMM solution called Atera. The activity, which took place from March 7 through the week o...

7.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/02/13 4:38 p.m.30 views

Remote Monitoring & Management software used in phishing attacks

Remote Monitoring & Management RMM software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today, streamlining tasks and ensuring network integrity from afar. However, these same tools have caught the eye of cybercriminals, who exploit them to...

7.7AI score
Exploits0
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.5 views

MachineSense FeverWarn Access Control Error Vulnerability

MachineSense FeverWarn is a temperature detection device from MachineSense. An access control error vulnerability exists in MachineSense FeverWarn that stems from the use of unauthenticated MQTT messaging to monitor the device and remotely view sensor data by a user...

7.5CVSS6.9AI score0.00592EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/11/29 12:0 a.m.6 views

The vulnerability of the Honeywell ProWatch software platform for remote monitoring and control of buildings, related to data processing errors, allows a intruder to execute arbitrary code.

The vulnerability of the Honeywell ProWatch software platform for remote monitoring and control is related to data processing errors. Exploiting this vulnerability could allow a intruder to execute arbitrary code...

7.8CVSS7.6AI score0.00195EPSS
Exploits0References5Affected Software1
CNVD
CNVD
added 2023/11/27 12:0 a.m.3 views

Fuji Electric Tellus Lite V-Simulator Improper Access Control Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...

8.8CVSS6.9AI score0.00484EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/27 12:0 a.m.3 views

Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability (CNVD-2025-1353550)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. Fuji Electric Tellus Lite V-Simulator suffers from a buffer overflow vulnerability that originates from a boundary error when parsing a specially crafted input file. An...

7.8CVSS8AI score0.00295EPSS
Exploits0References1
CNVD
CNVD
added 2023/11/27 12:0 a.m.2 views

Fuji Electric Tellus Lite V-Simulator Out-of-Bounds Write Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. An out-of-bounds write vulnerability exists in Fuji Electric Tellus Lite V-Simulator that originates from an out-of-bounds write when parsing a specially crafted input file...

7.8CVSS8AI score0.00335EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.4 views

Fuji Electric Tellus Lite V-Simulator 安全漏洞

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments developed by FujiElectric Japan, which is mainly used to collect real-time data from PLCs Programmable Logic Controllers, temperature controllers, inverters, and other devices. Fuji Electric Tellus...

8.8CVSS6.8AI score0.00484EPSS
Exploits0References3
ICS
ICS
added 2023/11/21 7:0 a.m.54 views

Fuji Electric Tellus Lite V-Simulator

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.8 ATTENTION : Low attack complexity Vendor : Fuji Electric Equipment : Tellus Lite V-Simulator Vulnerabilities : Stack-based Buffer Overflow, Out-of-bounds Write, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

8.8CVSS8.6AI score0.00484EPSS
Exploits0References10
CNNVD
CNNVD
added 2023/11/15 12:0 a.m.4 views

Fuji Electric V-Server 缓冲区错误漏洞

Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a software package for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...

7.8CVSS7.9AI score0.00265EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/10/25 12:0 a.m.9 views

The vulnerability of the Advantech WebAccess remote monitoring software lies in the lack of protection for operational data, which allows a intruder to disclose the protected information.

The vulnerability of Advantech WebAccess remote monitoring software lies in the lack of protection for operational data. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

7.8CVSS7.2AI score0.00465EPSS
Exploits0References4Affected Software1
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.11 views

Hewlett Packard Enterprise Integrated Lights-Out Security Vulnerability

Hewlett Packard Enterprise Integrated Lights-Out is a remote control solution from Hewlett Packard Enterprise. The solution enables remote monitoring and operation of IT assets such as servers. A security vulnerability exists in Hewlett Packard Enterprise Integrated Lights-Out 5 and Integrated...

7.5CVSS6.8AI score0.00498EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/09/12 12:0 a.m.6 views

The vulnerability of the software-based remote monitoring system Advantech WebAccess allows a intruder to gain access to the file system, re-write files, and execute commands.

The vulnerability of the software-based remote monitoring system Advantech WebAccess relates to the use of an untrusted pointer. Exploiting this vulnerability could allow a malicious actor to gain access to the file system, potentially enabling them to overwrite files and execute commands...

10CVSS7.8AI score0.02798EPSS
Exploits0References3Affected Software1
CISA
CISA
added 2023/08/16 12:0 p.m.6 views

CISA Releases JCDC Remote Monitoring and Management (RMM) Cyber Defense Plan

Today, CISA released the Remote Monitoring and Management RMM Cyber Defense Plan, the first proactive Plan developed by industry and government partners through the Joint Cyber Defense Collaborative JCDC. This plan addresses systemic risks facing the exploitation of RMM software. Cyber threat...

7.2AI score
Exploits0References5
The Hacker News
The Hacker News
added 2023/07/03 4:46 a.m.19 views

BlackCat Operators Distributing Ransomware Disguised as WinSCP via Malvertising

Threat actors associated with the BlackCat ransomware have been observed employing malvertising tricks to distribute rogue installers of the WinSCP file transfer application. "Malicious actors used malvertising to distribute a piece of malware via cloned webpages of legitimate organizations," Tre...

7.3AI score
Exploits0
CNNVD
CNNVD
added 2023/06/08 12:0 a.m.7 views

Fuji Electric V-Server 缓冲区错误漏洞

Fuji Electric V-Server and Fuji Electric V-Server Lite are both products of Fuji Electric, Japan.Fuji Electric V-Server is a suite of software for collecting and managing real-time field data.Fuji Electric V-Server Lite is a remote monitoring software for industrial environments. Server Lite is a...

7.8CVSS7.7AI score0.00266EPSS
Exploits0References4
Rows per page
Query Builder