#web

Two months ago, the FBI “disrupted” the BlackCat ransomware group. They're already back—and their latest attack is causing delays at pharmacies across the US.

By Waqas macOS users watch out for the new variant aiming at your crypto funds! This is a post from HackRead.com Read the original post: New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets

By Owais Sultan The Internet offers a convenient platform for sharing data, but it also brings the risk of data leaks.… This is a post from HackRead.com Read the original post: Safe Data Sharing Practices: How to Avoid Data Leaks

Gentoo Linux Security Advisory 202402-33 - A vulnerability has been found in PyYAML which can lead to arbitrary code execution. Versions greater than or equal to 5.4 are affected.

Hospital Management System version 1.0 suffers from insecure direct object reference and account takeover vulnerabilities.

Hospital Management System version 1.0 suffers from a remote SQL injection vulnerability.

Red Hat Security Advisory 2024-0983-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a spoofing vulnerability.

Talos has observed a phishing spam campaign targeting potential victims in Mexico, luring users to download a new obfuscated information stealer we’re calling TimbreStealer, which has been active since at least November 2023.

By Deeba Ahmed Brand Hijacking Alert: Guardio Reveals Malicious Actors Using Trusted Brands for Phishing. This is a post from HackRead.com Read the original post: ResurrecAds Attack Hijacks Brand Names, Spreads Spam Via ‘SubdoMailing’

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Mitsubishi Electric Corporation Equipment: MELSEC iQ-F Series Vulnerability: Insufficient Resource Pool 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to cause a temporary denial-of-service (DoS) condition for a certain period of time in the product's Ethernet communication by performing a TCP SYN Flood attack. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Mitsubishi Electric MELSEC iQ-F Series, a compact control platform, are affected: Products with * are sold in limited regions. MELSEC iQ-F FX5U-32MT/ES: All Versions MELSEC iQ-F FX5U-32MT/DS: All Versions MELSEC iQ-F FX5U-32MT/ESS: All Versions MELSEC iQ-F FX5U-32MT/DSS: All Versions MELSEC iQ-F FX5U-32MR/ES: All Versions MELSEC iQ-F FX5U-32MR/DS: All Versions MELSEC iQ-F FX5U-64MT/ES: All Versions MELSEC iQ-F FX5U-64MT/ESS: All Versions MELSEC iQ-F FX5U-64MT/D...