CVE-2023-25149 TimescaleDB has incorrect access control

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

CVE-2023-25149

TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 through 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry data collection were not run wit...

Timescale TimescaleDB 访问控制错误漏洞

Timescale TimescaleDB is an open source database software from Timescale, Inc. It is designed to make SQL scalable for time series data. An access control error vulnerability exists in Timescale TimescaleDB versions 2.8.0 through 2.9.2, which occurs when, during installation, TimescaleDB creates ...

Beyond the basics: Implementing an active defense

Active defense a key approach to protecting against major threats Having an active defense posture, where the defenders actively use threat intelligence and their own environment telemetry to uncover potential compromises, is the next stage in the cyber security maturity road. Instead of waiting...

Citrix License Telemetry FAQ

General License Telemetry Questions What was announced? In mid-November 2024, Cloud Software Group made changes regarding license telemetry for on-premises customer-managed environments which use the Citrix License Server: Starting with License Server 11.17.2 Build 40000, the on-premises...

CVE-2023-24156

A command injection vulnerability in the ip parameter in the function recvSlaveUpgstatus of TOTOLINK T8 V4.1.5cu allows attackers to execute arbitrary commands via a crafted MQTT packet...

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of an unencrypted data transmission channel by default. This allows attackers to gain unauthorized access to protected information or execute arbitrary commands.

The vulnerability of InHand Networks InRouter 302 and InRouter 615 microprogrammed software lies in the use of an unencrypted data transmission channel by default. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information or execute arbitrary...

Azure File Sync Agent v16 Release - January 2023

Azure File Sync Agent v16 Release - January 2023 This article describes the improvements and issues that are fixed in the Azure File Sync Agent v16 release that is dated January 2023. Additionally, this article contains installation instructions for this release. Improvements and issues that are...

Threat Landscape Topic Summary Report: Cisco Talos Year in Review 2022

While our ongoing support to Ukraine and response to the Log4j vulnerabilities were two of our most comprehensive and impactful efforts in 2022, we also dealt with a multitude of other threats as the security community faced an expanding set of adversaries and malware. In January, we identified...

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the "socially engineered supply chain" attack around mid-July 2022, said the malicious I...

Update 15.17 for Microsoft Dynamics 365 Business Central 2019 Release Wave 2 (Application Build 15.17.49440, Platform Build 15.0.49431)

Update 15.17 for Microsoft Dynamics 365 Business Central 2019 Release Wave 2 Application Build 15.17.49440, Platform Build 15.0.49431 This article applies to Microsoft Dynamics 365 Business Central 2019 Release Wave 2 for all countries and all language locales. Overview This update replaces...

Pyramid - A Tool To Help Operate In EDRs' Blind Spots

What is it Pyramid is a set of Python scripts and module dependencies that can be used to evade EDRs. The main purpose of the tool is to perform offensive tasks by leveraging some Python evasion properties and looking as a legit Python application usage. This can be achieved because: 1. the Pytho...

Moderate: Red Hat Security Advisory: Red Hat OpenStack 16.1.9 (openstack-tripleo-heat-templates) security update

An update for openstack-tripleo-heat-templates is now available for Red Hat OpenStack Platform 16.1.9 Train for Red Hat Enterprise Linux RHEL 8.2. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which...

The vulnerability in the functionality of Windows for connected users and telemetry allows a perpetrator to enhance their privileges.

The vulnerability of the functional capabilities for connected users and telemetry in the Windows operating system arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to increase their privileges...

Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services

Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered industry-leading results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services. We provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led...

How to manually upload Telemetry data to CIS

This article explains the steps required when manually uploading the Telemetry data to CIS. Prerequisites V11.17.2 build 40000 license server or newer You must disable the automatic data upload before choosing to upload manually. Perform the following steps on your IT-managed/on-prem license serv...

Mangle - Tool That Manipulates Aspects Of Compiled Executables (.Exe Or DLL) To Avoid Detection From EDRs

Authored By Tyl0us Featured at Source Zero Con 2022 Mangle is a tool that manipulates aspects of compiled executables .exe or DLL. Mangle can remove known Indicators of Compromise IoC based strings and replace them with random characters, change the file by inflating the size to avoid EDRs, and c...

Performance Telemetry

This finding provides information to assist in scan performance tuning. No source data...

New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos

Telecommunications and IT service providers in the Middle East and Asia are being targeted by a previously undocumented Chinese-speaking threat group dubbed WIP19. The espionage-related attacks are characterized by the use of a stolen digital certificate issued by a Korean company called DEEPSoft...

Introducing Malwarebytes Managed Detection and Response (MDR)

With our Managed Detection and Response MDR service now generally available for businesses and MSPs, you may be wondering: What is MDR, how does Malwarebytes MDR work, and do I need it? Underpinned by our award-winning EDR technology, Malwarebytes MDR offers powerful and affordable threat...