1365 matches found
New Ransomware Strain 'CACTUS' Exploits VPN Flaws to Infiltrate Networks
Cybersecurity researchers have shed light on a new ransomware strain called CACTUS that has been found to leverage known flaws in VPN appliances to obtain initial access to targeted networks. "Once inside the network, CACTUS actors attempt to enumerate local and network user accounts in addition ...
New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets
Threat actors are advertising a new information stealer for the Apple macOS operating system called Atomic macOS Stealer or AMOS on Telegram for $1,000 per month, joining the likes of MacStealer. "The Atomic macOS Stealer can steal various types of information from the victim's machine, including...
DevOps threat matrix
The use of DevOps practices, which enable organizations to deliver software more quickly and efficiently, has been on the rise. This agile approach minimizes the time-to-market of new features and bug fixes. More and more companies are implementing DevOps services, each with its own infrastructur...
kernel: x86/fpu: Fix copy_xstate_to_uabi() to copy init states correctly
In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Fix copyxstatetouabi to copy init states correctly When an extended state component is not present in fpstate, but in init state, the function copies from initfpstate via copyfeature. But, dynamic states are not present ...
Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore
Qualys Blog Series – Threat Research Unit Report “Divide and Conquer” is an emerging and winning strategy for cyber criminals who split responsibilities to improve execution of the attack process. Some threat actors specialize in the back end, which often is ransomware deployed at scale. The fron...
Alphaware Simple E-Commerce System SQL注入漏洞
Alphaware Simple E-Commerce System is an e-commerce system by razormist individual developers. A SQL injection vulnerability exists in Alphaware Simple E-Commerce System version 1.0, which stems from an incorrect manipulation of the parameter firstname/mi/lastname that can lead to sql injection...
LockBit 3.0 Ransomware: Inside the Cyberthreat That's Costing Millions
U.S. government agencies have released a joint cybersecurity advisory detailing the indicators of compromise IoCs and tactics, techniques, and procedures TTPs associated with the notorious LockBit 3.0 ransomware. "The LockBit 3.0 ransomware operations function as a Ransomware-as-a-Service RaaS...
U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities
The U.S. Cybersecurity and Infrastructure Security Agency CISA has released a new advisory about Royal ransomware, which emerged in the threat landscape last year. "After gaining access to victims' networks, Royal actors disable antivirus software and exfiltrate large amounts of data before...
SUSE CVE-2000-0328
Windows NT 4.0 generates predictable random TCP initial sequence numbers ISN, which allows remote attackers to perform spoofing and session hijacking...
SUSE CVE-2008-4551
strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service daemon crash via an IKESAINIT message with a large number of NULL values in a Key Exchange payload, which triggers a NULL pointer dereference for the return value of the mpzexport function in the GNU Multiprecision...
SUSE CVE-2011-2613
The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service application crash via a non-array object that contains initial holes...
SUSE CVE-2011-2941
Open redirect vulnerability in Red Hat JBoss Enterprise Portal Platform before 5.2.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the initialURI parameter...
SUSE CVE-2015-0222
ModelMultipleChoiceField in Django 1.6.x before 1.6.10 and 1.7.x before 1.7.3, when showhiddeninitial is set to True, allows remote attackers to cause a denial of service by submitting duplicate values, which triggers a large number of SQL queries...
SUSE CVE-2015-7328
Puppet Server in Puppet Enterprise before 3.8.x before 3.8.3 and 2015.2.x before 2015.2.3 uses world-readable permissions for the private key of the Certification Authority CA certificate during the initial installation and configuration, which might allow local users to obtain sensitive...
SUSE CVE-2015-8023
The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3.4 does not properly validate local state, which allows remote attackers to bypass authentication via an empty Success message in response to an initial Challenge message...
SUSE CVE-2016-2560
Multiple cross-site scripting XSS vulnerabilities in phpMyAdmin 4.0.x before 4.0.10.15, 4.4.x before 4.4.15.5, and 4.5.x before 4.5.5.1 allow remote attackers to inject arbitrary web script or HTML via 1 a crafted Host HTTP header, related to libraries/Config.class.php; 2 crafted JSON data, relat...
SUSE CVE-2016-5155
Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux does not properly validate access to the initial document, which allows remote attackers to spoof the address bar via a crafted web site...
SUSE CVE-2016-5361
programs/pluto/ikev1.c in libreswan before 3.17 retransmits in initial-responder states, which allows remote attackers to cause a denial of service traffic amplification via a spoofed UDP packet. NOTE: the original behavior complies with the IKEv1 protocol, but has a required security update from...
SUSE CVE-2016-7433
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."...
SUSE CVE-2018-1000155
OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID DataPath IDentifier in the featuresreply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network...