Orcus RAT Author Charged in Malware Scheme

In July 2016, KrebsOnSecurity published a story identifying a Toronto man as the author of the Orcus RAT, a software product that’s been marketed on underground forums and used in countless malware attacks since its creation in 2015. This week, Canadian authorities criminally charged him with...

[SECURITY] Fedora 31 Update: kernel-headers-5.3.11-300.fc31

Kernel-headers includes the C header files that specify the interface between the Linux kernel and userspace libraries and programs. The header files define structures and constants that are needed for building most standard programs and are also needed for rebuilding the glibc package...

Windows UPnP Service Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation. An attacker who successfully exploited this vulnerability could run arbitrary code with elevated system privileges. An attacker could then install programs;...

[SECURITY] Fedora 29 Update: t1utils-1.41-1.fc29

t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...

[SECURITY] Fedora 30 Update: t1utils-1.41-1.fc30

t1utils is a collection of programs for manipulating PostScript type 1 and type 2 fonts containing programs to convert between PFA ASCII format, PFB binary format, a human-readable and editable ASCII format, and Macintosh resource forks...

Cisco Talos helps CISOs get back to basics with advisory series

At Cisco Talos, we try to build detections for every threat we see to provide customers with a portfolio capable of identifying and stopping threats at various stages of an attack's lifecycle. Deploying the best suite of layered security tools is an integral part of protecting an organization. Bu...

MS14-082: Description of the security update for Microsoft Office 2013: December 9, 2014

MS14-082: Description of the security update for Microsoft Office 2013: December 9, 2014 Introduction This security update resolves a vulnerability that could allow remote code execution if a specially crafted file is opened in an affected edition of Microsoft Office. Summary Microsoft has releas...

ThreatList: Most Retail Hardware Bug Bounty Flaws Are Critical

Almost all of hardware vulnerabilities – 90 percent – that were submitted to retail bug bounty programs so far this year were categorized as critical, showing that Point of Sale systems and other retail hardware assets remain a serious security issue. That’s due to the fact that retail hardware...

CVE-2019-2969

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL...

UBUNTU-CVE-2019-2969

Vulnerability in the MySQL Server product of Oracle MySQL component: Client programs. Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL...

HackerOne: Private program disclosure via `vpn_suspended` GraphQL query

Summary: vpnsuspended of Team object got exposed Description: An attacker can get vpnsuspended value of any program including external program which also have private program eg. █████ and external program which does not have private program What an attacker can do with this ? If an external...

Oracle MySQL Server Information Disclosure Vulnerability (CNVD-2019-36882)

MySQL Server mysqld is the MySQL server, the main program that performs most of the work in a MySQL installation. An information disclosure vulnerability exists in the Client programs component of Oracle MySQL Server 5.6.44, 5.7.26, 8.0.16 and earlier versions. An attacker can exploit this...

Oracle MySQL Server CVE-2019-2969 Remote Security Vulnerability

Description Oracle MySQL Server is prone to a remote security vulnerability in 'Client programs' component. The vulnerability can be exploited over the 'MySQL' protocol. This vulnerability affects the following supported versions: 5.6.44 and prior, 5.7.26 and prior, 8.0.16 and prior Technologies...

CVE-2019-9745

CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...

Design/Logic Flaw

CloudCTI HIP Integrator Recognition Configuration Tool allows privilege escalation via its EXQUISE integration. This tool communicates with a service Recognition Update Client Service via an insecure communication channel Named Pipe. The data JSON sent via this channel is used to import data from...

CVE-2019-10161

It was discovered that libvirtd would permit read-only clients to use the virDomainSaveImageGetXMLDesc API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of...

HackerOne: Team object in GraphQL disclosed of private programs via the industry

Summary: Disclosure of private programs across the industry If the program is private, it will show industriy Steps To Reproduce "query": "query teamhandle:\"█████████\"id,industry" "data":"team":"id":"█████████","industry":"Computer Hardware \u0026 Peripherals" "query": "query...

MSRC is going to ROOTCON!

The Microsoft Security Response Center MSRC works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can ea...

MSRC is going to ROOTCON!

The Microsoft Security Response Center MSRC works with partners all over the world to protect Microsoft customers. This week we’re headed to the Philippines to meet security researchers and bounty hunters at ROOTCON 13! Planning on attending ROOTCON? If you want to learn more about how you can ea...

Why Should CISOs Care About XDR?

We have been collectively saying in our industry for the last 15-20 years that a layered approach to your security stack is a “best practice,” but as with all best practices, these are ideals rather than reality for so many charged with protecting their organizations. The vast majority of CISOs a...