Lucene search
+L

253 matches found

The Hacker News
The Hacker News
added 2024/09/27 11:11 a.m.16 views

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

The threat actor known as Storm-0501 has targeted government, manufacturing, transportation, and law enforcement sectors in the U.S. to stage ransomware attacks. The multi-stage attack campaign is designed to compromise hybrid cloud environments and perform lateral movement from on-premises to...

8.4AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2024/09/10 5:15 a.m.13 views

Smart home security advice. Ring, SimpliSafe, Swann, and Yale

Introduction This guide covers the security of smart home security products from Ring, Yale, Swann, and SimpliSafe. Whether you're looking to monitor your property remotely, enhance your home's security, or see who’s at the front door, this guide will provide you with valuable insights. We have...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/08/28 12:0 a.m.72 views

ManageEngine OpManager RCE (CVE-2024-5466)

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported versio...

8.8CVSS6.3AI score0.06967EPSS
Exploits0References2
OSV
OSV
added 2024/08/23 2:15 p.m.5 views

CVE-2024-5466

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...

8.8CVSS6.3AI score0.06967EPSS
Exploits0References1
NVD
NVD
added 2024/08/23 2:15 p.m.32 views

CVE-2024-5466

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...

8.8CVSS0.06967EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/08/23 1:23 p.m.23 views

CVE-2024-5466 Remote Code Execution

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...

8.8CVSS7.7AI score0.06967EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/08/23 12:0 a.m.10 views

ZOHO ManageEngine OpManager RMM 安全漏洞

ZOHO ManageEngine OpManager RMM is a remote monitoring and management software from ZOHO, Inc. A security vulnerability exists in ZOHO ManageEngine OpManager RMM version 128329 and prior versions, which stems from a remote code execution contained in the deployment agent option...

8.8CVSS7.9AI score0.06967EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2024/07/30 11:26 a.m.18 views

The Power and Peril of RMM Tools

As more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management RMM tools for system administration. However, like any new technology, RMM tools can also be used maliciously. Threat actors can...

7.7AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/16 9:13 a.m.27 views

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks

The Iranian nation-state actor known as MuddyWater has been observed using a never-before-seen backdoor as part of a recent attack campaign, shifting away from its well-known tactic of deploying legitimate remote monitoring and management RMM software for maintaining persistent access. That's...

7.5AI score
Exploits0
CNVD
CNVD
added 2024/06/18 12:0 a.m.1 views

Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. A buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator, which stems from an out-of-bounds write vulnerability that can be exploited by an attacker t...

8.5CVSS7.5AI score0.00332EPSS
Exploits0References1
CNVD
CNVD
added 2024/06/18 12:0 a.m.3 views

Fuji Electric Tellus Lite V-Simulator Buffer Overflow Vulnerability (CNVD-2025-13543)

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. Fuji Electric Tellus Lite V-Simulator suffers from a buffer overflow vulnerability that originates from a boundary error when the application processes untrusted input. An...

8.5CVSS7.4AI score0.00327EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/13 12:0 a.m.4 views

Fuji Electric Tellus Lite V-Simulator 缓冲区错误漏洞

Fuji Electric Tellus Lite V-Simulator is a remote monitoring software for industrial environments from Fuji Electric Japan. A buffer overflow vulnerability exists in Fuji Electric Tellus Lite V-Simulator, which stems from an out-of-bounds write vulnerability that can be exploited by an attacker t...

8.5CVSS8AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/12 12:0 a.m.3 views

Schneider Electric SAGE RTUs Path Traversal Vulnerability

The Schneider Electric SAGE RTUs is a high-performance device for industrial automation and remote monitoring from Schneider Electric France. A path traversal vulnerability exists in the Schneider Electric SAGE RTUs, which originates from allowing an authenticated user to access the device's web...

8.1CVSS6.7AI score0.01025EPSS
Exploits0References3
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/06/03 5:53 a.m.23 views

Seiko Solutions SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 vulnerable to OS command injection

Overview SkyBridge MB-A100/MB-A110 and SkyBridge BASIC MB-A130 provided by Seiko Solutions Inc. contain a command injection vulnerability CWE-77. Chuya Hayakawa of 00One, Inc. reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact If the remote monitoring and...

9.8CVSS7.9AI score0.01207EPSS
Exploits0References4
NVD
NVD
added 2024/05/31 2:15 a.m.17 views

CVE-2024-32850

Improper neutralization of special elements used in a command 'Command Injection' exists in SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier and SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier. If the remote monitoring and control function is enabled on the product, an attacker...

9.8CVSS7.1AI score0.01207EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/31 1:33 a.m.14 views

CVE-2024-32850

Improper neutralization of special elements used in a command 'Command Injection' exists in SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier and SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier. If the remote monitoring and control function is enabled on the product, an attacker...

7.5AI score0.01207EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/31 1:33 a.m.36 views

CVE-2024-32850

Improper neutralization of special elements used in a command 'Command Injection' exists in SkyBridge MB-A100/MB-A110 firmware Ver. 4.2.2 and earlier and SkyBridge BASIC MB-A130 firmware Ver. 1.5.5 and earlier. If the remote monitoring and control function is enabled on the product, an attacker...

7.1AI score0.01207EPSS
Exploits0References2
CVE
CVE
added 2024/05/31 1:33 a.m.78 views

CVE-2024-32850

CVE-2024-32850 affects SkyBridge MB-A100/MB-A110 (firmware 4.2.2 and earlier) and SkyBridge BASIC MB-A130 (firmware 1.5.5 and earlier) due to improper neutralization of special elements in a command (CWE-77). If remote monitoring/control is enabled, an attacker with access may execute arbitrary c...

9.8CVSS7.4AI score0.01207EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/31 12:0 a.m.8 views

PT-2024-24913 · Unknown · Skybridge Basic Mb-A130 +1

Name of the Vulnerable Software and Affected Versions: SkyBridge MB-A100/MB-A110 versions 4.2.2 and earlier SkyBridge BASIC MB-A130 versions 1.5.5 and earlier Description: The issue is related to improper neutralization of special elements used in a command, also known as 'Command Injection'. Thi...

9.8CVSS7.7AI score0.01207EPSS
Exploits0References8
The Hacker News
The Hacker News
added 2024/05/16 3:16 a.m.12 views

Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks

The Microsoft Threat Intelligence team said it has observed a threat actor it tracks under the name Storm-1811 abusing the client management tool Quick Assist to target users in social engineering attacks. "Storm-1811 is a financially motivated cybercriminal group known to deploy Black Basta...

7.4AI score
Exploits0
Rows per page
Query Builder