71 matches found
CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-36584 Microsoft Windows Mark of the Web MOTW Security Feature Bypass Vulnerability CVE-2023-1671 Sophos Web Appliance Command Injection Vulnerability...
Explained: Quishing
Quishing is phishing using QR Quick Response codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns ...
A secondhand account of the worst possible timing for a scammer to strike
Welcome to this weeks edition of the Threat Source newsletter. Up until last week, I had never considered the timing of a scam to be important. Im so used to just swiping away emails or text messages at random times during the day that Id never considered what would happen if an adversary happene...
Microsoft April 2023 Patch Tuesday Highlights: everything you need to know
Detect and mitigate CVE-2023-28252, EoP vulnerability exploited in the wild, and CVE-2023-21554, a critical RCE vulnerability. Organizations should patch urgently...
LastPass Data Breach: It’s Time to Ditch This Password Manager
The password manager’s most recent data breach is so concerning, users need to take immediate steps to protect themselves...
Security Bulletin: IBM WebSphere Extended Deployment Compute Grid Vulnerability (CVE-2013-4039)
Abstract Potential security vulnerability fixed in IBM WebSphere Extended Deployment Compute Grid V8.0.0.3 Content VULNERABILITY DETAILS: CVE ID:CVE-2013-4039PM84760 DESCRIPTION: WebSphere Extended Deployment Compute Grid could allow a remote attacker to obtain sensitive information and exploit...
Active Exploitation of Multiple Vulnerabilities in Zimbra Collaboration Suite
Over the past few weeks, five different vulnerabilities affecting Zimbra Collaboration Suite have come to our attention, one of which is unpatched, and four of which are being actively and widely exploited in the wild by well-organized threat actors. We urge organizations who use Zimbra to patch ...
CMMC – The smoke is clearing
The smoke is finally starting to clear on "CMMC 2.0." Hundreds of companies are already lining up for Cybersecurity Maturity Model Certification assessments. Everything is taking place faster and with far more urgency than most organizations have planned around or prepared for...
Analyzing the Attack Landscape: Rapid7’s 2021 Vulnerability Intelligence Report
Every year, our research team at Rapid7 analyzes thousands of vulnerabilities to understand root causes, dispel misconceptions, and explain why some flaws are more likely to be exploited than others. By continuously reviewing the vulnerability landscape and sharing our research team’s insights, w...
Beware of this bogus (and phishy) “Instagram Support” email
Recently, a fake Instagram email successfully bypassed Googles email filters and made it into hundreds of employee inboxes used by a prominent US life insurance company based in New York. This was revealed in a report by Armorblox, a cybersecurity company specializing in stopping business email...
Active Exploitation of VMware Horizon Servers
This post is co-authored by Charlie Stafford, Lead Security Researcher. We will update this blog with further information as it becomes available. CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Blog's Last Update ---|---|---|---|---|--- CVE-2021-44228 | VMware Advisory |...
Active Exploitation of Apache HTTP Server CVE-2021-40438
CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-40438 | Apache Advisory | AttackerKB | 09/16/2021 multiple | ASAP | December 1, 2021 14:00 ET On September 16, 2021, Apache released version 2.4.49 of HTTP Server, which included a f...
GitLab Unauthenticated Remote Code Execution CVE-2021-22205 Exploited in the Wild
CVE | Vendor Advisory | AttackerKB | IVM Content | Patching Urgency | Last Update ---|---|---|---|---|--- CVE-2021-22205 | GitLab Advisory | AttackerKB | Evaluating | ASAP | November 1, 2021 On April 14, 2021, GitLab published a security release to address CVE-2021-22205, a critical remote code...
ALERT: Critical RCE Bug in VMware vCenter Server Under Active Attack
Malicious actors are actively mass scanning the internet for vulnerable VMware vCenter servers that are unpatched against a critical remote code execution flaw, which the company addressed late last month. The ongoing activity was detected by Bad Packets on June 3 and corroborated yesterday by...
Critical F5 BIG-IP Flaw Now Under Active Attack
Attackers are exploiting a recently-patched, critical vulnerability in F5 devices that have not yet been updated. The unauthenticated remote command execution flaw CVE-2021-22986 exists in the F5 BIG-IP and BIG-IQ enterprise networking infrastructure, and could allow attackers to take full contro...
COVID-19 Phishing: Exploiting a Global Pandemic
It's sad to think criminals are hard at work taking advantage of the extraordinary stress the world's population is currently experiencing. But they are. New phishing scams exploiting anxiety about COVID-19 are trending upward. Akamai's Carrier Data Science and Threat Research teams analyzing...
TestLink urgenc parameter SQL injection vulnerability
TestLink is a set of open source software for managing the software testing process and providing statistical analysis. A SQL injection vulnerability exists in TestLink version 1.9.20. An attacker can exploit this vulnerability by executing arbitrary SQL commands in planUrgency.php with the...
CVE-2020-8638
A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter...
Sql injection
A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter...
CVE-2020-8638
A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter...