Variant of Paradise Ransomware Targets Office IQY Files

A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization’s network, researchers have found. Lastline Labs’ James Haughom discovered the variant in December in a spam...

Variant of Paradise Ransomware Targets Office IQY Files

A new variant of the Paradise ransomware attacks rarely-targeted Microsoft Office Excel IQY files, providing a new and relatively inobtrusive way to infiltrate and hijack an organization’s network, researchers have found. Lastline Labs’ James Haughom discovered the variant in December in a spam...

CVE-2019-11686

CVE-2019-11686 concerns Western Digital/SanDisk self-encrypting drives (X300, X300s, X400, X600). The wear-leveling algorithm can leave cryptographic parameters (e.g., DEKs) on media after supposed erasure, potentially enabling data disclosure if an attacker accesses the drive. Connected sources ...

Rockwell Automation MicroLogix Controllers and RSLogix 500 Software

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Rockwell Automation Equipment: MicroLogix 1400 Controllers, MicroLogix 1100 Controllers, and RSLogix 500 Software Vulnerabilities: Use of Hard-coded Cryptographic Key, Use of a Broken or Risky...

Denial Of Service (DoS)

urllib3 is vulnerable to denial of service. The encodeinvalidchars function in util/url.py allows an attacker to cause a denial of service condition through long processing time due to an inefficient algorithm when parsing invalid characters, potentially resulting in an application crash when...

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

Code injection

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

CVE-2020-7212

CVE-2020-7212 concerns urllib3 for Python (versions 1.25.2–1.25.7) with a Denial of Service risk caused by the _encode_invalid_chars implementation in util/url.py. The issue arises from an inefficient algorithm where the percent_encodings collection can grow O(N) for a URL of length N, and the su...

CVE-2020-7212

The encodeinvalidchars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service CPU consumption because of an inefficient algorithm. The percentencodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length ...

CVE-2019-14886

A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in erraisecuritycontext. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords...

VMware Carbon Black Threat Analysis: FTCODE Ransomware

FTCODE is a fully PowerShell-based ransomware. It is distributed via malicious document files that contain macros or using VBScript to download and launch the malicious PowerShell script. FTCODE ransomware will scan a specific list of file extensions and encrypt them with Rijndael algorithm. Othe...

The vulnerability of the managed-keys function in the DNS BIND server allows a attacker to cause a service failure.

The vulnerability of the managed-keys function in the DNS BIND server is related to a key validation error, especially when an unsupported algorithm is used. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

Moxa EDS-G516E and EDS-510E series weak cryptographic algorithm vulnerability

Moxa EDS-G516E and EDS-510E series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa EDS-G516E and EDS-510E series, which can be exploited by attackers to obtain sensitive information...

Moxa PT-7528 and PT-7828 Series Weak Cryptographic Algorithm Vulnerability

Moxa PT-7528 and PT-7828 Series are both Ethernet switches manufactured by Moxa. A weak cryptographic algorithm vulnerability exists in the Moxa PT-7528 and PT-7828 Series, which can be exploited by attackers to obtain sensitive information...

Moxa EDS-G516E and EDS-510E Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: EDS-G516E series, and EDS-510E series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

Moxa PT-7528 and PT-7828 Series Ethernet Switches

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: PT-7528 Series and PT-7828 Series Vulnerabilities: Stack-based Buffer Overflow, Use of a Broken or Risky Cryptographic Algorithm, Use of Hard-coded Cryptographic Key, Use of...

Moxa MB3xxx Series Protocol Gateways

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Moxa Equipment: MB3170 series, MB3180 series, MB3270 series, MB3280 series, MB3480 series, and MB3660 series Vulnerabilities: Stack-based Buffer Overflow, Integer Overflow to Buffer Overflow,...