Lucene search
K

1896 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2024/02/27 12:0 a.m.36 views

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry...

10CVSS7.4AI score0.99959EPSS
Exploits9
0day.today
0day.today
added 2024/02/27 12:0 a.m.314 views

TEM Opera Plus FM Family Transmitter 35.45 - Remote Code Execution Vulnerability

TEM Opera Plus FM Family Transmitter 35.45 Remote Code Execution Vendor: Telecomunicazioni Elettro Milano TEM S.r.l. Product web page: https://www.tem-italy.it Affected version: Software version: 35.45 Webserver version: 1.7 Summary: This new line of Opera plus FM Transmitters combines very high...

7.4AI score
Exploits0
The Hacker News
The Hacker News
added 2024/02/24 11:49 a.m.30 views

Microsoft Expands Free Logging Capabilities for all U.S. Federal Agencies

Microsoft has expanded free logging capabilities to all U.S. federal agencies using Microsoft Purview Audit irrespective of the license tier, more than six months after a China-linked cyber espionage campaign targeting two dozen organizations came to light. "Microsoft will automatically enable th...

7.5AI score
Exploits0
Trellix
Trellix
added 2024/02/13 12:0 a.m.16 views

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election

Cyberattack on Democracy: Escalating Cyber Threats Immediately Ahead of Taiwan’s 2024 Presidential Election By Anne An · February 13, 2024 Preface Cybersecurity has become an integral part of election security. Nation-state actors and other politically motivated groups are likely to try to...

6.7AI score
Exploits0
Amazon
Amazon
added 2024/02/05 12:0 a.m.4 views

Important: cri-tools

Issue Overview: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of da...

7.5CVSS6.2AI score0.01364EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2024/01/31 4:41 p.m.1 views

opentelemetry-go-contrib: DoS vulnerability in otelgrpc due to unbound cardinality metrics

A memory exhaustion flaw was found in the otelgrpc handler of open-telemetry. This flaw may allow a remote unauthenticated attacker to flood the peer address and port and exhaust the server's memory by sending multiple malicious requests, affecting the availability of the system...

7.5CVSS7.2AI score0.01592EPSS
Exploits0References5
Securelist
Securelist
added 2024/01/31 10:0 a.m.25 views

ICS and OT threat predictions for 2024

We do not expect rapid changes in the industrial cyberthreat landscape in 2024. Most of the below-described trends have been observed before, many for some years. However, some of them have reached a critical mass of creeping changes, which could lead to a qualitative shift in the threat landscap...

7.2AI score
Exploits0
Amazon
Amazon
added 2024/01/22 12:0 a.m.3 views

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

7.5CVSS6.8AI score0.03796EPSS
Exploits0
Amazon
Amazon
added 2024/01/22 12:0 a.m.12 views

Important: amazon-cloudwatch-agent

Issue Overview: The HTTP/2 protocol allows a denial of service server resource consumption because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-39325 A malicious HTTP sender can use chunk extensions to cause a receiver...

7.5CVSS6.7AI score0.03796EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/01/12 12:0 a.m.5 views

The vulnerability in the /plugins/playbooks/api/v0/telemetry/run/<telem_run_id> component of the application for exchanging instant messages with Mattermost allows a hacker to perform a CSRF attack.

The vulnerability of the /plugins/playbooks/api/v0/telemetry/run/ component of the Mattermost instant messaging application is related to the manipulation of cross-site requests. Exploiting this vulnerability could allow a malicious actor to perform a CSRF attack remotely...

10CVSS7.3AI score0.00309EPSS
Exploits0References2Affected Software1
Trellix
Trellix
added 2024/01/02 12:0 a.m.14 views

The Anatomy of HTML Attachment Phishing

The Anatomy of HTML Attachment Phishing: One Code, Many Variants By Mathanraj Thangaraju, Niranjan Hegde, and Sijo Jacob · June 14, 2023 Introduction Phishing is the malevolent practise of pretending to be a reliable entity in electronic communication to steal sensitive data, such as login...

7.7AI score
Exploits0
Wallarm Lab
Wallarm Lab
added 2023/12/29 12:20 p.m.24 views

MQTT vs AMQP

The Initial Overview: Learning about MQTT & AMQP In the dynamic arenas of Internet of Things IoT" and cloud computing, communication protocols that are robust, reliable and capable of handling high traffic volumes have become essential. The two protocols that have recently gained significant grou...

7.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/12/28 5:56 a.m.62 views

New Rugmi Malware Loader Surges with Hundreds of Daily Detections

A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer aka LummaC2, Vidar, RecordBreaker aka Raccoon Stealer V2, and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi. "This malware ...

7.4AI score
Exploits0
Circl
Circl
added 2023/12/20 5:23 p.m.8 views

CVE-2023-49772

creationtimestamp| type| source ---|---|--- 2023-12-20 17:23:52+00:00| seen| https://t.me/ctinow/157163 2024-01-13 15:21:51+00:00| seen| https://t.me/ctinow/167849...

10CVSS8.7AI score0.00727EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/12/15 2:17 p.m.60 views

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

A new botnet consisting of firewalls and routers from Cisco, DrayTek, Fortinet, and NETGEAR is being used as a covert data transfer network for advanced persistent threat actors, including the China-linked threat actor called Volt Typhoon. Dubbed KV-botnet by the Black Lotus Labs team at Lumen...

9.8CVSS9.5AI score0.85689EPSS
Exploits10
NVD
NVD
added 2023/12/12 9:15 a.m.10 views

CVE-2023-45316

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

8.8CVSS0.00309EPSS
Exploits0References1
OSV
OSV
added 2023/12/12 9:15 a.m.14 views

CVE-2023-45316

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

8.8CVSS8.7AI score
Exploits0References1
Prion
Prion
added 2023/12/12 9:15 a.m.15 views

Path traversal

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

6.8CVSS7AI score0.00309EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/12/12 8:23 a.m.16 views

CVE-2023-45316 Reflected client side path traversal leading to CSRF in Playbooks

Mattermost fails to validate if a relative path is passed in /plugins/playbooks/api/v0/telemetry/run/ as a telemetry run ID, allowing an attacker to use a path traversal payload that points to a different endpoint leading to a CSRF attack...

7.3CVSS8.9AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2023/12/12 8:23 a.m.76 views

CVE-2023-45316

Mattermost is affected by a path traversal CSRF vulnerability in the Playbooks telemetry endpoint. The issue arises from insufficient validation of a relative path passed to /plugins/playbooks/api/v0/telemetry/run/, enabling an attacker to craft a path traversal payload that points to a different...

8.8CVSS7.9AI score0.00309EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder