Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

Threat Source newsletter (March 16, 2023) — A deep dive into Talos' work in Ukraine

The latest episode of ThreatWise TV from Hazel Burton is the closest look yet at the team Talos assembled in the days after Russia invaded Ukraine.

TALOS
Open in Source
#sql#vulnerability#web#windows#microsoft#amazon#cisco#intel#botnet#zero_day
Senator Warner on the Restrict Act and a US TikTok Ban

WIRED spoke with the coauthor of the Restrict Act, a bipartisan bill to crack down on tech from six “hostile” countries.

Emotet adopts Microsoft OneNote attachments

Categories: Threat Intelligence Emotet finally got the memo and added Microsoft OneNote lures. (Read more...) The post Emotet adopts Microsoft OneNote attachments appeared first on Malwarebytes Labs.

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

The ransomware group has already claimed 116 victim organizations so far on its site, and it continues to mature as a thriving cybercriminal business, researchers said.

CVE-2023-27711: Typecho <= 1.2.0 Comment Manager with Refleted-XSS Vulnerability · Issue #1539 · typecho/typecho

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via the Comment Manager /admin/manage-comments.php component.

CVE-2023-27709: DedeCMS V5.7.160 Backend Blind SQL Injection

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dedestory_catalog.php endpoint.

CVE-2023-27707: DedeCMS V5.7.160 Backend Blind SQL Injection

SQL injection vulnerability found in DedeCMS v.5.7.106 allows a remote attacker to execute arbitrary code via the rank_* parameter in the /dede/group_store.php endpoint.

CVE-2023-27130: Typecho <= 1.2.0 Admin System with Reflected-XSS Vulnerability · Issue #1535 · typecho/typecho

Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.

CVE-2023-1431: WP Simple Shopping Cart <= 4.6.3 - Information Disclosure — Wordfence Intelligence

The WP Simple Shopping Cart plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 4.6.3 due to the plugin saving shopping cart data exports in a publicly accessible location (/wp-content/plugins/wordpress-simple-paypal-shopping-cart/includes/admin/). This makes it possible for unauthenticated attackers to view information that should be limited to administrators only and can include data like first name, last name, email, address, IP Address, and more.

Siemens SCALANCE, RUGGEDCOM Third-Party

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global). 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/Low attack complexity  Vendor: Siemens  Equipment: Busybox Applet affecting SCALANCE and RUGGEDCOM products  Vulnerabilities: Out-of-bounds Write, Exposure of Sensitive Information to an Unauthorized Actor, Improper Locking, Improper Input Validation, NULL Pointer Dereference, Out-of-bounds Read, Release of Invalid Pointer or Reference, Use After Free, Improper Authentication, OS Command Injection, Improper Certificate Validation, Improper Resource Shutdown or Release, Race Condition, Uncaught Exception, Integer Underflow (Wrap or Wraparound), Classic Buffer Overflow, Double Free, Incorrect Authorization, Allocat...