39 matches found
EUVD-2012-5695
Malware in sbrugna...
EUVD-2013-6597
Malware in sbrugna...
[SECURITY] Fedora 41 Update: golang-github-ncw-swift-2-2.0.3-1.fc41
Go language interface to Swift / Openstack Object Storage / Rackspace cloud files golang...
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation as a zero-day. The vulnerability in question, tracked as CVE-2024-9537 CV...
PT-2024-39683 · Sciencelogic · Sciencelogic Sl1
Name of the Vulnerable Software and Affected Versions: ScienceLogic SL1 versions prior to 12.1.3 ScienceLogic SL1 versions prior to 12.2.3 ScienceLogic SL1 versions prior to 12.3+ ScienceLogic SL1 versions 10.1.x, 10.2.x, 11.1.x, 11.2.x, and 11.3.x Description: The issue involves an unspecified...
The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit...
SUSE CVE-2013-6795
The Updater in Rackspace Openstack Windows Guest Agent for XenServer before 1.2.6.0 allows remote attackers to execute arbitrary code via a crafted serialized .NET object to TCP port 1984, which triggers the download and extraction of a ZIP file that overwrites the Agent service binary...
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach
Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted...
A week in security (December 5 - 11)
Last week on Malwarebytes Labs: Security advisories are falling short. Here's why, with Dustin Childs: Lock and Code S03E25 Eufy "no cloud" security cameras streaming data to the cloud Snapchat gives Californians more power over their personal data Update now! Emergency fix for Google Chrome's V8...
Rackspace confirms it suffered a ransomware attack
It's not been a great week for cloud computing service provider Rackspace. On December 2, customers began experiencing problems connecting and logging into their Exchange environments. Rackspace started investigating and discovered an issue that affected its Hosted Exchange environments. Now...
PT-2022-5513
Name of the Vulnerable Software and Affected Versions Microsoft Exchange Server affected versions not specified Description The issue is related to insufficient access controls in Microsoft Exchange Server, allowing a remote attacker to elevate their privileges. This vulnerability has been...
The Orphaned Internet – Taking Over 120K Domains via a DNS Vulnerability in AWS, Google Cloud, Rackspace and Digital Ocean
Recently, I found that Digital Ocean suffered from a security vulnerability in their domain import system which allowed for the takeover of 20K domain names. If you haven't given that post a read I recommend doing so before going through this write up. Originally I had assumed that this issue was...
rackspace.com XSS vulnerability
Vulnerable URL: https://www.rackspace.com/en-hk/events/%F6%22%20onmouseover%3Da%5Cu006Cert%28/OPENBUGBOUNTY/%29%20 Details: Description| Value ---|--- Patched:| No Latest check for patch:| 30.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 2335 VIP website...
Joomla Joins WordPress As TeslaCrypt Ransomware Target
Exploit kits infecting thousands of WordPress websites are setting their sights on the open-source content management system Joomla in a new campaign spotted by a researcher at the SANS Institute’s Internet Storm Center. “The group behind the WordPress ‘admedia’ campaign is now apparently targeti...
Moderate: Red Hat Security Advisory: openstack-swift security update
Updated openstack-swift packages that fix one security issue are now available for Red Hat Enterprise Linux OpenStack Platform 5.0, 6.0, and 7.0. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
Venom Vulnerability Exposes Most Data Centers to Cyber Attacks
Just after a new security vulnerability surfaced Wednesday, many tech outlets started comparing it with HeartBleed, the serious security glitch uncovered last year that rendered communications with many well-known web services insecure, potentially exposing Millions of plain-text passwords. But...
Rackspace Settings
Binary data rackspacesettings.nbin...
Rackspace Compliance Checks
Binary data rackspacecompliancecheck.nbin...
Streisand
The Internet can be a little unfair. It’s way too easy for ISPs, telecoms, politicians, and corporations to block access to the sites and information that you care about. But breaking through these restrictions is tough . Or is it? Introducing Streisand A single command sets up a brand new server...
[oss-security] CVE request for vulnerability in OpenStack Heat
A vulnerability was discovered in OpenStack see below. In order to ensure full traceability, we need a CVE number assigned that we can attach to further notifications. This issue is already public, although an advisory was not sent yet. Title: Heat template URL information leakage Reporter: Jason...