Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2022-34110: Sell Memory, Sell RAM, Sell Hard Drives

An issue in Micro-Star International MSI Feature Navigator v1.0.1808.0901 allows attackers to download arbitrary files regardless of file type or size.

CVE
Open in Source
#mac#apple#cisco#git#oracle#intel#amd#samsung#ibm#dell
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

A state-sponsored advanced persistent threat (APT) actor newly christened APT42 (formerly UNC788) has been attributed to over 30 confirmed espionage attacks against individuals and organizations of strategic interest to the Iranian government at least since 2015. Cybersecurity firm Mandiant said the group operates as the intelligence gathering arm of Iran's Islamic Revolutionary Guard Corps (

Hackers Target Los Angeles School District With Ransomware

Plus: Albania cuts ties with Iran, claims of a TikTok data breach that didn’t happen, and much more.

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The U.S. Treasury Department on Friday announced sanctions against Iran's Ministry of Intelligence and Security (MOIS) and its Minister of Intelligence, Esmaeil Khatib, for engaging in cyber-enabled activities against the nation and its allies. "Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector

CVE-2022-38638: Arbitrary file write/overwrite Vulnerability · Issue #1035 · casdoor/casdoor

Casdoor v1.97.3 was discovered to contain an arbitrary file write vulnerability via the fullFilePath parameter at /api/upload-resource.

CVE-2021-44835: Active Intelligence | Data Visualization BI Tools

An issue was discovered in Active Intelligent Visualization 5. The Vdc header is used in a SQL query without being sanitized. This causes SQL injection.

Monti, the New Conti: Ransomware Gang Uses Recycled Code

A new group, Monti, appears to have used leaked Conti code, TTPs, and infrastructure approaches to launch its own ransomware campaign.

Sensitive NATO Data Stolen in Cyberattack on Portugal’s Armed Forces

By Deeba Ahmed According to local media, this is an "extremely serious" leak because EMGFA, Portugal's armed forces' central unit, stores secret NATO information. This is a post from HackRead.com Read the original post: Sensitive NATO Data Stolen in Cyberattack on Portugal’s Armed Forces

US Sanctions Iran Over APT Cyberattack Activity

The Treasury Department links the MuddyWater APT and APT39 to Iran's intelligence apparatus, which is now blocked from doing business with US entities.

Ubuntu Security Notice USN-5605-1

Ubuntu Security Notice 5605-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.