Lucene search
K

18 matches found

Securelist
Securelist
added 2024/09/20 12:31 p.m.67 views

-=TWELVE=- is back

In the spring of 2024, posts with real people's personal data began appearing on the -=TWELVE=- Telegram channel. Soon it was blocked for falling foul of the Telegram terms of service. The group stayed off the radar for several months, but as we investigated a late June 2024 attack, we found that...

9.8CVSS10AI score0.99999EPSS
Exploits57
The Hacker News
The Hacker News
added 2024/09/19 10:12 a.m.11 views

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest formerly DEV-083...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/11/07 12:0 a.m.19 views

Fedora 39 : xrdp (2023-5134642a68)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-5134642a68 advisory. Release notes for xrdp v0.9.23 2023/08/31 General announcements - Running xrdp and xrdp-sesman on separate hosts is still supported by this release,...

6.5CVSS6AI score0.00728EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2023/03/09 2:54 p.m.61 views

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the PlugX malware. AhnLab Security Emergency Response Center ASEC, in a new analysis, said it marks the continued abuse of the flaws to deliver a variety of payloads on...

1.4AI score
Exploits0
Malwarebytes
Malwarebytes
added 2023/03/07 1:0 a.m.37 views

Warning issued over Royal ransomware

As part of its StopRansomware effort, the Cybersecurity and Infrastructure Security Agency CISA has published a Cybersecurity Advisory CSA about Royal ransomware. Royal ransomware is a Ransomware-as-a-service Raas that first made an appearance in January 2022. In September of that year, it began...

0.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/02/15 1:33 p.m.28 views

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines wi...

0.7AI score
Exploits0
OpenVAS
OpenVAS
added 2022/12/16 12:0 a.m.25 views

Fedora: Security Advisory for freerdp (FEDORA-2022-fd6e43dec8)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS6.5AI score0.00985EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2022/12/09 5:50 p.m.33 views

CVE-2022-23483

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol RDP. xrdp v0.9.21 contain a Out of Bound Read in libxrdpsendtochannel function. There are no known workarounds for this issue. Users are advised to upgrade...

9.1CVSS9.2AI score0.00822EPSS
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2021/10/13 5:20 a.m.34 views

Germ-term, but all year. How criminals are hacking schools

In some schools, the autumn term is often called “germ-term” due to the number of bugs the children bring back after the summer holidays. It usually calms down after a few weeks, however, with hacking there is no slow down. Its all year, its relentless. In the last 10 months of this year schools...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2020/12/21 5:7 p.m.38 views

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Cybercriminals are vying for Remote Desktop Protocol RDP access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing. During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the...

Exploits0References12
ThreatPost
ThreatPost
added 2020/05/07 9:1 p.m.107 views

Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

A Monero cryptocurrency-mining campaign has emerged that exploits a known vulnerability in public-facing web applications built on the ASP.NET open-source web framework. The campaign has been dubbed Blue Mockingbird by the analysts at Red Canary that discovered the activity. Research uncovered th...

7.5CVSS0.2AI score0.99737EPSS
Exploits16References8
Prion
Prion
added 2016/04/12 2:0 a.m.14 views

Session fixation

The Terminal Services Remote Desktop Protocol RDP client session restrictions feature in Pulse Connect Secure aka PCS 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors...

3.3CVSS6.8AI score0.01219EPSS
Exploits0References2Affected Software1
ThreatPost
ThreatPost
added 2014/08/01 10:6 a.m.15 views

Citadel Variant Opens Backdoor After Malware is Removed

When hackers have compromised a valuable computer, maintaining persistence on that machine is the key to maintaining access to its resources and stored assets. A new variant of the Citadel banking malware has been discovered that comes with a feature that allows the attacker to leverage remote...

1.8AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/07/12 12:0 a.m.23 views

Oracle Linux 3 : rdesktop (ELSA-2008-0576)

From Red Hat Security Advisory 2008:0576 : Updated rdesktop packages that fix a security issues are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. rdesktop is an open source client for Microsoft...

9.3CVSS8.3AI score0.13128EPSS
Exploits3References2
Fedora
Fedora
added 2008/05/14 10:8 p.m.28 views

[SECURITY] Fedora 9 Update: rdesktop-1.6.0-1.fc9

rdesktop is an open source client for Windows NT Terminal Server and Windows 2000 & 2003 Terminal Services, capable of natively speaking Remote Desktop Protocol RDP in order to present the user's NT desktop. Unlike Citrix ICA, no server extensions are required...

9.3CVSS2.3AI score0.13128EPSS
Exploits6
Prion
Prion
added 2008/05/12 4:20 p.m.20 views

Integer overflow

Integer underflow in the isorecvmsg function iso.c in rdesktop 1.5.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Remote Desktop Protocol RDP request with a small length field...

9.3CVSS7.8AI score0.13128EPSS
Exploits3References29Affected Software1
Prion
Prion
added 2007/05/11 4:20 a.m.14 views

Design/Logic Flaw

The Terminal Server in Microsoft Windows 2003 Server, when using TLS, allows remote attackers to bypass SSL and self-signed certificate requirements, downgrade the server security, and possibly conduct man-in-the-middle attacks via unspecified vectors, as demonstrated using the Remote Desktop...

7.5CVSS7.3AI score0.09449EPSS
Exploits0References5
CVE
CVE
added 2002/03/09 5:0 a.m.79 views

CVE-2001-0540

CVE-2001-0540: Memory leak in Windows NT/2000 Terminal Server processing of malformed RDP requests to port 3389 leads to memory exhaustion and DoS. Affected: Windows NT/2000 Terminal Services. Root cause: memory handling during RDP request processing. Remediation: Microsoft Security Bulletin MS01...

5CVSS7.1AI score0.71247EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder