#windows

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31477.

Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.

Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.

Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.

Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 31637.

Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35739.

Despite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enforcement operation may not have impacted Qakbot operators’ spam delivery infrastructure but rather only their

By Deeba Ahmed Another day, another NPM typosquatting attack. This is a post from HackRead.com Read the original post: NPM Typosquatting Attack Deploys r77 Rootkit via Legitimate Package

1E Client installer can perform arbitrary file deletion on protected files.   A non-privileged user could provide a symbolic link or Windows junction to point to a protected directory in the installer that the 1E Client would then clear on service startup. A hotfix is available Q23092 that forces the 1E Client to check for a symbolic link or junction and if it finds one refuses to use that path and instead creates a path involving a random GUID.

A governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C++ called DinodasRAT. The Slovak cybersecurity firm said it could link the intrusion to a known threat actor or group,