SUSE CVE-2023-43633

On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system's configuration, which also includes some debug functions...

Five Plead Guilty in U.S. for Helping North Korean IT Workers Infiltrate 136 Companies

The U.S. Department of Justice DoJ on Friday announced that five individuals have pleaded guilty to assisting North Korea's illicit revenue generation schemes by enabling information technology IT worker fraud in violation of international sanctions. The five individuals are listed below - Audric...

EUVD-2018-17238

Malware in sbrugna...

EUVD-2021-17730

Malware in sbrugna...

CVE-2021-30813

This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.0.1. A person with access to a host Mac may be able to bypass the Login Window in Remote Desktop for a locked instance of macOS...

[SECURITY] Fedora 41 Update: tigervnc-1.15.0-2.fc41

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

[SECURITY] Fedora 42 Update: tigervnc-1.15.0-2.fc42

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

[SECURITY] Fedora 40 Update: tigervnc-1.15.0-2.fc40

Virtual Network Computing VNC is a remote display system which allows you to view a computing 'desktop' environment not only on the machine where it is running, but from anywhere on the Internet and from a wide variety of machine architectures. This package contains a client which will allow you ...

Ukraine Warns of New Phishing Campaign Targeting Government Computers

The Computer Emergency Response Team of Ukraine CERT-UA has warned of a new phishing campaign that masquerades as the Security Service of Ukraine to distribute malware capable of remote desktop access. The agency is tracking the activity under the name UAC-0198. More than 100 computers are...

Threat Roundup for May 5 to May 12

Today, Talos is publishing a glimpse into the most prevalent threats weve observed between May 5 and May 12. As with previous roundups, this post isnt meant to be an in-depth analysis. Instead, this post will summarize the threats weve observed by highlighting key behavioral characteristics,...

BeyondTrust Remote Support Cross-Site Request Forgery Vulnerability

BeyondTrust Remote Support is a remote desktop access, help desk and collaboration software for Windows, Mac, Linux, Ios iPad, iPhone, etc. BeyondTrust Remote Support is vulnerable to cross-site request forgery. The vulnerability stems from the lack of proper validation of client-side data in the...

NoMachine Enterprise Desktop Buffer Overflow Vulnerability

NoMachine is a remote desktop access tool from NoMachine Luxembourg. A security vulnerability exists in NoMachine Enterprise Desktop, which can be exploited by an attacker to execute arbitrary code in kernel mode or cause a denial of service memory corruption and operating system crash via...

NoMachine Server Integer Overflow Vulnerability

NoMachine is a remote desktop access tool from NoMachine Luxembourg. A security vulnerability exists in NoMachine Server, which can be exploited by an attacker to execute arbitrary code in kernel mode or cause a denial of service memory corruption and operating system crash via specially crafted...

NoMachine Enterprise Desktop integer overflow vulnerability

NoMachine is a remote desktop access tool from Luxembourg-based NoMachine. NoMachine Enterprise Desktop suffers from a security vulnerability that could be exploited by attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially...

NoMachine Enterprise Client Integer Overflow Vulnerability

NoMachine is a remote desktop access tool from NoMachine Luxembourg. A security vulnerability exists in NoMachine Enterprise Client, which can be exploited by a local attacker to cause a denial of service memory corruption and OS crash by executing arbitrary code in kernel mode or via specially...

NoMachine Enterprise Client Buffer Overflow Vulnerability

NoMachine is a remote desktop access tool from Luxembourg-based NoMachine. A security vulnerability exists in NoMachine Enterprise Client, which can be exploited by attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted...

How to Securely Access Remote Desktop?

By Owais Sultan Since remote desktop access allows a device to be accessed from anywhere globally over the public internet, security is an important consideration. This is a post from HackRead.com Read the original post: How to Securely Access Remote Desktop?...

CISA Releases Guidance: TIC 3.0 Remote User Use Case

In coordination with the Office of Management and Budget OMB, the Federal Chief Information Security Officer Council FCISO Trusted Internet Connections TIC Subcommittee, and the General Services Administration, CISA has released Trusted Internet Connections 3.0 Remote User Use Case. The Remote Us...

Ericom Access Server x64 9.2.0 - Server-Side Request Forgery

Exploit Title: Ericom Access Server x64 9.2.0 - Server-Side Request Forgery Date: 2020-08-22 Exploit Author: hyp3rlinx Vendor Homepage: www.ericom.com Version: Ericom Access Server x64 for AccessNow & Ericom Blaze v9.2.0 CVE: CVE-2020-24548 + Credits: John Page aka hyp3rlinx + Website:...

ACSC Releases Advisory on Password Spraying Attacks

The Australian Cyber Security Centre ACSC has released an advisory on password spraying attacks. Password spraying is a type of brute-force attack in which a malicious actor uses a single password against targeted user accounts before moving on to attempt a second password, and so on. This...