EUVD-2020-2723

Malware in sbrugna...

EUVD-2018-1094

Malware in sbrugna...

EUVD-2023-32517

Malicious code in bioql PyPI...

What Is Cybersecurity in Space?

Satellites, drones, and 5G space links now support critical services such as air traffic, finance, and weather. Yet most were not built to resist modern cyber threats. Ground stations can be breached, GPS jammed, and supply chains compromised, while no shared list of vulnerabilities or safe testi...

CrazyHunter Campaign Targets Taiwanese Critical Sectors

This blog entry details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services...

CVE-2024-42456

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized...

CVE-2024-42456

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized...

CVE-2024-42456

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized...

CVE-2024-42456

A vulnerability in Veeam Backup & Replication platform allows a low-privileged user with a specific role to exploit a method that updates critical configuration settings, such as modifying the trusted client certificate used for authentication on a specific port. This can result in unauthorized...

Mozilla: Remote code execution and exfiltration of secret tokens by poisoning the mozilla/fxa CI build cache

Remote code execution and data exfiltration were possible by poisoning a cache used in a CI build process. A proof of concept demonstrated the ability to exfiltrate sensitive data by re-uploading a modified cache artifact. The vulnerability required access to the source code repository to be...

Siemens Unauthenticated Access to Critical Services in SCALANCE X-200 Switch Family (CVE-2013-5944)

The integrated web server on Siemens SCALANCE X-200 switches with firmware before 4.5.0 and X-200IRT switches with firmware before 5.1.0 does not properly enforce authentication requirements, which allows remote attackers to perform administrative actions via requests to the management interface...

Mozilla: Response Manipulation to enable Account recovery key with out current password

Vulnerability description not provided...

Mozilla: After the upload of an private file, using transformations, the file becomes public without the possibility of changing it.

A security vulnerability allowed users to upload private files, but the use of transformations made the files public without the ability to change or delete them...

A New Approach to Discover, Monitor, and Reduce Your Modern Web Attack Surface

Web applications reign the internet universe, but also bring new risks that let attackers poke holes in an ever-expanding attack surface. Stolen credentials have been the historical culprit. Recent analysis saw a spike in exploits targeting web applications directly through specially-crafted...

Mozilla: HTML Injection / Reflected Cross-Site Scripting with CSP on https://accounts.firefox.com/settings

A vulnerability was found on accounts.firefox.com, where the flowId parameter was reflected into the server response without being escaped for HTML, causing a Cross-Site Scripting attack. The Content-Security-Policy on Firefox's website prevented arbitrary JavaScript code execution, but an attack...

Cyberattacks Rage in Ukraine, Support Military Operations

Cyberattacks against Ukraine have been used strategically to support ground campaigns, with five state-sponsored advanced persistent threat APT groups behind attacks that began in February. According to research published by Microsoft on Wednesday, the APTs involved in the campaigns are...

Rapid7's 2021 ICER Takeaways: Version Complexity Among the Fortune 500

This blog post covers key takeaways from our 2021 Industry Cyber-Exposure Report ICER: Fortune 500. Original analysis for these findings was conducted by Bob Rudis. Complexity is the enemy when it comes to successful security outcomes in an organization. Diversity in systems, technologies, and...

CVE-2020-10268 RVD#2550: Terminate Critical Services in KUKA controller KR C4

Critical services for operation can be terminated from windows task manager, bringing the manipulator to a halt. After this a Re-Calibration of the brakes needs to be performed. Be noted that this only can be accomplished either by a Kuka technician or by Kuka issued calibration hardware that...

Ransomware groups continue to target healthcare, critical services; here’s how to reduce risk

At a time when remote work is becoming universal and the strain on SecOps, especially in healthcare and critical industries, has never been higher, ransomware actors are unrelenting, continuing their normal operations. Multiple ransomware groups that have been accumulating access and maintaining...

CVE-2019-1763 Cisco IP Phone 8800 Series Authorization Bypass Vulnerability

A vulnerability in the web-based management interface of Session Initiation Protocol SIP Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service DoS condition. The vulnerability exists...