Threat landscape for industrial automation systems for H2 2022

Year 2022 in numbers Parameter | H1 2022 | H2 2022 | 2022 ---|---|---|--- Percentage of attacked ICS computers globally | 31.8% | 34.3% | 40.6% Main threat sources Internet | 16.5% | 19.9% | 24.0% Email clients | 7.0% | 6.4% | 7.9% Removable devices | 3.5% | 3.8% | 5.2% Network folders | 0.6% |...

Malicious code in web-ui-design-tokens (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a88ce42be3b23548e439e35c69b7b44620e8828e4c8f7ccc235bdbc8c4e26d7f Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in owa-strings (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e11e49aab0abb7a01a703ccc6527f87fb4d48ccf2f542466b209e0bd4ca1b2da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

keycloak: Session takeover with OIDC offline refreshtokens

A flaw was found in the offlineaccess scope in Keycloak. This issue would affect users of shared computers more especially if cookies are not cleared, due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to...

Malicious code in fca-aliya-anup (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b7cd0ba8421ce7a7724cc51ff412e9a90358c8d9cc85ddca90576ae1c9c3d034 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in object-color (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4c020aef40621d4925ef4f889be72db32fbe5408e09d1492bc4218b726174c3e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in xsstesttttttttt (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware fc8748b83babc4682dcf2d5828d03fe1d54b31a1cce16fa636448eb65f310eb8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system into a proxy...

SUSE CVE-2015-3096

Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIR before 18.0.0.144 on Windows and before 18.0.0.143 on OS X and Android, Adobe AIR SDK before 18.0.0.144 on Windows and before 18.0.0.143 on OS X, and Adobe...

Malicious code in synthetic-jiser-database (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 321d9dba211cbd5bc6fca060c3ac8011e47fc368c530ce63d5647d9a1ea5672c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in micro-username (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 16568c3c83ac6dd335ed741695670ec423436e9f9c4070c7f200d46edc98948b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2022-43779

A potential Time-of-Check to Time-of-Use TOCTOU vulnerability has been identified in certain HP PC products using AMI UEFI Firmware system BIOS which might allow arbitrary code execution, denial of service, and information disclosure. AMI has released updates to mitigate the potential vulnerabili...

CVE-2022-34388

Dell SupportAssist for Home PCs version 3.11.4 and prior and SupportAssist for Business PCs version 3.2.0 and prior contain information disclosure vulnerability. A local malicious user with low privileges could exploit this vulnerability to view and modify sensitive information in the database of...

CVE-2022-34386

Dell SupportAssist for Home PCs version 3.11.4 and prior and SupportAssist for Business PCs version 3.2.0 and prior contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information...

CVE-2022-34385

SupportAssist for Home PCs version 3.11.4 and prior and SupportAssist for Business PCs version 3.2.0 and prior contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information...

Dell SupportAssist for Home PCs 安全漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs version 3.11.4 and prior versions, which...

Dell SupportAssist for Home PCs 安全漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs version 3.11.4 and prior versions, which...

Dell SupportAssist for Home PCs 安全漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs, which stems from a rate-limit bypass issu...

Dell SupportAssist for Home PCs 代码问题漏洞

Dell SupportAssist for Home PCs is a client application for home computers from Dell USA. The program provides automated, proactive and predictive techniques for troubleshooting and more. A security vulnerability exists in Dell SupportAssist for Home PCs version 3.11.4 and prior versions, which...