322 matches found
The vulnerability of the network firewall used for protecting web applications, Trustwave ModSecurity, arises from the execution of a loop with an unavailable exit condition. This allows attackers to trigger a service failure.
The vulnerability of the network firewall used for protecting web applications, Trustwave ModSecurity, is related to the execution of a loop with an unavailable exit condition. Exploiting this vulnerability allows a malicious actor to trigger a service failure through a specially crafted HTTP...
Microsoft Help Files Disguise Vidar Malware
Where’s the last place you’d expect to find malware? In an email from your mother? Embedded in software you trust and use everyday actually, that’s probably the first place you should look? How about in a technical documentation file? In a report published Thursday, Trustwave SpiderLabs revealed ...
CLSA-2022-1646935759 Update of ca-certificates
remove old certificate - Removing: - Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "GeoTrust Global CA" - Certificate "GeoTrust Universal...
CLSA-2022-1646935701 Update of ca-certificates
remove old certificate - Removing: - Certificate "DST Root CA X3" - Update to CKBI 2.50 from NSS 3.67 - Update to CKBI 2.48 from NSS 3.66 - Removing: - Certificate "Verisign Class 3 Public Primary Certification Authority - G3" - Certificate "GeoTrust Global CA" - Certificate "GeoTrust Universal...
ServiceNow - Username Enumeration Exploit
Exploit Title: ServiceNow - Username Enumeration Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...
ServiceNow Orlando Username Enumeration
Exploit Title: ServiceNow - Username Enumeration Google Dork: NA Date: 12 February 2022 Exploit Author: Victor Hanna Trustwave SpiderLabs Author Github Page: https://9lyph.github.io/CVE-2021-45901/ Vendor Homepage: https://www.servicenow.com/ Software Link:...
Ransomware gang hits 49ers’ network before Super Bowl kick off
The San Francisco 49ers has confirmed that it has been hit by a ransomware attack. The announcement came just hours before the biggest football game of the year, Sundays Super Bowl between the Cincinnati Bengals and the Los Angeles Rams. In a boilerplate statement to BleepingComputer, the 49ers...
Grandstream GXV31XX settimezone Unauthenticated Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...
Zerodium Spikes Payout for Outlook Zero-Days
Zerodium has jacked up its offering price for Microsoft Outlook zero-day exploits. Act fast if you have the goods and the moral equanimity, to make up to $400,000 for a zero-click, remote code-execution RCE exploit. “Zero-click” means that targets neither have to read a malicious email message no...
Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys
Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry. Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Although mainly...
BlackByte ransomware exploits Microsoft Servers ProxyShell Vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. BlackByte ransomware is targeting organizations with unpatched ProxyShell vulnerabilities. Proxy Shell was addressed by hive pro threat researcher in the previous advisory released on August 24. ProxyShell is a combination of...
WordPress Inline Related Posts plugin <= 3.0.4 - Cross-Site Scripting (XSS) vulnerability
Cross-Site Scripting XSS vulnerability discovered by Martin Vierula Trustwave in WordPress Inline Related Posts plugin versions = 3.0.4. Solution Update the WordPress Inline Related Posts plugin to the latest available version at least 3.0.5...
WordPress Age Gate plugin <= 2.16.3 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Martin Vierula Trustwave in WordPress Age Gate plugin versions = 2.16.3. Solution Update the WordPress Age Gate plugin to the latest available version at least 2.16.4...
WordPress StopBadBots plugin <= 6.59 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Martin Vierula Trustwave in WordPress StopBadBots plugin versions = 6.59. Solution Update the WordPress StopBadBots plugin to the latest available version at least 6.60...
WordPress WP Simple Booking Calendar plugin <= 2.0.6 - Authenticated SQL Injection (SQLi) vulnerability
Authenticated SQL Injection SQLi vulnerability discovered by Martin Vierula Trustwave in WordPress WP Simple Booking Calendar plugin versions = 2.0.6. Solution Update the WordPress WP Simple Booking Calendar plugin to the latest available version at least 2.0.7...
Combat attacks with security solutions from Trustwave and Microsoft
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise and often...
Combat attacks with security solutions from Trustwave and Microsoft
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise and often...
MacOS Flaw in Telegram Retrieves Deleted Messages
A vulnerability in a high-level privacy feature of Telegram on macOS that sets up a “self-destruct” timer for messages on both the sender’s and recipient’s devices can allow someone to retrieve these messages even after they’ve been deleted, a researcher has found. Reegun Richard Jayapaul,...
SolarWinds Orion Bug Allows Easy Remote-Code Execution and Takeover
Three serious vulnerabilities have been found in SolarWinds products: Two in the Orion User Device Tracker and one in the Serv-U FTP for Windows product. The most severe of these could allow trivial remote code execution with high privileges. The SolarWinds Orion platform is the network managemen...
It’s Not the Trump Sex Tape, It’s a RAT
As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...