Aggregator

Key Group, or keygroup777, is a financially motivated ransomware group primarily targe

US healthcare provider UMC Health System had to divert patients due to a network outage caused by a ransomware attack. On September 27, 2024, US healthcare provider UMC Health System announced an investigation into an IT outage across its network. UMC diverted patients for several days after taking IT systems offline following a ransomware attack. […]

Executive SummaryResearchers at Palo Alto Networks discovered an automated scannin

Ученые зафиксировали редкое событие, которое перепишет законы природы.

Pittsburgh, PA, Oct. 1, 2024 — ForAllSecure, the world’s most advanced application security testing company, today announced it is changing its corporate name to Mayhem Security (“Mayhem”), signaling a new era of growth and opportunity aligned with its award-winning … (more…)

The post News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus first appeared on The Last Watchdog.

The post News alert: Introducing Mayhem Security — ForAllSecure unveils name change, fresh focus appeared first on Security Boulevard.

A vulnerability has been found in Scriptcase 9.4.019 and classified as very critical. Affected by this vulnerability is an unknown functionality in the library /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ of the component POST Request Handler. The manipulation leads to unrestricted upload. This vulnerability is known as CVE-2024-8940. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Dover Fueling Solutions ProGauge MAGLINK LX CONSOLE and ProGauge MAGLINK LX4 CONSOLE. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component POST Request Handler. The manipulation leads to command injection. This vulnerability is known as CVE-2024-43693. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in WatchGuard Authentication Gateway and Single Sign-On Client and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to incorrect authorization. This vulnerability is handled as CVE-2024-6592. The attack may be launched remotely. There is no exploit available.

A vulnerability has been found in Devolutions Server up to 2024.2.10.0 and classified as problematic. This vulnerability affects unknown code of the component PAM Access Request Handler. The manipulation leads to incorrect authorization. This vulnerability was named CVE-2024-6512. The attack needs to be initiated within the local network. There is no exploit available.

A vulnerability was found in CKeditor5 up to 43.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Clipboard Package. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2024-45613. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in CIRCUTOR Q-SMT 1.0.4. Affected by this vulnerability is an unknown functionality. The manipulation leads to improper validation of specified quantity in input. This vulnerability is known as CVE-2024-8887. The attack can be launched remotely. There is no exploit available.

Texas healthcare provider UMC Health System was forced to divert some patients to other locations after a ransomware attack impacted its operations. [...]

The FIN6 group is the likely culprit behind a spear-phishing campaign that demonstrates a shift in tactics, from targeting job seekers to going after those who hire.

A vulnerability classified as critical has been found in WP Hotel Booking Plugin up to 2.1.2 on WordPress. This affects an unknown part. The manipulation leads to unrestricted upload. This vulnerability is uniquely identified as CVE-2024-7855. It is possible to initiate the attack remotely. There is no exploit available.

Cross-site scripting (XSS) vulnerabilities continue to be a major concern in today’s software lands

via the comic humor & dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘Beamsplitters’ appeared first on Security Boulevard.

Интернет захлестнула новая форма токсикомании?