Lucene search
K

1004 matches found

Schneier on Security
Schneier on Security
added 2023/01/25 12:0 p.m.25 views

US Cyber Command Operations During the 2022 Midterm Elections

The head of both US Cyber Command and the NSA, Gen. Paul Nakasone, broadly discussed that first organizations offensive cyber operations during the runup to the 2022 midterm elections. He didnt name names, of course: We did conduct operations persistently to make sure that our foreign adversaries...

0.5AI score
Exploits0
NVD
NVD
added 2023/01/06 7:15 a.m.25 views

CVE-2023-22671

Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided input into eval, leading to command injection when calling analyzeHeadless with untrusted input...

9.8CVSS9.8AI score0.02885EPSS
Exploits1References2
CVE
CVE
added 2023/01/06 12:0 a.m.67 views

CVE-2023-22671

Ghidra NSA: CVE-2023-22671 affects Ghidra/RuntimeScripts/Linux/support/launch.sh through 10.2.2. Root cause: user input is passed to eval inside launch.sh, enabling command injection when analyzeHeadless is invoked with untrusted input. Impact is high (command injection as per CVSS 3.1) with pote...

9.8CVSS9.6AI score0.02885EPSS
Exploits1References2Affected Software1
The Hacker News
The Hacker News
added 2022/12/14 4:40 a.m.76 views

Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability

The U.S. National Security Agency NSA on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller ADC and Gateway to take over affected systems. The critical remote code execution vulnerability, identified as CVE-2022-27518...

10CVSS0.5AI score0.99474EPSS
Exploits21
ATTACKERKB
ATTACKERKB
added 2022/12/13 5:15 p.m.60 views

CVE-2022-27518

Unauthenticated remote arbitrary code execution...

9.8CVSS7.9AI score0.06931EPSS
In wildExploits1References2Affected Software1
NCSC
NCSC
added 2022/12/13 12:0 a.m.10 views

Vulnerability fixed in Citrix Gateway and ADC

Citrix has fixed a vulnerability in Citrix Gateway and Citrix ADC. An unauthenticated remote malicious person could exploit the exploit the vulnerability to execute arbitrary code. To do so, rogue network traffic must be sent to the vulnerable system be sent. Gateway and ADC systems are only...

9.8CVSS9.4AI score0.06931EPSS
Exploits1
CISA
CISA
added 2022/12/13 12:0 a.m.11 views

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

Today, the National Security Agency NSA, CISA, and the Office of the Director of National Intelligence ODNI, published Potential Threats to 5G Network Slicing. This guidance—created by the Enduring Security Framework ESF, a public-private cross-sector working group led by the NSA and CISA—present...

2.7AI score
Exploits0References3
CISA
CISA
added 2022/12/13 12:0 a.m.89 views

Citrix Releases Security Updates for Citrix ADC, Citrix Gateway

Citrix has released security updates to address a critical vulnerability CVE-2022-27518 in Citrix ADC and Citrix Gateway. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability has been exploited in the wild. CISA encourages users and administrators...

1.1AI score0.06931EPSS
Exploits1References3
Malwarebytes
Malwarebytes
added 2022/12/04 10:30 p.m.33 views

Android is slowly mastering memory management vulnerabilities

Recently we wrote about why the NSA wants you to shift to memory safe programming languages. The short version is: If you ever read our posts describing security vulnerabilities, you will see a lot of phrases like "buffer overflow", "failure to release memory", "use after free", "memory...

Exploits0
CISA
CISA
added 2022/11/17 12:0 a.m.21 views

CISA, NSA, and ODNI Release Guidance for Customers on Securing the Software Supply Chain 

Today, CISA, the National Security Agency NSA, and the Office of the Director of National Intelligence ODNI, published the third of a three-part series on securing the software supply chain: Securing Software Supply Chain Series - Recommended Practices Guide for Customers. This publication follow...

7.2AI score
Exploits0References8
Schneier on Security
Schneier on Security
added 2022/11/11 12:25 p.m.12 views

NSA Over-surveillance

Here in 2022, we have a newly declassified 2016 Inspector General report--"Misuse of Sigint Systems"--about a 2013 NSA program that resulted in the unauthorized that is, illegal targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda. Theres nothing really...

2.1AI score
Exploits0
Schneier on Security
Schneier on Security
added 2022/11/04 2:16 p.m.23 views

NSA on Supply Chain Security

The NSA together with CISA has published a long report on supply-chain security: "Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.": Prevention is often seen as the responsibility of the software developer, as they are required to securely develop and deliver code,...

1.6AI score
Exploits0
Talos Blog
Talos Blog
added 2022/10/13 12:0 p.m.46 views

Alchimist: A new attack framework in Chinese for Mac, Linux and Windows

Contributions from Matt Thaxton. Cisco Talos discovered a new attack framework including a command and control C2 tool called "Alchimist" and a new malware "Insekt" with remote administration capabilities. The Alchimist has a web interface in Simplified Chinese with remote administration features...

7.2CVSS0.3AI score0.94921EPSS
Exploits152
ICS
ICS
added 2022/10/06 12:0 p.m.182 views

Top CVEs Actively Exploited By People’s Republic of China State-Sponsored Cyber Actors

Summary This joint Cybersecurity Advisory CSA provides the top Common Vulnerabilities and Exposures CVEs used since 2020 by People’s Republic of China PRC state-sponsored cyber actors as assessed by the National Security Agency NSA, Cybersecurity and Infrastructure Security Agency CISA, and Feder...

10CVSS10AI score0.99999EPSS
Exploits998References46
CISA
CISA
added 2022/10/06 12:0 a.m.9 views

Top CVEs Actively Exploited by People’s Republic of China State-Sponsored Cyber Actors   

CISA, the Federal Bureau of Investigation FBI, and the National Security Agency NSA have released a joint Cybersecurity Advisory CSA providing the top Common Vulnerabilities and Exposures CVEs used since 2020 by People’s Republic of China PRC state-sponsored cyber actors. PRC state-sponsored cybe...

1AI score
Exploits0References4
Schneier on Security
Schneier on Security
added 2022/10/04 11:30 a.m.14 views

NSA Employee Charged with Espionage

An ex-NSA employee has been charged with trying to sell classified data to the Russians but instead actually talking to an undercover FBI agent. Its a weird story, and the FBI affidavit raises more questions than it answers. The employee only worked for the NSA for three weeks--which is weird in...

1.6AI score
Exploits0
Wired Threat Level
Wired Threat Level
added 2022/10/01 1:0 p.m.16 views

Microsoft Exchange Server Has a Zero-Day Problem

Plus: CIA failures allegedly got US informants killed, a former NSA worker is charged under the Espionage Act, and more...

2.9AI score
Exploits0
CISA
CISA
added 2022/09/22 12:0 a.m.23 views

CISA and NSA Publish Joint Cybersecurity Advisory on Control System Defense

CISA and the National Security Agency NSA have published a joint cybersecurity advisory about control system defense for operational technology OT and industrial control systems ICSs. Control System Defense: Know the Opponent is intended to provide critical infrastructure owners and operators wit...

2.6AI score
Exploits0References5
CISA
CISA
added 2022/09/15 12:0 a.m.11 views

CISA and NSA Publish Open Radio Access Network Security Considerations

CISA and the National Security Agency NSA have published Open Radio Access Network Security Considerations. This product—generated by the Enduring Security Framework ESF Open Radio Access Network RAN Working Panel, a subgroup within the cross-sector working group—assessed the benefits and securit...

1.3AI score
Exploits0References4
ICS
ICS
added 2022/09/14 12:0 p.m.113 views

Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations

Summary Actions to take today to protect against ransom operations: • Keep systems and software updated and prioritize remediating known exploited vulnerabilities. • Enforce MFA. • Make offline backups of your data. This joint Cybersecurity Advisory CSA is the result of an analytic effort among t...

10CVSS10AI score0.99999EPSS
Exploits399References88
Rows per page
Query Builder