Healthy security habits to fight credential breaches: Cyberattack Series

Fifty percent of Microsoft cybersecurity recovery engagements relate to ransomware,1 and 61 percent of all breaches involve credentials.2 In this second report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a push-bombing request that targete...

H3C Magic R200 缓冲区错误漏洞

The H3C Magic R200 is a router from China's Xinhua San H3C. A security vulnerability exists in the H3C Magic R200 R200V100R004 version, which stems from the EditBasicSSID5G interface via /goform/aspForm found to contain a stack overflow vulnerability...

WordPress WPJAM Basic Plugin <= 6.2.1 is vulnerable to Cross Site Scripting (XSS)

Software WPJAM Basic Type Plugin Vulnerable versions = 6.2.1 Fixed in 6.2.1.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-23709 Patch priority Low CVSS severity Low 6.5 Developer Denishua PSID 863497ab977f Credits István Márton Required privilege...

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...

Siemens OPC Foundation Local Discovery Server Affecting Siemens Products

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...

CVE-2020-20913

SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basictitle parameter...

MCMS SQL注入漏洞

MingSoft MCMS is a complete open source J2ee system from MingSoft, China. A security vulnerability exists in MCMS v.4.7.2. An attacker can exploit this vulnerability to execute arbitrary code via the basictitle parameter...

PT-2023-23726 · Nextcloud +1 · Nextcloud Server +1

Name of the Vulnerable Software and Affected Versions: Nextcloud server versions 24.0.0 through 24.0.10 Nextcloud server versions 25.0.0 through 25.0.4 Nextcloud server versions prior to 26.0.0 Description: The issue is related to missing brute-force protection on the WebDAV endpoints via the bas...

CVE-2023-1013

CVE-2023-1013 affects Virames Vira-Investing prior to 1.0.84.86. The issue is an Improper Neutralization of Script-Related HTML Tags in web pages, enabling a basic Cross-Site Scripting (XSS) vulnerability. Affected product: Virames Vira-Investing (versions before 1.0.84.86). Underlying cause: imp...

The vulnerability of ThinkPad laptop microprogramming software exists due to a flaw in the BIOS’ mechanism for detecting unauthorized access. This flaw allows a intruder to execute arbitrary code.

The vulnerability of the BIOS microprogramming system in ThinkPad laptops exists due to a flaw in the mechanism for detecting unauthorized access to the BIOS. Exploiting this vulnerability can allow an intruder to execute arbitrary code...

Boa Web Server v0.94.14 - Authentication Bypass

Exploit Title: Boa Web Server v0.94.14 - Authentication Bypass Date: 19-11-2022 Exploit Author: George Tsimpidas Vendor: https://github.com/gpg/boa CVE: N/A Tested on: Debian 5.18.5 Description : Boa Web Server Versions from 0.94.13 - 0.94.14 fail to validate the correct security constraint on th...

CVE-2022-36970

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

CVE-2022-36970

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

CVE-2022-36970

This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

SUSE-SU-2023:0821-1 Security update for grafana

This update for grafana fixes the following issues: - CVE-2022-23552: Fixed SVG processing by adding a dompurify preprocessor step bsc1207749. - CVE-2022-39324: Fixed originalUrl spoof security issue bsc1207750. - CVE-2022-41723: Fixed go issue to avoid quadratic complexity in HPACK decoding...

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool, was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

A malicious Python package uploaded to the Python Package Index PyPI has been found to contain a fully-featured information stealer and remote access trojan. The package, named colourfool , was identified by Kroll's Cyber Threat Intelligence team, with the company calling the malware Colour-Blind...

CVE-2023-25806

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the interna...

Authorization

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the interna...

CVE-2023-25806 Time discrepancy in authentication responses in OpenSearch

OpenSearch Security is a plugin for OpenSearch that offers encryption, authentication and authorization. There is an observable discrepancy in the authentication response time between calls where the user provided exists and calls where it does not. This issue only affects calls using the interna...