Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2023-24576: DSA-2023-041: Dell NetWorker Security Update for nsrdump Vulnerability

EMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.

CVE
Open in Source
#vulnerability#mac#windows#ubuntu#linux#debian#red_hat#rce#auth#dell
Cyberthreats facing UK finance sector "a national security threat"

Categories: Business Categories: News Tags: Financials Tags: fraud Tags: cybersecurity Tags: cooperation Tags: NatWest Tags: romance scam Tags: BEC scam Tags: NCP fraud Reports published about the UK financial industry show a growing number of cyberthreats and enormous losses to fraud. (Read more...) The post Cyberthreats facing UK finance sector "a national security threat" appeared first on Malwarebytes Labs.

CVE-2021-36712: YzmCMS官方网站 - 轻量级开源CMS

Cross Site Scripting (XSS) vulnerability in yzmcms 6.1 allows attackers to steal user cookies via image clipping function.

CVE-2021-37374: Teradek Cross-Site Scripting Vulnerability Advisory

** UNSUPPORTED WHEN ASSIGNED ** Cross Site Scripting (XSS) vulnerability in Teradek Clip all firmware versions allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any firmware updates to address this issue.

Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

In a continuing sign that threat actors are adapting well to a post-macro world, it has emerged that the use of Microsoft OneNote documents to deliver malware via phishing attacks is on the rise. Some of the notable malware families that are being distributed using this method include AsyncRAT, RedLine Stealer, Agent Tesla, DOUBLEBACK, Quasar RAT, XWorm, Qakbot, BATLOADER, and FormBook.

macOS Dirty Cow Arbitrary File Write Local Privilege Escalation

Dirty Cow arbitrary file write local privilege escalation exploit for macOS.

CVE-2022-48074

An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nxs file.

TrickGate: Malicious Software Outwitting Antivirus for 6 Years

By Habiba Rashid According to researchers, there are a few key points that allow a packer such as TrickGate to remain efficient and undetectable for so many years. This is a post from HackRead.com Read the original post: TrickGate: Malicious Software Outwitting Antivirus for 6 Years

New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities

The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country. The advanced persistent threat, also known as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, and UAC-0010, has a track record of