November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715)
November 14, 2023—KB5032190 (OS Builds 22621.2715 and 22631.2715) UPDATED 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise, Education, IoT Enterprise, and Enterprise multi-session.....
9.8CVSS
8.2AI Score
0.57EPSS
XSS Marks the Spot: Digging Up Vulnerabilities in ChatGPT
With its widespread use among businesses and individual users, ChatGPT is a prime target for attackers looking to access sensitive information. In this blog post, I'll walk you through my discovery of two cross-site scripting (XSS) vulnerabilities in ChatGPT and a few other vulnerabilities. When...
6.3AI Score
How Businesses Can Safeguard Their Communication Channels Against Hackers
Efficient communication is a cornerstone of business success. Internally, making sure your team communicates seamlessly helps you avoid friction losses, misunderstandings, delays, and overlaps. Externally, frustration-free customer communication is directly correlated to a positive customer...
9.8CVSS
9.5AI Score
0.074EPSS
RCE to Sliver: IR Tales from the Field
Rapid7 Incident Response consultants Noah Hemker, Tyler Starks, and malware analyst Tom Elkins contributed analysis and insight to this blog. Rapid7 Incident Response was engaged to investigate an incident involving unauthorized access to two publicly-facing Confluence servers that were the source....
10CVSS
8.6AI Score
0.971EPSS
How Nation-State Actors Target Your Business: New Research Exposes Major SaaS Vulnerabilities
With many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (Wing), a SaaS...
6.8AI Score
October 2023’s Cyber Security Awareness Month led to a flurry of blog posts about a new attack called Quishing (QR Code phishing) and how new AI powered email gateways can potentially block these attacks. What’s the attack? To understand the attack you need understand the challenge that the...
7.2AI Score
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again...
7.3AI Score
0.0004EPSS
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again...
7.4AI Score
0.0004EPSS
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again...
8.1AI Score
0.0004EPSS
CVE-2022-23093 Stack overflow in ping(8)
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again...
7.6AI Score
0.0004EPSS
CVE-2022-23093 Stack overflow in ping(8)
ping reads raw IP packets from the network to process responses in the pr_pack() function. As part of processing a response ping has to reconstruct the IP header, the ICMP header and if present a "quoted packet," which represents the packet that generated an ICMP error. The quoted packet again...
7.5AI Score
0.0004EPSS
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...
5.5CVSS
6.8AI Score
0.001EPSS
Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1909 Adobe Acrobat Reader Font avar SegmentMaps out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20748 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A.....
5.5CVSS
6.9AI Score
0.001EPSS
Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1908 Adobe Acrobat Reader Font CharStrings INDEX out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20747 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.20380. A....
5.5CVSS
7AI Score
0.001EPSS
Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1910 Adobe Acrobat Reader Font CharStrings CharStringsOffset out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20749 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader...
5.5CVSS
5.3AI Score
0.001EPSS
Intel® PROSet/Wireless and Killer™ Wi-Fi Software February 2024 Security Update
Intel has informed HP of potential security vulnerabilities in some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software, which might allow escalation of privilege, information disclosure or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities. ...
7.1CVSS
7.7AI Score
0.0004EPSS
Why Are Compromised Identities the Nightmare to IR Speed and Efficiency?
Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you're still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR teams with the ability....
7.4AI Score
Wazuh in the Cloud Era: Navigating the Challenges of Cybersecurity
Cloud computing has innovated how organizations operate and manage IT operations, such as data storage, application deployment, networking, and overall resource management. The cloud offers scalability, adaptability, and accessibility, enabling businesses to achieve sustainable growth. However,...
7.2AI Score
New Zardoor backdoor used in long-term cyber espionage operation targeting an Islamic organization
By Jungsoo An, Wayne Lee and Vanja Svajcer. Cisco Talos discovered a new, stealthy espionage campaign that has likely persisted since at least March 2021. The observed activity affects an Islamic non-profit organization using backdoors for a previously unreported malware family we have named...
8.2AI Score
Digital Experience Monitoring | What Is DEM?
Introduction to Digital Experience Monitoring: Illuminating the Basics In an era governed by technology, the satisfaction of an end-user is of utmost importance. It has the power to stimulate or to halt business growth, and frequently determines if a client continues or discontinues their...
7.2AI Score
Chinese Hackers Exploited FortiGate Flaw to Breach Dutch Military Network
Chinese state-backed hackers broke into a computer network that's used by the Dutch armed forces by targeting Fortinet FortiGate devices. "This [computer network] was used for unclassified research and development (R&D)," the Dutch Military Intelligence and Security Service (MIVD) said in a...
9.8CVSS
9.9AI Score
0.321EPSS
Directory Traversal: Examples, Testing, and Prevention
Unveiling the Enigma of Path Navigation: An Exhaustive Exploration and Insight Path Navigation, often referred to as Folder Navigation, symbolizes a kind of security extraction point allowing unauthorized individuals to gain unauthorized access to specific files held within a server's database...
7.8AI Score
Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data
Employment agencies and retail companies chiefly located in the Asia-Pacific (APAC) region have been targeted by a previously undocumented threat actor known as ResumeLooters since early 2023 with the goal of stealing sensitive data. Singapore-headquartered Group-IB said the hacking crew's...
6.9AI Score
Exploring the (Not So) Secret Code of Black Hunt Ransomware
It seems like every week, the cybersecurity landscape sees the emergence of yet another ransomware variant, with Black Hunt being one of the latest additions. Initially reported by cybersecurity researchers in 2022, this new threat has quickly made its presence known. In a recent incident, Black...
8.2AI Score
How to comply with GDPR requirements
Understanding the Basics of GDPR Compliance Within the sphere of cybersecurity, significant strides were made as the European Union (EU) introduced an innovative legislative tool called the General Data Protection Regulation (GDPR), unveiled on May 25, 2018. This regulation highlights the EU's...
7.2AI Score
Rapid7 in Prague: Pete Rubio Shares Insights and Excitement for the New Office
_As we continue to grow our customer base here at Rapid7, we’re growing our offices as well – this time with a new location in the Czech Republic. With a successful history of building innovation hubs from Boston to Belfast, our teams can’t wait to bring new talent from Prague into the business....
6.9AI Score
Hello everyone! It has been 3 months since the last episode. I spent most of this time improving my Vulristics project. So in this episode, let's take a look at what's been done. Alternative video link (for Russia): https://vk.com/video-149273431_456239139 Also, let's take a look at the Microsoft.....
10CVSS
10AI Score
0.971EPSS
Exploit for Cross-Site Request Forgery (CSRF) in Moxa Iologik E1210 Firmware
This repository contains a Python script and a nuclei template...
8.8CVSS
7AI Score
0.001EPSS
Server-Side Template Injection Vulnerability in Confluence Data Center and Server (CVE-2023-22527)
Introduction On January 16 2024, Atlassian issued a significant alert on a critical Server-Side Template Injection (SSTI) vulnerability in Confluence Data Center and Server, identified as CVE-2023-22527. This issue found in older versions, poses a serious risk as it allows attackers without any.....
10CVSS
8.7AI Score
0.973EPSS
OSINT in 60 seconds. Mind reading on TV
TL;DR We were asked to help with a Channel 5 consumer education series about online banking scams The presenter, Alexis Conran, was to ‘read’ the minds of members of the public walking past a coffee shop A release form was signed by the targets, with their name, email, and phone number, then...
6.9AI Score
Unspecified vulnerability in Linux kernel (CNVD-2024-06429)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.7.1 and earlier versions, which stems from the presence of an out-of-bounds access vulnerability. No details of the...
5.5CVSS
6.8AI Score
0.0004EPSS
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory.....
10CVSS
9.6AI Score
0.002EPSS
Russian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree
40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded guilty to committing...
7.3AI Score
Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems.....
9.8CVSS
8.5AI Score
0.002EPSS
AlmaLinux 9 : frr (ALSA-2024:0477)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0477 advisory. bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a flowspec overflow. (CVE-2023-38406) bgpd/bgp_label.c...
9.8CVSS
6.7AI Score
0.001EPSS
Oracle Linux 9 : frr (ELSA-2024-0477)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-0477 advisory. An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because...
9.8CVSS
6.5AI Score
0.001EPSS
9.8CVSS
7.4AI Score
0.01EPSS
Understanding the Basics of Security Operations (SecOps) SecOps represents the blending of cybersecurity proficiency with operational domains, forming a powerful bulwark. Its primary mission lies in safeguarding the fundamental data assets and technological infrastructures of an organization. More....
7AI Score
Cisco Unified Communications Manager IM & Presence RCE (cisco-sa-cucm-rce-bWNzQcUm)
According to its self-reported version, Cisco Unified Communications Manager IM & Presence running on the report host is affected by a remote code execution (RCE) vulnerability. Due to improper processing of user-provided data that is being read into memory, an unauthenticated, remote, attacker...
10CVSS
9.9AI Score
0.002EPSS
Cisco Unified Communications Manager RCE (cisco-sa-cucm-rce-bWNzQcUm)
According to its self-reported version, Cisco Unified Communications Manager running on the report host is affected by a remote code execution (RCE) vulnerability. Due to improper processing of user-provided data that is being read into memory, an unauthenticated, remote, attacker can execute...
10CVSS
9.9AI Score
0.002EPSS
Cisco Unified Communications Products Remote Code Execution Vulnerability
A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to the improper processing of user-provided data that is being read into memory.....
8.2AI Score
0.002EPSS
"Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto Wallets
Cracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in the wild, said they are designed to target machines running macOS...
7AI Score
Cracked software beats gold: new macOS backdoor stealing cryptowallets
A month ago, we discovered some cracked apps circulating on pirating websites and infected with a Trojan proxy. The malicious actors repackaged pre-cracked applications as PKG files with an embedded Trojan proxy and a post-install script initiating the infection. We recently caught sight of a new,....
7.5AI Score
Exploit for Improper Authentication in Ivanti Connect Secure
Ivanti Connect Around Vulnerability Checker [Ivanti...
8.4AI Score
Privacy, Security, and Connected Devices: Key Takeaways From CES 2024
The topic of data privacy has become so relevant in our age of smart technology. With everything becoming connected, including our homes, workplaces, cities, and even our cars, those who develop this technology are obligated to identify consumers' expectations for privacy and then find the best...
7.4AI Score
New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone
Cybersecurity researchers have identified a "lightweight method" called iShutdown for reliably identifying signs of spyware on Apple iOS devices, including notorious threats like NSO Group's Pegasus, QuaDream's Reign, and Intellexa's Predator. Kaspersky, which analyzed a set of iPhones that were...
6.3AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
The evolution of the Kuiper ransomware
Kuiper Ransomware’s Evolution By Max Kersten · January 17, 2024 The Golang-based Kuiper ransomware is presented as an opportunity for other criminals to make money by ransoming one or more targets. Additionally, RobinHood, the actor behind Kuiper, states that help with operations can be provided...
6.5AI Score
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-2647)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to...
7.8CVSS
8.7AI Score
EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2023-2689)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the Linux kernel in linux/net/netfilter/nf_tables_api.c of the netfilter subsystem. This flaw allows a local user to...
7.8CVSS
8.7AI Score
EPSS