Ricoh Company, Ltd. Security Vulnerabilities

CVE-2023-38817

An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by...

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and...

Sensitive Information Disclosure

mautic/core is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate user permission settings. An attacker can access areas of the application that they should be prevented from accessing by exploiting these settings. This could potentially lead to the access of...

Exploit for Incorrect Authorization in Ivanti Mobileiron Sentry

MobileIron Sentry CVE-2023-38035 information extraction...

CVE-2024-26892

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after...

CVE-2022-3007

The vulnerability exists in Syska SW100 Smartwatch due to an improper implementation and/or configuration of Nordic Device Firmware Update (DFU) which is used for performing Over-The-Air (OTA) firmware updates on the Bluetooth Low Energy (BLE) devices. An unauthenticated attacker could exploit...

CVE-2020-24722

An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...

Advance Auto Parts customer data posted for sale

A cybercriminal using the handle Sp1d3r is offering to sell 3 TB of data taken from Advance Auto Parts, Inc. Advance Auto Parts is a US automotive aftermarket parts provider that serves both professional installers and do it yourself customers. Allegedly the customer data includes: Names Email...

CVE-2020-24722

An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause...

CVE-2024-26892

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix use-after-free in free_irq() From commit a304e1b82808 ("[PATCH] Debug shared irqs"), there is a test to make sure the shared irq handler should be able to handle the unexpected event after deregistration......

Exploit for Deserialization of Untrusted Data in Apache Log4J

log4j2-scan is a single binary...

AI Voice Scam

Scammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for...

Command Execution Vulnerability in DAS Green Alliance Database Auditing System of Beijing Shenzhou Green Alliance Technology Co.

Beijing Shenzhou Green Alliance Technology Co., Ltd. is an enterprise mainly engaged in science and technology promotion and application services. A command execution vulnerability exists in the DAS Green Alliance database auditing system of Beijing Shenzhou Green Alliance Technology Co. Ltd,...

Gambio Online Webshop unauthenticated PHP Deserialization Vulnerability

A Remote Code Execution vulnerability in Gambio online webshop version 4.9.2.0 and lower allows remote attackers to run arbitrary commands via unauthenticated HTTP POST request. The identified vulnerability within Gambio pertains to an insecure deserialization flaw, which ultimately allows an...

HackerOne: Ability to identify actual private from sandboxed programs using link hackerone.com/$handle/terms_acceptance_data.csv

I was looking through the settings of one of my sandboxed programs I use for testing and I noticed some weird behavior, when we go to any program's advanced vetting page hackerone.com/$handle/advanced_vetting, it loads up regardless of permission, granted no other confidential info is displayed...

JVN#00442488: Multiple vulnerabilities in Ricoh Streamline NX PC Client

Ricoh Streamline NX PC Client provided by RICOH COMPANY, LTD. contains multiple vulnerabilities listed below. Improper restriction of communication channel to intended endpoints (CWE-923) CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L Base Score 6.3 CVE-2024-36252 ricoh-2024-000004 Use of...

CVE-2024-1709 Authentication bypass using an alternate path or channel

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...

CVE-2024-1709

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...

Mautic Sensitive Data Exposure due to inadequate user permission settings

Impact Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. Patches Update to 4.4.12 and 5.0.4...

Mautic Sensitive Data Exposure due to inadequate user permission settings

Impact Prior to the patched version, logged in users of Mautic are able to access areas of the application that they should be prevented from accessing. Users could potentially access sensitive data such as names and surnames, company names and stage names. Patches Update to 4.4.12 and 5.0.4...

CVE-2024-1709 Authentication bypass using an alternate path or channel

ConnectWise ScreenConnect 23.9.7 and prior are affected by an Authentication Bypass Using an Alternate Path or Channel vulnerability, which may allow an attacker direct access to confidential information or critical...

CVE-2021-47441

In the Linux kernel, the following vulnerability has been resolved: mlxsw: thermal: Fix out-of-bounds memory accesses Currently, mlxsw allows cooling states to be set above the maximum cooling state supported by the driver: # cat /sys/class/thermal/thermal_zone2/cdev0/type mlxsw_fan # cat...

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

Personal AI Assistants and Privacy

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called "Recall" for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall...

CVE-2024-31680

File Upload vulnerability in Shibang Communications Co., Ltd. IP network intercom broadcasting system v.1.0 allows a local attacker to execute arbitrary code via the my_parser.php...

Deriv.com: Mailgun subdomain takeover

Summary: I have found an unclaimed subdomain of deriv.cloud. Which is successfully claimable. Platform(s) Affected: email.mailgun.deriv.cloud Steps To Reproduce: You just need a mailgun account and the you can successfully claim this domain. Supporting Material/References:...

Operating System (OS) Detection (NTP)

Network Time Protocol (NTP) server based Operating System (OS) ...

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been...

TEMU sued for being “dangerous malware” by Arkansas Attorney General

Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailer's mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to...

FreeBSD : mongodb -- Our init scripts check /proc/[pid]/stat should validate that `(${procname})` is the process' command name. (273c6c43-e3ad-11e9-8af7-08002720423d)

Sicheng Liu of Beijing DBSEC Technology Co., Ltd reports : Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV...

Attackers are impersonating a road toll payment processor across the U.S. in phishing attacks

My wife (no stranger to weird types of scams) recently received a fake text message from someone claiming to be New Jersey's E-ZPass program saying that she had an outstanding balance from highway tolls that she owed, prompting her to visit a site so she could pay and avoid additional fines. There....

CVE-2024-24919: Check Point’s Quantum Gateway comes under Attack as Hackers exploit Zero-Day Vulnerability

Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...

Kraken Crypto Exchange Hit by $3 Million Theft Exploiting Zero-Day Flaw

Crypto exchange Kraken revealed that an unnamed security researcher exploited an "extremely critical" zero-day flaw in its platform to steal $3 million in digital assets and refused to return them. Details of the incident were shared by Kraken's Chief Security Officer, Nick Percoco, on X (formerly....

Web Application Scanning Consolidation / Info Reporting

The script consolidates and reports various information for web application (formerly...

Kaiser health insurance leaked patient data to advertisers

Health insurance giant Kaiser has announced it will notify millions of patients about a data breach after sharing patients’ data with advertisers. Kaiser said that an investigation led to the discovery that “certain online technologies, previously installed on its websites and mobile applications,....

CitySights NY Data Breach Exposes 110,000 Customers' Personal Information

CitySights NY, a company that organizes New York City tours on double-decker buses, has experienced a significant data breach. The personal information of 110,000 customers, including names, addresses, email addresses, credit card numbers, expiration dates, and Card Verification Value (CVV2)...

Foxit PDF Reader Code Execution Vulnerability (CNVD-2024-20601)

Foxit PDF Reader is China Foxit (Foxit) company a PDF reader. Foxit PDF Reader has a code execution vulnerability that stems from a post-release reuse problem when dealing with Doc objects, which can be exploited by an attacker to execute arbitrary code in the context of the current...

Foxit PDF Reader Code Execution Vulnerability

Foxit PDF Reader is China Foxit (Foxit) company a PDF reader. Foxit PDF Reader has a code execution vulnerability that stems from a post-release reuse issue in the AcroForm module, which can be exploited by an attacker to execute arbitrary code in the context of the current...

Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...

Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak

The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark...

Do not print on AppSocket and socketAPI printers

The host seems to be an AppSocket or socketAPI printer. Scanning it will waste paper. So ports 2000, 2501, 9100-9107, 9112-9116, 9200 and 10001...

UK PSTI? You’ll need a Vulnerability Disclosure Program!

If you are distributing or selling smart devices in to the UK market, your products will need to be compliant with the UK Product Security and Telecommunications Act. One of the three mandatory areas is that you have a vulnerability disclosure program (VDP) In the supporting materials for the Act,....

DocGo patient health data stolen in cyberattack

Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain...

Exploit for Path Traversal in Aiohttp

poc-cve-2024-23334 This repository contains a proof of...

Microsoft Edge (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-19325)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...

Arm Warns of Actively Exploited Zero-Day Vulnerability in Mali GPU Drivers

Arm is warning of a security vulnerability impacting Mali GPU Kernel Driver that it said has been actively exploited in the wild. Tracked as CVE-2024-4610, the use-after-free issue impacts the following products - Bifrost GPU Kernel Driver (all versions from r34p0 to r40p0) Valhall GPU Kernel...

Microsoft Edge for Android (Chromium-based) Information Disclosure Vulnerability (CNVD-2024-19324)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. Microsoft Edge for Android (Chromium-based) suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive...

Cybersecurity in the SMB space — a growing threat

Small and medium-sized businesses (SMBs) are increasingly targeted by cybercriminals. Despite adopting digital technology for remote work, production, and sales, SMBs often lack robust cybersecurity measures. SMBs face significant cybersecurity challenges due to limited resources and expertise....

Google will start deleting location history

Google announced that it will reduce the amount of personal data it is storing by automatically deleting old data from "Timeline"—the feature that, previously named "Location History," tracks user routes and trips based on a phone’s location, allowing people to revisit all the places they've been.....