9 matches found
CVE-2024-2291
In Progress MOVEit Transfer versions released before 2022.0.11 14.0.11, 2022.1.12 14.1.12, 2023.0.9 15.0.9, 2023.1.4 15.1.4, a logging bypass vulnerability has been discovered. An authenticated user could manipulate a request to bypass the logging mechanism within the web application which result...
EUVD-2019-8215
Malware in sbrugna...
EUVD-2021-18702
Malware in sbrugna...
EUVD-2023-58464
Malicious code in bioql PyPI...
EUVD-2023-47089
Malicious code in bioql PyPI...
Progress MOVEit Transfer 安全漏洞
Progress MOVEit Transfer is a secure hosted file transfer application from Progress. A security vulnerability exists in Progress MOVEit Transfer that stems from improper privilege management for users of shared accounts, which could result in elevated privileges...
CVE-2024-0396
In Progress MOVEit Transfer versions released before 2022.0.10 14.0.10, 2022.1.11 14.1.11, 2023.0.8 15.0.8, 2023.1.3 15.1.3, an input validation issue was discovered. An authenticated user can manipulate a parameter in an HTTPS transaction. The modified transaction could lead to computational...
A week in security (June 24 – June 30)
Last week on Malwarebytes Labs: TEMU sued for being "dangerous malware" by Arkansas Attorney General Driving licences and other official documents leaked by authentication service used by Uber, TikTok, X, and more "Poseidon" Mac stealer distributed via Google ads Federal Reserve "breached" data m...
Estée Lauder targeted by Cl0p and BlackCat ransomware groups
Estee Lauder is currently at the heart of a compromise storm, revealing a major security issue via a Security Exchange Commission SEC filing on Tuesday. Although no detailed explanation of what has taken place is given, there is confirmation that an attack allowed access to some systems and...