Yan&Co Security Vulnerabilities

Command Execution Vulnerability in Sky Mirror Vulnerability Scanning and Management System of Qixing Information Technology Group Co.

Sky Mirror Vulnerability Scanning and Management System is a vulnerability scanning product independently developed by Qixing, a network-based vulnerability analysis, assessment and management system. There is a command execution vulnerability in the Sky Mirror Vulnerability Scanning and...

Arbitrary File Read Vulnerability in Sky Mirror Vulnerability Scanning and Management System of Kaixingchen Information Technology Group Co.

Sky Mirror Vulnerability Scanning and Management System is a vulnerability scanning product independently developed by Qixing, a network-based vulnerability analysis, assessment and management system. Sky Mirror Vulnerability Scanning and Management System of Qixing Information Technology Group...

File Containment Vulnerability in Tian Yue Network Security Audit System of Qixing Information Technology Group Co.

Providence Peak Network Security Audit System is a compliance management system for fine-grained auditing of network operation behaviors in business environments. A file inclusion vulnerability exists in the Tianyue Network Security Audit System of Qixing Information Technology Group Company...

Unauthorized Access Vulnerability in LiveNVR of Anhui Green Persimmon Information Technology Co. Ltd (CNVD-2023-77604)

Anhui Green Persimmon Information Technology Co., Ltd. is a company whose business scope includes: computer hardware and software development and sales, technical services, technical consulting, technology transfer; web page design; design, installation and maintenance of network equipment;...

JVN#03447226: "Skylark" App fails to restrict custom URL schemes properly

"Skylark" App provided by SKYLARK HOLDINGS CO., LTD. provides the function to access a requested URL using Custom URL Scheme. The App does not restrict access to the function properly (CWE-939) which may be exploited to direct the App to access any sites. ## Impact An arbitrary site may be...

Threat Roundup for October 27 to November 3

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 27 and Nov. 3. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....

Threat Roundup for November 3 to November 10

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 3 and Nov. 10. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,.....

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here's a closer look at the Russia-based SWAT USA Drop Service,...

A cascade of compromise: unveiling Lazarus’ new campaign

Earlier this year, a software vendor was compromised by the Lazarus malware delivered through unpatched legitimate software. What's remarkable is that these software vulnerabilities were not new, and despite warnings and patches from the vendor, many of the vendor's systems continued to use the...

Fostering Innovation in Web Security

I've always created growth by focusing on free. It started back in 2003 when I launched WorkZoo in London. WorkZoo was a job search engine that ended up being one of Time Magazine's top 50 websites of 2005. These days we take free search capability for granted, but 20 years ago, before Nginx came.....

CVE-2014-125027 Yuna Scatari TBDev usersearch.php get_user_icons cross site scripting

A vulnerability has been found in Yuna Scatari TBDev up to 2.1.17 and classified as problematic. Affected by this vulnerability is the function get_user_icons of the file usersearch.php. The manipulation of the argument n/r/r2/em/ip/co/ma/d/d2/ul/ul2/ls/ls2/dl/dl2 leads to cross site scripting....

Ubuntu 16.04 LTS / 18.04 LTS : OpenSSL vulnerabilities (USN-4504-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4504-1 advisory. Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some...

Malvertising via Dynamic Search Ads delivers malware bonanza

Most, if not all malvertising incidents result from a threat actor either injecting code within an existing ad, or intentionally creating one. Today, we look at a different scenario where, as strange as that may sound, malvertising was entirely accidental. The reason this happened was due to the...

Fedora: Security Advisory for grafana-pcp (FEDORA-2023-00b3e9d551)

The remote host is missing an update for...

[SECURITY] Fedora 38 Update: grafana-pcp-5.1.1-4.fc38

This Grafana plugin for Performance Co-Pilot includes data sources for scalable time series from pmseries(1) and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace(1), as well as several...

Information Leakage Vulnerability in API Gateway Management System of Tech Data Communication Co.

Founded in 1999, Tech Data Xunfei Co., Ltd. is a well-known listed company in the Asia-Pacific region for intelligent speech and artificial intelligence. An information disclosure vulnerability exists in the API gateway management system of KDDI Corporation, which can be exploited by attackers to.....

K73422160 : OpenSSL vulnerability CVE-2019-1547

Security Advisory Description Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters (instead of using a named curve). In those cases it is possible...

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

A 22-year-old New Jersey man has been sentenced to more than 13 years in prison for participating in a firebombing and a shooting at homes in Pennsylvania last year. Patrick McGovern-Allen was the subject of a Sept. 4, 2022 story here about the emergence of "violence-as-a-service" offerings, where....

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

Three unpatched high-severity security flaws have been disclosed in the NGINX Ingress controller for Kubernetes that could be weaponized by a threat actor to steal secret credentials from the cluster. The vulnerabilities are as follows - CVE-2022-4886 (CVSS score: 8.8) - Ingress-nginx path...

Arid Viper disguising mobile spyware as updates for non-malicious Android applications

Since April 2022, Cisco Talos has been tracking a malicious campaign operated by the espionage-motivated Arid Viper advanced persistent threat (APT) group targeting Arabic-speaking Android users. In this campaign, the actors leverage custom mobile malware, also known as Android Package files...

Threat Roundup for October 13 to October 20

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 13 and Oct. 20. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,....

Weak Password Vulnerability in NPort 5210A of Mosaic Technology (Shanghai) Co.

Mosa Technology (Shanghai) Co., Ltd. is a company whose business scope includes technology development, technical consultation, technical services, etc. in the field of communication equipment. A weak password vulnerability exists in NPort 5210A of Mosa Technologies (Shanghai) Co. Ltd. that can be....

Former Uber CISO Appealing His Conviction

Joe Sullivan, Uber's CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company's data security.....

What is Cracktivator software?

Cisco Talos coined the term "Cracktivator software" to reference counterfeit or modified software for pirated versions of Windows applications. One of our teammates, James Nutland, led the research to look into cracked versions of the Microsoft Windows operating system and other Microsoft...

Command Execution Vulnerability in Wisdom Optical IPTV Gateway of Shenzhen Wisdom Optical Information Technology Co.

Shenzhen Wisdom Optical Xun Information Technology Co., Ltd. is an emerging high-tech company integrating R&D, production and sales. Shenzhen Wisdom Optical Information Technology Co., Ltd Wisdom Optical IPTV Gateway has a command execution vulnerability that can be exploited by an attacker to...

Security Bulletin: A vulnerability exists in the IBM® SDK, Java™ Technology Edition affect IBM Tivoli Network Configuration Manager (CVE-2023-22045, CVE-2023-22049).

Summary A vulnerability exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration Manager IP Edition v6.4.2 Vulnerability Details ** CVEID: CVE-2023-22045 DESCRIPTION: **An unspecified vulnerability in Java SE related to the VM component could allow.....

Exploit for Use After Free in Linux Linux Kernel

Introduction This vulnerability is a race condition...

CVE-2023-40646

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40644

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40643

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40642

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40641

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40645

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40649

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40647

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

CVE-2023-40648

In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges...

Oracle: Security Advisory (ELSA-2015-0439)

The remote host is missing an update for...

CVE-2023-40652

In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges...

CVE-2023-40632

In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges...

CVE-2023-40638

In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges...

[SECURITY] Fedora 39 Update: libvpx-1.13.0-5.fc39

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices...

AI Risks

There is no shortage of researchers and industry titans willing to warn us about the potential destructive power of artificial intelligence. Reading the headlines, one would hope that the rapid gains in AI technology have also brought forth a unifying realization of the risks--and the steps we...

CVE-2023-40636

In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges...

[SECURITY] Fedora 38 Update: libvpx-1.13.0-5.fc38

libvpx provides the VP8/VP9 SDK, which allows you to integrate your applicati ons with the VP8 and VP9 video codecs, high quality, royalty free, open source co decs deployed on millions of computers and devices...

Security Bulletin: Multipe vulnerabilities exists in the IBM® SDK, Java™ Technology Edition affects IBM Tivoli Network Configuration Manager.

Summary Multipe vulnerabilities exists in IBM® SDK Java™ Technology Edition, Version 8, which is used by IBM Tivoli Network Configuration v6.4.2. CVE-2023-21930, CVE-2023-21967, CVE-2023-21954, CVE-2023-21939, CVE-2023-21968, CVE-2023-21937, CVE-2023-21938, CVE-2023-2597 Vulnerability Details **...

Information leakage vulnerability in Dahua DSS system

DSS (Digital Surveillance System) is a digital surveillance management system developed by Zhejiang Dahua Technology Co. There is an information leakage vulnerability in Dahua DSS system, which can be exploited by an attacker to obtain server related information and cause information...

CVE-2023-40635

In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...

U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses

The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country's ballistic missile program. The Department of Justice (DoJ) said.....

CVE-2023-40637

In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution...

CVE-2023-40634

In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges...