#web

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: AFS65x, AFF66x, AFS67x, AFR67x Series Vulnerabilities: Incorrect Calculation, Integer Overflow or Wraparound, Improper Encoding or Escaping of Output, Exposure of Resource to Wrong Sphere 2. RISK EVALUATION Successful exploitation of these vulnerabilities by an attacker could have a high impact on availability, integrity, and confidentiality of the targeted devices. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Hitachi Energy products and versions are affected: AFF66X FW: 03.0.02 and prior AFS66X-S: All versions AFS660-C: All versions AFS66X-B: All versions AFS670-V20: All versions AFS65X: All versions AFS67X: All versions AFR677: All versions 3.2 Vulnerability Overview 3.2.1 INCORRECT CALCULATION CWE-682 In Expat (aka libexpat) before 2.4.3, a left shift by 29(or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavio...

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Qognify Equipment: NiceVision Vulnerability: Use of Hard-coded Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to retrieve sensitive information about the cameras managed by the platform and its users. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Qoginfy NiceVision, an IP-video surveillance system, are affected: NiceVision: v3.1 and prior 3.2 Vulnerability Overview 3.2.1 USE OF HARD-CODED CREDENTIALS CWE-798 Qognify NiceVision versions 3.1 and prior are vulnerable to exposing sensitive information using hard-coded credentials. With these credentials an attacker can retrieve information about the cameras, user information, and modify database records. CVE-2023-2306 has been assigned to this vulnerability. A CVSS v3 base score of 10.0 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:C/C:...

Categories: Business MITRE Engenuity released its 2023 ATT&CK Evaluation results, with Malwarebytes blocking initial malware execution and earning high marks for detection. (Read more...) The post 2023 MITRE ATT&CK® Evaluation results: Malwarebytes earns high marks for detection, blocks initial malware executions appeared first on Malwarebytes Labs.

The threat actors behind the Qakbot malware have been conducting a campaign since early August 2023 in which they have been distributing Ransom Knight ransomware and the Remcos backdoor via phishing emails.

Nowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer obfuscation, Lu0Bot is a serious threat to organizations and individuals. Although currently, the malware has low

A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C++ called DinodasRAT. The Slovak cybersecurity firm said it could link the intrusion to a known threat actor or group,

A new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims' funds and backdoor infected devices. "The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications," Group-IB said. "There are indications that this threat might be poised to extend its reach across the wider APAC region and to

Apple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iPhone maker said it addressed the problem with improved checks. "Apple is aware of a report that this issue may have

Categories: Business Categories: News Categories: Ransomware Tags: Sony Tags: RansomedVC Tags: Cl0p Tags: ransomware Tags: data breach Tags: MOVEit Sony has confirmed a ransomware attack in June and is investigating claims of a second, more recent one. (Read more...) The post Sony was attacked by two ransomware operators appeared first on Malwarebytes Labs.

The Migration Toolkit for Containers (MTC) 1.8.0 is now available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-26115: A flaw was found in the Node.js word-wrap module, where it is vulnerable to a denial of service caused by a Regular expression denial of service (ReDoS) issue in the result variable. By sending a specially crafted regex input, a remote attacker can cause a denial of service.