Tag
#windows
Categories: News Categories: Ransomware Tags: CISA Tags: ransomware Tags: Democratic People’s Republic of Korea Tags: DPRK Tags: North Korea Tags: WannaCry Tags: EternalBlue Tags: Lazarus Group Tags: APT Tags: Magniber Tags: Magnitude exploit kit Tags: exploit kit Tags: EK Tags: Andariel Tags: Silent Chollima Tags: Stonefly Tags: Maui Tags: H0lyGh0st Tags: PLUTONIUM Tags: Conti The tactics of North Korean-sponsored ransomware cyberattacks against the healthcare sector and other vital infrastructure are highlighted in the latest #StopRansomware alert. (Read more...) The post CISA issues alert with South Korean government about DPRK's ransomware antics appeared first on Malwarebytes Labs.
Categories: News Tags: VMware ESXi Tags: Safer Internet Day Tags: Malwarebytes Mobile Security Tags: ION Tags: LockBit ransomware Tags: ransomware Tags: GoAnywhere Tags: Ryuk Tags: Malwarebytes Application Block Tags: BEC Tags: business email compromise Tags: fake Facebook Tags: Facebook Tags: Reddit breach Tags: Killnet Tags: DDoS attack The most interesting security related news from the week of February 6 to 12. (Read more...) The post A week in security (February 6 - 12) appeared first on Malwarebytes Labs.
Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a path traversal issue. A remote and unauthenticated attacker can execute arbitrary programs on the victim host by sending a crafted HTTP request, as demonstrated by /check?cmd=ping../ followed by the pathname of the powershell.exe program.
NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94.
Keep your movements private.
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021.
A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active abuse in the wild. Included among the three is CVE-2022-24990, a bug affecting TerraMaster network-attached storage (TNAS) devices that could lead to unauthenticated remote code execution with the highest privileges. Details
IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Versions prior to 8.1.0 are subject to a command injection vulnerability with very specific prerequisites. This vulnerability requires that the function `IPython.utils.terminal.set_term_title` be called on Windows in a Python environment where ctypes is not available. The dependency on `ctypes` in `IPython.utils._process_win32` prevents the vulnerable code from ever being reached in the ipython binary. However, as a library that could be used by another tool `set_term_title` could be called and hence introduce a vulnerability. Should an attacker get untrusted input to an instance of this function they would be able to inject shell commands as current process and limited to the scope of the current process. Users of ipython as a library are advised to upgrade. Users unable to upgrade should ensure that any calls to the `IP...
Art Gallery Management System Project v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter at product.php.