EUVD-2020-3389

Malware in sbrugna...

CVE-2020-10990

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component...

AVEVA Historian Web Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : AVEVA Equipment : Historian Server Vulnerability : SQL Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an authenticated user to get read and write...

Hacker Leaks Data of 33,000 Accenture Employees in Third-Party Breach

A hacker claims to have obtained contact details of 33,000 current and former employees of IT giant Accenture in a breach involving a third-party firm...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

Malicious code in accenture-react-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 985ac5e6a836ced626f0611678d33c042d2461ef8a7360a50580945b3335d2f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2022-819 Malicious code in accenture-react-scripts (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 985ac5e6a836ced626f0611678d33c042d2461ef8a7360a50580945b3335d2f9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Barco Control Room Management Suite Directory Traversal Vulnerability

I. SUMMARY Title: CVE-2022-2623 Barco Control Room Management Suite File Path Traversal Vulnerability Product: Barco Control Room Management Suite before 2.9 build 0275 and all prior versions Vulnerability Type: File Path Traversal Credit by/Researcher: Murat Aydemir from Accenture Cyber Security...

Barco Control Room Management Suite Directory Traversal

I. SUMMARY Title: CVE-2022-2623 Barco Control Room Management Suite File Path Traversal Vulnerability Product: Barco Control Room Management Suite before 2.9 build 0275 and all prior versions Vulnerability Type: File Path Traversal Credit by/Researcher: Murat Aydemir from Accenture Cyber Security...

LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files

After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline’s encrypted files on its leak site. BleepingComputer posted an image shown...

Accenture claims to fight off LockBit ransomware gang with backup

By Waqas The infamous LockBit ransomware gang launched a ransomware attack against global IT giant Accenture. Here's what the group claims. This is a post from HackRead.com Read the original post: Accenture claims to fight off LockBit ransomware gang with backup...

IT Giant Accenture Hit by LockBit Ransomware; Hackers Threaten to Leak Data

Global IT consultancy giant Accenture has become the latest company to be hit by the LockBit ransomware gang, according to a post made by the operators on their dark web portal, likely filling a void left in the wake of DarkSide and REvil shutdown. "These people are beyond privacy and security. I...

Microsoft Warns of Another Unpatched Windows Print Spooler RCE Vulnerability

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update. Tracked as CVE-2021-36958 CVSS score: 7.3, the unpatched flaw...

Accenture Confirms LockBit Ransomware Attack

081321 08:42 UPDATE: Accenture reportedly acknowledged in an internal memo that attackers stole client information and work materials in a July 30 “security incident.” CyberScoop reports that the memo downplays the impact of the ransomware attack. The outlet quoted Accenture’s internal memo: “Whi...

Kirby Panel users could upload PHP Phar archives as content files before v2.5.14 and v3.4.5

Impact An editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on the server. This vulnerability is critical if you might have potential attackers in your group of authenticated Panel users, as they can gain access to the server with such a Phar file. Visitors...

GE Digital APM Classic

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Digital Equipment: APM Classic Vulnerabilities: Authorization Bypass Through User-controlled Key, Use of a One-Way Hash Without a Salt 2. RISK EVALUATION Successful exploitation of these...

CVE-2020-10990

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component...

CVE-2020-10990

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component...

Design/Logic Flaw

An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component...