Anyone can add Gauge reward tokens and cause DoS

Lines of code Vulnerability details Impact The Gauge.notifyRewardAmount function does not have any access restriction. Anyone an attacker can frontrun and call this function to add arbitrary even malicious gauge reward tokens up to MAXREWARDTOKENS = 16. An attacker is able to frontrun and add 16...

Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them

Malicious actors can gain unauthorized access to users' online accounts via a new technique called "account pre-hijacking," latest research has found. The attack takes aim at the account creation process that's ubiquitous in websites and other online platforms, enabling an adversary to perform a...

CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities

CISA has issued Emergency Directive ED 22-03 and released a Cybersecurity Advisory CSA in response to active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access Access, VMware Identity Manager vIDM, VMware vRealize Automation vRA,...

Weak Security Controls and Practices Routinely Exploited for Initial Access

The cybersecurity authorities of the United States, Canada, New Zealand, the Netherlands, and the United Kingdom have issued a joint Cybersecurity Advisory CSA on 10 routinely exploited weak security controls, poor configurations, and bad practices that allow malicious actors to compromise...

SEC Plans to Hire More Staff in Crypto Enforcement Unit to Fight Frauds

The U.S. Securities and Exchange Commission SEC on Tuesday announced that it will expand and rebrand its Cyber Unit to fight against cyber-related threats and protect investors in cryptocurrency markets. To that end, the SEC is renaming the Cyber Unit within the Division of Enforcement to Crypto...

Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners

Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners...

MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639

We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation...

An Investigation of Cryptocurrency Scams and Schemes

We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide...

Zabbix Frontend Improper Access Control Vulnerability

Malicious actors can pass step checks and potentially change the configuration of Zabbix Frontend...

CISA Insights: Foreign Influence Operations Targeting Critical Infrastructure

CISA has released CISA Insights: Preparing for and Mitigating Foreign Influence Operations Targeting Critical Infrastructure, which provides proactive steps organizations can take to assess and mitigate risks from information manipulation. Malicious actors may use tactics—such as misinformation,...

Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central

Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of...

Ukrainian Government Officially Accuses Russia of Recent Cyberattacks

The government of Ukraine on Sunday formally accused Russia of masterminding the attacks that targeted websites of public institutions and government agencies this past week. "All the evidence points to the fact that Russia is behind the cyber attack," the Ministry of Digital Transformation said ...

CVE-2022-21669

PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are plannin...

CVE-2022-21669 Bot token exposed in main.py

PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are plannin...

CVE-2022-21669 Bot token exposed in main.py

PuddingBot is a group management bot. In version 0.0.6-b933652 and prior, the bot token is publicly exposed in main.py, making it accessible to malicious actors. The bot token has been revoked and new version is already running on the server. As of time of publication, the maintainers are plannin...

Open Redirect in OAuth2 Proxy

Impact As users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is expected to be the original URL that the user was trying to access. This redirect URL is checked within the proxy and validated before redirecting the user...

Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

Malicious actors are deploying a previously undiscovered binary, an Internet Information Services IIS webserver module dubbed "Owowa," on Microsoft Exchange Outlook Web Access servers with the goal of stealing credentials and enabling remote command execution. "Owowa is a C-developed .NET v4.0...

Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2021-2627)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Millions of Android Users Scammed in SMS Fraud Driven by Tik-Tok Ads

Threat actors are using malicious Android apps to scam users into signing up for a bogus premium SMS subscription service, which results in big charges accruing on their phone bills. Jakub Vavra from the threat operations team of security firm Avast uncovered the campaign, which he dubbed UltimaS...

curl: Metalink download sends credentials

A flaw was found in curl in the way curl handles credentials when downloading content using the Metalink feature. This flaw allows malicious actors controlling a hosting server to gain access to credentials provided while downloading content without the user's knowledge. The highest threat from...