2294 matches found
TeamTNT's Cloud Credential Stealing Campaign Now Targets Azure and Google Cloud
A malicious actor has been linked to a cloud credential stealing campaign in June 2023 that's focused on Azure and Google Cloud Platform GCP services, marking the adversary's expansion in targeting beyond Amazon Web Services AWS. The findings come from SentinelOne and Permiso, which said the...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2023-35890)
Summary WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting WebSphere Application when using Web Server Plug-ins has been published in a security bulletin...
Amazon Linux AMI : squid (ALAS-2023-1774)
The version of squid installed on the remote host is prior to 3.5.20-17.49. It is, therefore, affected by a vulnerability as referenced in the ALAS-2023-1774 advisory. An issue was discovered in Squid before 4.9. URN response handling in Squid suffers from a heap-based buffer overflow. When...
Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes
Cybersecurity researchers have shared the inner workings of an Android malware family called Fluhorse. The malware "represents a significant shift as it incorporates the malicious components directly within the Flutter code," Fortinet FortiGuard Labs researcher Axelle Apvrille said in a report...
Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware
The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. "While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach...
GHSA-V3R5-PJPM-MWGQ Async HTTP Client has CRLF Injection vulnerability in HTTP request headers
Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they pass untrusted...
Async HTTP Client has CRLF Injection vulnerability in HTTP request headers
Versions of Async HTTP Client prior to 1.13.2 are vulnerable to a form of targeted request manipulation called CRLF injection. This vulnerability was the result of insufficient validation of HTTP header field values before sending them to the network. Users are vulnerable if they pass untrusted...
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. "The threat actor behind this ransomware-as-a-service promotes its offering on forums," Uptycs said in a new report. "Ther...
Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals
Threat actors associated with the Cyclops ransomware have been observed offering an information stealer malware that's designed to capture sensitive data from infected hosts. "The threat actor behind this ransomware-as-a-service promotes its offering on forums," Uptycs said in a new report. "Ther...
Security Bulletin: A security vulnerability has been identified in IBM HTTP Server shipped with IBM WebSphere Remote Server (CVE-2023-32342)
Summary IBM HTTP Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM HTTP Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...
Cross site scripting
Teltonika’s Remote Management System versions prior to 4.10.0 contain a virtual private network VPN hub feature for cross-device communication that uses OpenVPN. It connects new devices in a manner that allows the new device to communicate with all Teltonika devices connected to the VPN. The...
AlmaLinux 8 : python38:3.8 and python38-devel:3.8 (ALSA-2023:2763)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2763 advisory. python: int type in PyLongFromString does not limit amount of digits converting text to int leading to DoS CVE-2020-10735 python: open redirection...
Moderate: Red Hat Security Advisory: git-lfs security and bug fix update
An update for git-lfs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CentOS 8 : python27:2.7 (CESA-2023:2860)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2023:2860 advisory. - An issue was discovered in Python before 3.11.1. An unnecessary quadratic algorithm exists in one path when processing some inputs to the IDNA RFC 3490 decode...
ALSA-2023:2866 Moderate: git-lfs security and bug fix update
Git Large File Storage LFS replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server. Security Fixes: golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters...
MariaDB 10.5.0 < 10.5.20
The version of MariaDB installed on the remote host is prior to 10.5.20. It is, therefore, affected by a vulnerability as referenced in the 10.5.20 advisory. - MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to...
MariaDB 10.11.0 < 10.11.3
The version of MariaDB installed on the remote host is prior to 10.11.3. It is, therefore, affected by a vulnerability as referenced in the 10.11.3 advisory. - MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to...
MariaDB 10.4.0 < 10.4.29
The version of MariaDB installed on the remote host is prior to 10.4.29. It is, therefore, affected by a vulnerability as referenced in the 10.4.29 advisory. - MariaDB Server before 10.3.34 thru 10.9.3 is vulnerable to Denial of Service. It is possible for function spiderdbmbase::printwarnings to...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2023-27554)
Summary IBM WebSphere Application Server is shipped with IBM WebSphere Remote Server. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the...
Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM WebSphere Remote Server (CVE-2022-39161)
Summary IBM WebSphere Application Server, shipped with IBM WebSphere Remote Server, is vulnerable to spoofing when using Web Server Plug-ins. Information about a security vulnerability affecting IBM WebSphere Application Server when using Web Server Plug-ins has been published in a security...