Hackers Exploit Legitimate Packer Software to Spread Malware Undetected
Threat actors are increasingly abusing legitimate and commercially available packer software such as BoxedApp to evade detection and distribute malware such as remote access trojans and information stealers. "The majority of the attributed malicious samples targeted financial institutions and...
7.1AI Score
This vulnerability allows remote attackers to escalate privileges on affected installations of Trend Micro InterScan Web Security Virtual Appliance. Authentication is required to exploit this vulnerability. The specific flaw exists within the HTTP Inspection component. The issue results from the...
7.5AI Score
0.0005EPSS
K000139922: Open vSwitch vulnerabilities CVE-2023-3966 and CVE-2023-5366
Security Advisory Description CVE-2023-3966 A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...
7.5CVSS
7.1AI Score
0.0004EPSS
7.4AI Score
Releases Ubuntu 22.04 LTS Ubuntu 20.04 LTS Packages qemu - Machine emulator and virtualizer Details USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the...
8.8CVSS
8.3AI Score
0.002EPSS
Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)
The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...
8.8CVSS
7.8AI Score
0.002EPSS
Security Bulletin: NVIDIA GPU Display Driver - June 2024
NVIDIA has released a software security update for NVIDIA GPU Display Driver to address the issues that are disclosed in this bulletin. To protect your system, download and install this software update through the NVIDIA Driver Downloads page or, for the vGPU software and Cloud Gaming updates,...
7.8CVSS
8AI Score
0.0004EPSS
Security Bulletin: AIX is vulnerable to denial of service due to ISC BIND
Summary UPDATED: (Corrected the affected fileset levels to reflect that bind.rte 7.1.916.2604 and 7.3.916.2601 are vulnerable) Multiple vulnerabilities in ISC BIND could allow a remote attacker to cause a denial of service. AIX uses ISC BIND as part of its DNS functions. Vulnerability Details **...
7.5CVSS
8.1AI Score
0.05EPSS
DarkGate switches up its tactics with new payload, email templates
This post was authored by Kalpesh Mantri. Cisco Talos is actively tracking a recent increase in activity from malicious email campaigns containing a suspicious Microsoft Excel attachment that, when opened, infected the victim's system with the DarkGate malware. These campaigns, active since the...
7.9AI Score
[SECURITY] Fedora 40 Update: qt5-qtvirtualkeyboard-5.15.14-1.fc40
The Qt Virtual Keyboard project provides an input framework and reference key board frontend for Qt 5. Key features include: * Customizable keyboard layouts and styles with dynamic switching. * Predictive text input with word selection. * Character preview and alternative character view. *...
6.7AI Score
0.0004EPSS
openSUSE: Security Advisory for java (SUSE-SU-2024:1793-1)
The remote host is missing an update for...
3.7CVSS
5.1AI Score
0.001EPSS
Security Bulletin: AIX is vulnerable to a denial of service due to libxml2 (CVE-2024-25062)
Summary Vulnerability in libxml2 could allow a remote attacker to cause a denial of service (CVE-2024-25062). AIX uses libxml2 as part of its XML parsing functions. Vulnerability Details ** CVEID: CVE-2024-25062 DESCRIPTION: **GNOME libxml2 is vulnerable to a denial of service, caused by a...
7.5CVSS
7.4AI Score
0.0005EPSS
TotalCloud Insights: Securing Your Data—The Power of Encryption in Preventing Threats
Introduction Did you know there is a 90% failure rate for encryption-related controls of MySQL Server in Microsoft Azure? The issue isn't confined to Azure; in Google Cloud Platform (GCP) environments there is a 98% failure rate of encryption-related controls for both compute engine and storage...
7.2AI Score
Mitsubishi Electric MELSEC iQ-R, Q, L Series and MELIPC Series (Update C)
EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: MELSEC iQ-R, Q, and L Series CPU Module; MELIPC Series CPU Vulnerability: Improper Resource Locking 2. RISK EVALUATION Successful exploitation of this vulnerability could...
7.5CVSS
7.9AI Score
0.003EPSS
Fuji Electric Monitouch V-SFT (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.5 ATTENTION: Low attack complexity Vendor: Fuji Electric Equipment: Monitouch V-SFT Vulnerabilities: Out-of-Bounds Write, Stack-Based Buffer Overflow, Type Confusion 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an...
9.8CVSS
8.2AI Score
0.001EPSS
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 4.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits available Vendor: Uniview Equipment: NVR301-04S2-P4 Vulnerability: Cross-site Scripting 2. RISK EVALUATION An attacker could send a user a URL that if clicked on could execute...
5.4CVSS
6.9AI Score
0.0004EPSS
Mitsubishi Electric CC-Link IE TSN Industrial Managed Switch (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Equipment: CC-Link IE TSN Industrial Managed Switch Vulnerabilities: Observable Timing Discrepancy, Double Free 2. RISK EVALUATION Successful exploitation of these...
7.5CVSS
8.2AI Score
0.002EPSS
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks
Cyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curve. The updates...
8.8CVSS
7.3AI Score
0.005EPSS
7.8CVSS
6.2AI Score
0.0004EPSS
This Week in Spring - June 4th, 2024
Hi, Spring fans, from London! I'm in this fabulous country doing my level-headed best to refrain from dooing Mr. Bean bits, because, honestly, if I - an avid and prolific fan of Spring and its many beans - can't be "Mr. Bean," then I'm glad Rowan Atkinson is! I'm here for a SpringOne Tour event,...
7.2AI Score
In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Check for port partner validity before consuming it typec_register_partner() does not guarantee partner registration to always succeed. In the event of failure, port->partner is set to the error value or NULL.....
5.5CVSS
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: workqueue: Fix selection of wake_cpu in kick_pool() With cpu_possible_mask=0-63 and cpu_online_mask=0-7 the following kernel oops was observed: smp: Bringing up secondary CPUs ... smp: Brought up 1 node, 8 CPUs Unable to handle...
6.3AI Score
0.0004EPSS
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet
Law enforcement authorities behind Operation Endgame are seeking information related to an individual who goes by the name Odd and is allegedly the mastermind behind the Emotet malware. Odd is also said to go by the nicknames Aron, C700, Cbd748, Ivanov Odd, Mors, Morse, and Veron over the past...
7.3AI Score
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: add a missing rpc_stat for TCP TLS Commit 1548036ef120 ("nfs: make the rpc_stat per net namespace") added functionality to specify rpc_stats function but missed adding it to the TCP TLS functionality. As the result,...
6.5AI Score
0.0004EPSS
In the Linux kernel, the following vulnerability has been resolved: swiotlb: initialise restricted pool list_head when SWIOTLB_DYNAMIC=y Using restricted DMA pools (CONFIG_DMA_RESTRICTED_POOL=y) in conjunction with dynamic SWIOTLB (CONFIG_SWIOTLB_DYNAMIC=y) leads to the following crash when...
5.5CVSS
6.8AI Score
0.0004EPSS
Active Exploits target Check Point Security Gateway Zero-Day Information Disclosure flaw Check Point Cybersecurity has issued hotfixes to address a zero-day vulnerability in its VPNs that has been exploited to gain remote access to firewalls and potentially infiltrate corporate networks. On...
8.6CVSS
6.3AI Score
0.945EPSS
IT threat evolution Q1 2024 IT threat evolution Q1 2024. Mobile statistics IT threat evolution Q1 2024. Non-mobile statistics Targeted attacks Operation Triangulation: the final mystery Last June, we published a series of reports on Operation Triangulation, a previously unknown iOS malware...
7.8CVSS
6AI Score
0.003EPSS
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery...
9.8CVSS
7.5AI Score
0.001EPSS
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery...
9.8CVSS
9.7AI Score
0.001EPSS
CVE-2024-5404 ifm: moneo prone to weak password recovery mechanism
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery...
9.8CVSS
9.7AI Score
0.001EPSS
CVE-2024-5404 ifm: moneo prone to weak password recovery mechanism
An unauthenticated remote attacker can change the admin password in a moneo appliance due to weak password recovery...
9.8CVSS
7.2AI Score
0.001EPSS
Software: libvirt 6.0.0 OS: ROSA Virtualization 2.1 package_evr_string: libvirt-6.0.0-28.module+el8.3.0+7827+5e65edd7.src.rpm CVE-ID: CVE-2021-3631 BDU-ID: 2024-02428 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Libvirt virtualization management library is related to the creation of SELinux.....
6.5CVSS
6.5AI Score
0.001EPSS
RHEL 6 : consolekit (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. ConsoleKit: Policy restrictions break-out via remote Virtual Network Computing (VNC) session (CVE-2010-4664) ...
8.8CVSS
7AI Score
0.003EPSS
RHEL 5 : dnsmasq (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks (CVE-2012-3411) dnsmasq:...
7.2AI Score
0.029EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1788)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 8 : sqlite (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. sqlite: heap-based buffer over-read in function fts5HashEntrySort in sqlite3.c (CVE-2019-9936) ...
7.5CVSS
8.4AI Score
EPSS
EulerOS 2.0 SP11 : kernel (EulerOS-SA-2024-1800)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is...
8CVSS
8.3AI Score
EPSS
RHEL 7 : log4j (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. log4j: Socket receiver deserialization vulnerability (CVE-2017-5645) Prior to Apache Commons Net 3.9.0,...
9.8CVSS
8.8AI Score
0.874EPSS
RHEL 6 : log4j (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. log4j: Socket receiver deserialization vulnerability (CVE-2017-5645) ** UNSUPPORTED WHEN ASSIGNED **...
9.8CVSS
7.5AI Score
0.874EPSS
RHEL 4 : logrotate (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. logrotate: TOCTOU race condition by creation of new files (between opening the file and moment, final ...
7AI Score
0.001EPSS
RHEL 5 : logrotate (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. logrotate: TOCTOU race condition by creation of new files (between opening the file and moment, final ...
7AI Score
0.001EPSS
RHEL 7 : dpdk (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. dpdk: Information exposure in unchecked guest physical to host virtual address translations ...
7.5CVSS
7.6AI Score
0.002EPSS
In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Use the correct type in nvidia_smmu_context_fault() This was missed because of the function pointer indirection. nvidia_smmu_context_fault() is also installed as a irq function, and the 'void *' was changed to a...
5.5CVSS
7AI Score
0.0004EPSS
CVE-2024-24919-POC Read about it -...
8.6CVSS
6.5AI Score
0.945EPSS
[SECURITY] Fedora 39 Update: rust-python-launcher-1.0.0-12.fc39
The Python Launcher for Unix. Launch your Python interpreter the lazy/smart way! This launcher is an implementation of the py command for Unix-based platforms. The goal is to have py become the cross-platform command that Python users typically use to launch an interpreter while doing...
7.2AI Score
[SECURITY] Fedora 39 Update: rust-coreos-installer-0.21.0-3.fc39
coreos-installer installs Fedora CoreOS or RHEL CoreOS to bare-metal machines (or, occasionally, to virtual...
7.3AI Score
Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2024-3253)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-3253 advisory. hivex libguestfs libguestfs-winsupport libiscsi libnbd libtpms libvirt [8.0.0-23.1.0.1] - Set SOURCE_DATE_EPOCH from changelog...
7CVSS
7.1AI Score
0.001EPSS
CVE-2024-24919-Check-Point-Remote-Access-VPN...
8.6CVSS
6.5AI Score
0.945EPSS
New banking trojan “CarnavalHeist” targets Brazil with overlay attacks
Since February 2024, Cisco Talos has been observing an active campaign targeting Brazilian users with a new banking trojan called "CarnavalHeist." Many of the observed tactics, techniques and procedures (TTPs) are common among other banking trojans coming out of Brazil. This family has also been...
8AI Score
CVE-2024-24919-POC Read about it -...
8.6CVSS
6.5AI Score
0.945EPSS