Aggregator

A vulnerability was found in Grav up to 1.7.10 and classified as critical. Affected by this issue is some unknown functionality of the component Twig Processing. The manipulation leads to code injection. This vulnerability is handled as CVE-2021-29440. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2018-14933 NUUO NVRmini Devices OS Command Injection Vulnerability
• CVE-2022-23227 NUUO NVRmini 2 Devices Missing Authentication Vulnerability
• CVE-2019-11001 Reolink Multiple IP Cameras OS Command Injection Vulnerability
• CVE-2021-40407 Reolink RLC-410W IP Camera OS Command Injection Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Today, CISA released Mobile Communications Best Practice Guidance. The guidance was crafted in response to identified cyber espionage activity by People’s Republic of China (PRC) government-affiliated threat actors targeting commercial telecommunications infrastructure, specifically addressing “highly targeted” individuals who are in senior government or senior political positions and likely to possess information of interest to these threat actors.

Highly targeted individuals should assume that all communications between mobile devices—including government and personal devices—and internet services are at risk of interception or manipulation.

CISA strongly urges highly targeted individuals to immediately review and apply the best practices provided in the guidance to protect mobile communications, including consistent use of end-to-end encryption.

Having been at ActiveState for nearly eight years, I’ve seen many iterations of our product. However, one thing has stayed true over the years: Our commitment to the open source community and companies using open source in their code. ActiveState has been helping enterprises manage open source for over a decade. In the early days, open source was in its infancy. We focused mainly on the

Having been at ActiveState for nearly eight years, I've seen many iterations of our product. Howev

A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier this year, with phishing emails that were received by roughly 20,000 users in European (including German and UK) companies in the automotive, chemical and industrial compound manufacturing sectors. The campaign peaked in June 2024. The … More →

The post European companies hit with effective DocuSign-themed phishing emails appeared first on Help Net Security.

A vulnerability, which was classified as problematic, has been found in Linux Kernel up to 2.6.11.9. Affected by this issue is the function raw_ioctl. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2005-1589. The attack can only be done within the local network. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in University of Washington wu-ftpd. It has been classified as very critical. Affected is an unknown function of the component Message File Handler. The manipulation of the argument macro leads to memory corruption. This vulnerability is traded as CVE-1999-0879. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Caucho Technology Resin 1.2.2. It has been rated as problematic. This issue affects some unknown processing of the component URL Handler. The manipulation with the input \.. leads to path traversal. The identification of this vulnerability is CVE-2001-0304. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Мнения участников рынка расходятся по ключевым вопросам.

A vulnerability, which was classified as problematic, has been found in mod_ssl 2.8.9. This issue affects the function ssl_compat_directive of the component Hook Handler. The manipulation leads to off-by-one. The identification of this vulnerability is CVE-2002-0653. Local access is required to approach this attack. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Cybersecurity experts are sounding the alarm over a new strain of malware dubbed “I2PRAT,” which leverages encrypted peer-to-peer (P2P) communication via the Invisible Internet Project (I2P) network to avoid detection. The malware, first reported on November 19 by the researcher Gi7w0rm, demonstrates a highly sophisticated infection chain and innovative evasion techniques, raising concerns among the […]

The post New I2PRAT Malware Using encrypted peer-to-peer communication to Evade Detections appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Recently, DFIR consult

Соцсети на виду у всех заменили темные переулки.