Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-37731: webvue2/ftcmsxss.md at gh-pages · whiex/webvue2

ftcms 2.1 poster.PHP has a XSS vulnerability. The attacker inserts malicious JavaScript code into the web page, causing the user / administrator to trigger malicious code when accessing.

CVE
Open in Source
#xss#vulnerability#web#windows#java#php#firefox
CVE-2022-37730: webvue/Ftcms CSRF.md at gh-pages · whiex/webvue

In ftcms 2.1, there is a Cross Site Request Forgery (CSRF) vulnerability in the PHP page, which causes the attacker to forge a link to trick him to click on a malicious link or visit a page containing attack code, and send a request to the server (corresponding to the identity authentication information) as the victim without the victim's knowledge.

Some Members of Conti Group Targeting Ukraine in Financially Motivated Attacks

Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022. The findings, which come from Google's Threat Analysis Group (TAG), builds upon a prior report published in July 2022, detailing the continued cyber activity aimed at the Eastern European nation amid the ongoing Russo-Ukrainian war. "UAC-0098 is a threat

Iran-Linked APT Cozies Up to 'Enemies' in Trust-Based Spy Game

APT42 is posing as a friend to people considered threats to the government, using a raft of different tools to steal relevant info and perform surveillance.

CVE-2022-35513: Releases · todbot/Blink1Control2

The Blink1Control2 application <= 2.2.7 uses weak password encryption and an insecure method of storage.

MagicRAT: Lazarus’ latest gateway into victim networks

By Jung soo An, Asheer Malhotra and Vitor Ventura. Cisco Talos has discovered a new remote access trojan (RAT) we're calling "MagicRAT," developed and operated by the Lazarus APT group, which the U.S. government believes is a North Korean state-sponsored actor. Lazarus deployed MagicRAT after the successful exploitation of vulnerabilities in VMWare Horizon platforms. We've also found links between MagicRAT and another RAT known as "TigerRAT," disclosed and attributed to Lazarus by the Korean Internet & Security Agency (KISA) recently. TigerRAT has evolved over the past year to include new functionalities that we illustrate in this blog. Executive Summary Cisco Talos has discovered a new remote access trojan (RAT), which we are calling "MagicRAT," that we are attributing with moderate to high confidence to the Lazarus threat actor, a state-sponsored APT attributed to North Korea by the U.S. Cyber Security & Infrastructure Agency (CISA). This new RAT was found on victims ...

Everything You Need To Know About BlackCat (AlphaV)

A relative newcomer to the ransomware scene, the BlackCat group quickly gained notoriety and may be associated with other APT groups like Conti and DarkSide.

CVE-2022-37253: Crime Reporting System 1.0 Cross Site Scripting ≈ Packet Storm

Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter

CVE-2022-37771: Multiple Endpoints Security Tampering Exploit – Mrvar0x – YME

IObit Malware Fighter v9.2 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.

CVE-2022-36670: Multiple Endpoints Security Tampering Exploit – Mrvar0x – YME

PCProtect Endpoint prior to v5.17.470 for Microsoft Windows lacks tamper protection, allowing authenticated attackers with Administrator privileges to modify processes within the application and escalate privileges to SYSTEM via a crafted executable.