Evasive QBot Malware Leverages Short-lived Residential IPs for Dynamic Attacks

An analysis of the "evasive and tenacious" malware known as QBot has revealed that 25% of its command-and-control C2 servers are merely active for a single day. What's more, 50% of the servers don't remain active for more than a week, indicating the use of an adaptable and dynamic C2...

CVE-2023-32686

Kiwi TCMS before version 12.3 was vulnerable to stored XSS via unrestricted file uploads. Weak upload validators allowed crafted file combinations to bypass Content-Security-Policy, enabling arbitrary JavaScript execution in the browser. The issue is patched in version 12.3. Remediation: upgrade ...

Omni-Notes 安全漏洞

Omni-Notes is an open source notes application for Android. A security vulnerability exists in versions prior to Omni-Notes 6.2.7 that stems from the path to a note attachment not being properly validated, allowing a malicious or compromised application on the same device to cause Omni-notes to...

CVE-2023-22504

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature...

Improper access control

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature...

CVE-2023-22504

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature...

CVE-2023-22504

Affected versions of Atlassian Confluence Server allow remote attackers who have read permissions to a page, but not write permissions, to upload attachments via a Broken Access Control vulnerability in the attachments feature...

CISA Warns of Hurricane/Typhoon-Related Scams

CISA urges users to remain on alert for malicious cyber activity following a natural disaster such as a hurricane or typhoon, as attackers target potential disaster victims by leveraging social engineering tactics, techniques, and procedures TTPs. Social engineering TTPs include phishing attacks...

Atlassian Confluence Server 代码问题漏洞

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi. A code issue vulnerability exists in Atlassian Confluence Server versions prior to 7.19.9, which...

PT-2023-18552 · Atlassian · Confluence

Name of the Vulnerable Software and Affected Versions: Atlassian Confluence Server affected versions not specified Description: The issue allows remote attackers with read permissions to a page, but not write permissions, to upload attachments. This is due to a Broken Access Control vulnerability...

USN-6073-6 cinder regression

USN-6073-1 fixed a vulnerability in Cinder. Unfortunately the update introduced a regression with detaching volumes. The security fix has been removed pending further investigation. We apologize for the inconvenience. Original advisory details: Jan Wasilewski and Gorka Eguileor discovered that...

RosarioSIS Stores Sensitive Data in a Mechanism without Access Control

RosarioSIS prior to 11.0 allows anyone, regardless of authentication status, to download and view file attachments under the salaries module. In addition, the file names contain a date in a YYYY-MM-DD format and a random six-string digit, making enumerating file names with automated tools...

GHSA-36CM-H8GV-MG97 RosarioSIS Stores Sensitive Data in a Mechanism without Access Control

RosarioSIS prior to 11.0 allows anyone, regardless of authentication status, to download and view file attachments under the salaries module. In addition, the file names contain a date in a YYYY-MM-DD format and a random six-string digit, making enumerating file names with automated tools...

PT-2023-20766 · Unknown · Rosariosis

Name of the Vulnerable Software and Affected Versions: RosarioSIS versions prior to 11.0 Description: The issue allows unauthorized access to sensitive data due to a lack of access control in a mechanism. Specifically, it enables anyone to download and view file attachments under the salaries...

Ubuntu: Security Advisory (USN-6073-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6073-4 python-os-brick vulnerability

Jan Wasilewski and Gorka Eguileor discovered that os-brick incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see...

USN-6073-3 nova vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the...

USN-6073-3: Nova vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Nova incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see the...

USN-6073-2 python-glance-store vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Glancestore incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please s...

USN-6073-1 cinder vulnerability

Jan Wasilewski and Gorka Eguileor discovered that Cinder incorrectly handled deleted volume attachments. An authenticated user or attacker could possibly use this issue to gain access to sensitive information. This update may require configuration changes to be completely effective, please see th...