-
Kaspersky Says it is Being Targeted By Zero-Click Exploits
Russian AV vendor Kaspersky has claimed that iOS devices on its network are being targeted by sophisticated zero-day exploits. The firm …
-
Qakbot: The trojan that just won’t go away
Qakbot (aka Qbot) – banking malware-turned-malware/ransomware distribution network – has been first observed in 2007 and is active to …
-
North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks
U.S. and South Korean intelligence agencies have issued a new alert warning of North Korean cyber actors’ use of social engineering tactics …
-
This malicious PyPI package mixed source and compiled code to dodge detection
Researchers recently uncovered the following novel attack on the Python Package Index (PyPI). ReversingLabs detected a Python package in …
-
You might have been phished by the gang that stole North Korea’s lousy rocket tech
The United States and the Republic of Korea have issued a joint cyber security advisory [PDF] about North Koreas “Kimsuky” cyber crime …
-
New infosec products of the week: June 2, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Bitdefender, ConnectSecure, CYTRACOM, …
-
Toyota Server Misconfiguration Leaks Owners Data for Over Seven Years
As per reports, On May 12, 2023, Toyota Motor Corporation discovered that they had been subject to a Potential data leak due to …
-
How defense contractors can move from cybersecurity to cyber resilience
The methods by which defense contractors have attempted to achieve cyber resiliency are completely different from what they may have to do …
-
Introducing the book: Cybersecurity First Principles
In this Help Net Security video interview, Rick Howard, CSO of N2K, Chief Analyst, and Senior Fellow at the Cyberwire, discusses his book …
-
Cybercriminals use legitimate websites to obfuscate malicious payloads
According to Egress, the evolving attack methodologies currently used by cybercriminals are designed to get through traditional perimeter …
-
Despite cutbacks, IT salaries expected to rise
Despite rising labor costs, economic inflation, and companies making an effort to cut back, the salary outlook for IT professionals is …
-
Millions of Gigabyte PC motherboards backdoored? What’s the actual score?
You may have seen some headlines about a supply-chain backdoor in millions of Gigabyte motherboards. Here’s the …
●●●
NVD
- CVE-2023-2201 – The Web Directory Free for WordPress is vulnerable to SQL Injection via the â€& …
- CVE-2022-45938 – An issue was discovered in Comcast Defined Technologies microeisbss through 2021. An attac …
- CVE-2015-10110 – A vulnerability classified as problematic was found in ruddernation TinyChat Room Spy Plug …
- CVE-2016-15032 – ** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classifie …
- CVE-2023-29746 – An issue found in The Thaiger v.1.2 for Android allows unauthorized apps to cause a code e …
EXPLOITS
- MotoCMS Version 3.4.3 – Server-Side Template Injection (SSTI)
- Pydio Cells 4.1.2 – Unauthorised Role Assignments
- Rukovoditel 3.3.1 – CSV injection
- Pydio Cells 4.1.2 – Cross-Site Scripting (XSS) via File Download
- Pydio Cells 4.1.2 – Server-Side Request Forgery
SECURELIST