What is The Dark Web ?

The Undernet, a term frequently shrouded in enigma and often linked with unlawful activities, is a concealed segment of the digital world that is purposefully veiled and unreachable via regular internet browsers. This chapter aims to unveil the secrets of the Undernet, step by step demythifying i...

Cisco IOS XE Software Group Encrypted Transport VPN Out of Bounds Write (cisco-sa-getvpn-rce-g8qR68sx)

According to its self-reported version, Cisco IOS-XE Software is affected by a vulnerability. - A vulnerability in the Cisco Group Encrypted Transport VPN GET VPN feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control o...

Unveiling Lu0Bot Malware A Node.js-Based Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lu0Bot Malware, a Node.js-based threat, surfaced in February 2021 as a secondary payload in GCleaner attacks. This malware acts as a bot, responding to C2 server commands and transmitting encrypted syste...

SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2023:4071-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4071-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

The vulnerability of the microprogramming software in real-time video viewing devices from Fujitsu’s IP series lies in the use of strictly encrypted login credentials. This allows a perpetrator to initialize or restart the device, as well as stop the transmission of videos.

The vulnerability of microprogrammed software in real-time video viewing devices from Fujitsu’s IP series is related to the use of strictly encrypted login credentials. Exploiting this vulnerability allows a remote attacker to initialize or restart the device, as well as stop the video transmissi...

CVE-2023-36843

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework jsf module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine pfe and thereby resulting in a Denial of Service DoS. Upon...

CVE-2023-36843

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework jsf module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine pfe and thereby resulting in a Denial of Service DoS. Upon...

Input validation

An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework jsf module of Juniper Networks Junos OS allows an unauthenticated network based attacker to cause a crash in the Packet Forwarding Engine pfe and thereby resulting in a Denial of Service DoS. Upon...

PT-2023-6081 · Juniper Networks · Junos

Name of the Vulnerable Software and Affected Versions: Juniper Networks Junos OS versions prior to 20.4R3-S8, 20.4R3-S9 Juniper Networks Junos OS version 21.1R1 and later versions Juniper Networks Junos OS versions prior to 21.2R3-S6 Juniper Networks Junos OS versions prior to 21.3R3-S5 Juniper...

Unveiling Lu0Bot Malware A Node.js-Based Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lu0Bot Malware, a Node.js-based threat, surfaced in February 2021 as a secondary payload in GCleaner attacks. This malware acts as a bot, responding to C2 server commands and transmitting encrypted syste...

SUSE-SU-2023:4035-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2023-39194: Fixed an out of bounds read in the XFRM subsystem bsc1215861. - CVE-2023-39193: Fixed an out of bounds read in the xtables subsystem bsc121586...

Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability

Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN GET VPN feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash...

Design/Logic Flaw

Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted...

CVE-2023-5100

Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted...

CVE-2023-5100

Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted...

White Supremacist Active Clubs Are Breeding on Telegram

A “friendlier” front for racist extremism has spread rapidly across the US in recent months, as active club channels network on Telegram's encrypted messaging app...

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation,...

PT-2023-24367 · Ibermatica · Ibermatica Rps

Name of the Vulnerable Software and Affected Versions: IBERMATICA RPS version 2019 Description: A cryptographic issue has been found, allowing an attacker to download a log file and retrieve SQL queries sent to the application in plain text. The log file contains password hashes coded with the...

CVE-2023-43657 Improper escaping of encrypted topic titles can lead to Cross-site Scripting under non-default site configuration

discourse-encrypt is a plugin that provides a secure communication channel through Discourse. Improper escaping of encrypted topic titles could lead to a cross site scripting XSS issue when a site has content security policy CSP headers disabled. Having CSP disabled is a non-default configuration...

PT-2023-28903 · Discourse · Discourse-Encrypt

Name of the Vulnerable Software and Affected Versions: discourse-encrypt plugin affected versions not specified Description: The discourse-encrypt plugin provides a secure communication channel through Discourse. However, improper escaping of encrypted topic titles could lead to a cross-site...