Aggregator
CVE-2021-22644 | Ovarro TBox TG2 hard-coded key (icsa-21-054-04)
CVE-2021-22648 | Ovarro TBox TG2 Configuration File permission assignment (icsa-21-054-04)
CVE-2022-40494 | NPS up to 0.26.9 Parameter Auth key/Timestamp improper authentication
CVE-2022-1059 | Aethon TUG Home Base Server up to 23 cross site scripting (icsa-22-102-05)
CVE-2022-1066 | Aethon TUG Home Base Server up to 23 authorization (icsa-22-102-05)
CVE-2022-1070 | Aethon TUG Home Base Server up to 23 channel accessible (icsa-22-102-05)
CVE-2022-26423 | Aethon TUG Home Base Server up to 23 authorization (icsa-22-102-05)
CVE-2022-27494 | Aethon TUG Home Base Server up to 23 cross site scripting (icsa-22-102-05)
CVE-2023-49971 | Customer Support System 1.0 index.php?page=customer_list firstname cross site scripting
CVE-2023-49977 | Customer Support System 1.0 index.php?page=new_customer address cross site scripting
CVE-2023-49974 | Customer Support System 1.0 index.php?page=customer_list Contact cross site scripting
CVE-2023-49973 | Customer Support System 1.0 index.php?page=customer_list email cross site scripting
CVE-2023-49976 | Customer Support System 1.0 index.php?page=new_ticket subject cross site scripting
CVE-2024-27278 | OpenPNE opTimelinePlugin up to 1.2.11 Profile Configuration cross site scripting
CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations
A relatively new ransomware outfit known as CrazyHunter has emerged as a significant threat, particularly targeting Taiwanese organizations. The group, which started its operations in the healthcare, education, and industrial sectors of Taiwan, leverages sophisticated cyber techniques to disrupt essential services. Sophisticated Techniques and Open-Source Exploitation CrazyHunter’s toolkit is largely composed of open-source tools sourced […]
The post CrazyHunter Hacker Group Exploits Open-Source GitHub Tools to Target Organizations appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
BSidesLV24 – Common Ground – Security for AI Basics – Not by ChatGPT
Author/Presenter: Chloé Messdaghi
Our sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel.
The post BSidesLV24 – Common Ground – Security for AI Basics – Not by ChatGPT appeared first on Security Boulevard.
Threat Actors Leverage Cascading Shadows Attack Chain to Evade Detection and Hinder Analysis
A sophisticated multi-layered phishing campaign was uncovered, employing a complex attack chain known as “Cascading Shadows” to deliver various malware, including Agent Tesla, XLoader, and Remcos RAT. The attackers’ strategy hinges on using multiple, seemingly simple but strategically layered stages, which not only evade traditional sandbox environments but also complicates analysis by cybersecurity experts. The […]
The post Threat Actors Leverage Cascading Shadows Attack Chain to Evade Detection and Hinder Analysis appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Microsoft Vulnerabilities Reach Record High with Over 1,300 Reported in 2024
The 12th Edition of the Microsoft Vulnerabilities Report has revealed a significant surge in the number of vulnerabilities detected within Microsoft’s ecosystem, setting a new record with 1,360 vulnerabilities reported in 2024. This escalation marks the highest count since the initiation of the report, underscoring a year of intense scrutiny and attention to security within […]
The post Microsoft Vulnerabilities Reach Record High with Over 1,300 Reported in 2024 appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers
A comprehensive study by zLabs, the research team at Zimperium, has found that over 43% of the top 100 mobile applications used in business environments contain severe vulnerabilities that expose sensitive data to potential hackers. This finding underscores the urgent need for enterprises to reassess their app vetting processes and enhance security measures to protect […]
The post 43% of Top 100 Enterprise Mobile Apps Expose Sensitive Data to Hackers appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.