Lucene search
K

4168 matches found

The Hacker News
The Hacker News
added 2023/03/21 9:54 a.m.256 views

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significa...

9.8CVSS8.7AI score0.99999EPSS
Exploits178
The Hacker News
The Hacker News
added 2023/03/21 9:54 a.m.8 views

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in software from Microsoft, Google, and Apple. While this figure represents a decrease from the year before, when a staggering 81 zero-days were weaponized, it still represents a significa...

9.8CVSS9.4AI score0.99999EPSS
Exploits178
HackRead
HackRead
added 2023/03/20 11:51 p.m.29 views

DotRunpeX: The Malware That Infects Systems with Multiple Families

By Deeba Ahmed Researchers suspect that the malware may be operated by Russian-speaking groups, given the references to the language in its code. This is a post from HackRead.com Read the original post: DotRunpeX: The Malware That Infects Systems with Multiple Families...

6.7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/18 12:0 a.m.50 views

SUSE SLES15: docker / docker-bash-completion / docker-fish-completion / etc (SUSE-SU-2023:0795-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:0795-1 advisory. Docker was updated to 20.10.23-ce. See upstream changelog at https://docs.docker.com/engine/release-notes/201023 Docker was...

6.3CVSS6.8AI score0.00807EPSS
Exploits0References5
Microsoft Secure
Microsoft Secure
added 2023/03/17 4:0 p.m.22 views

KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency CISA published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed...

0.1AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/03/17 4:0 p.m.21 views

KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks

In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency CISA published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed...

0.1AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/16 6:34 a.m.190 views

Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency

Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency CISA, Federal...

9.8CVSS1.4AI score0.99737EPSS
Exploits20
CNVD
CNVD
added 2023/03/16 12:0 a.m.20 views

Siemens RUGGEDCOM CROSSBOW Access Control Error Vulnerability (CNVD-2023-17662)

An access control error vulnerability exists in Siemens RUGGEDCOM CROSSBOW, a secure access management solution designed to provide NERC CIP-compliant access to intelligent electronic devices, which stems from a failure of the affected application's client-side query handler to check for...

8.8CVSS4AI score0.00632EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/03/16 12:0 a.m.33 views

Fedora 37 : stargz-snapshotter (2023-ee472c698c)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-ee472c698c advisory. Release of stargz snapshotter v0.14.2 https://github.com/containerd/stargz- snapshotter/releases/tag/v0.14.2 This release uses containerd v1.7.0-rc....

7.8CVSS7.1AI score0.05623EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2023/03/16 12:0 a.m.36 views

Fedora 36 : containerd (2023-aadd08ab96)

The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-aadd08ab96 advisory. Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Tenable has extracted...

7.8CVSS7AI score0.00542EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2023/03/16 12:0 a.m.37 views

Fedora 37 : containerd (2023-05b39bc048)

The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-05b39bc048 advisory. Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Tenable has extracted...

7.8CVSS7AI score0.00542EPSS
Exploits1References3
Fedora
Fedora
added 2023/03/15 12:20 a.m.44 views

[SECURITY] Fedora 38 Update: sudo-1.9.13-1.p2.fc38

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

7.2CVSS7AI score0.01664EPSS
Exploits1
Prion
Prion
added 2023/03/14 10:15 a.m.15 views

Design/Logic Flaw

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.2. The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to...

6.5CVSS8.3AI score0.00632EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/14 9:31 a.m.7 views

CVE-2023-27310

A vulnerability has been identified in RUGGEDCOM CROSSBOW All versions V5.2. The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to...

6.6CVSS8.4AI score0.00632EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/03/14 12:0 a.m.4 views

PT-2023-1880 · Siemens · Ruggedcom Crossbow

Name of the Vulnerable Software and Affected Versions: RUGGEDCOM CROSSBOW versions prior to V5.2 Description: A vulnerability has been identified in the client query handler of the affected application, which fails to check for proper permissions when assigning groups to user accounts. This could...

9CVSS8.4AI score0.00632EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/03/14 12:0 a.m.5 views

Siemens RUGGEDCOM CROSSBOW 安全漏洞

An access control error vulnerability exists in Siemens RUGGEDCOM CROSSBOW, a secure access management solution designed to provide NERC CIP-compliant access to intelligent electronic devices, which stems from a failure of the affected application's client-side query handler to check for...

8.8CVSS6.7AI score0.00632EPSS
Exploits0References2
hivepro
hivepro
added 2023/03/13 1:20 p.m.11 views

Actors, Threats and Vulnerabilities 6 March to 12 March 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Last week, HiveForce Labs discovered three threat actors. One of them is a Russian group called TA499, which has a history of conducting different cyberattacks such as...

0.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/03/11 12:0 a.m.28 views

Fedora 38 : containerd (2023-cd000ea847)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-cd000ea847 advisory. Update containerd to 1.16.19 - Mitigates CVE-2023-25153 / GHSA-259w-8hf6-59c2 - Mitigates CVE-2023-25173 / GHSA-hmfx-3pcx-653p Tenable has extracted...

7.8CVSS7AI score0.00542EPSS
Exploits1References3
The Coalfire Blog
The Coalfire Blog
added 2023/03/10 9:12 p.m.12 views

FAQ: Transitioning to the highly anticipated new revision of ISO 27001

For a group like Coalfire Certification that lives and breathes these standards daily, it has been an exciting few months monitoring the progress of this publication and its review through the various ISO working groups...

1.2AI score
Exploits0
HackRead
HackRead
added 2023/03/09 8:0 p.m.30 views

Hackers leak DC Health Link data with Congress Members’ details

By Habiba Rashid The data contains personal and medical details of several members of the U.S. Congress, which are now circulating on Russian hacker forums as well as on Telegram groups. This is a post from HackRead.com Read the original post: Hackers leak DC Health Link data with Congress Member...

3AI score
Exploits0
Rows per page
Query Builder