-
Stealth Falcon preying over Middle Eastern skies with Deadglyph
We have detected unusual activity from your IP address You can continue browsing our website for the next 20 minutes if you pass the …
-
ESET’s cutting-edge threat research at LABScon – Week in security with Tony Anscombe
We have detected unusual activity from your IP address You can continue browsing our website for the next 20 minutes if you pass the …
-
Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware
The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to …
-
3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone
Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with …
-
Zero-Day iOS Exploit Chain Infects Devices with Predator Spyware
Ahmed Eltantawy, a former Egyptian MP and presidential candidate, was targeted with Cytrox’s Predator spyware after announcing his bid …
-
LastPass: ‘Horse Gone Barn Bolted’ is Strong Password
The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are …
-
CVE-2023-43470 – SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker …
SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker to execute arbitrary code via the checklogin.php …
-
CVE-2023-43469 – SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to …
SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the ForPass.php …
-
CVE-2023-43468 – SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to …
SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to execute arbitrary code via the login.php …
-
CVE-2023-43338 – Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability v …
Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability …
-
Cisco swallows Splunk, the gen AI freight train barrels ahead and Intel touts progress
Cybersecurity dominated the enterprise technology headlines this week as Cisco Systems Inc. bought Splunk …
-
Cisco to Acquire Splunk for $28 Billion, Accelerating AI-Enabled Security and Observability
On Thursday Cisco agreed to buy Splunk in a $28 billion deal intended to address AI-enabled security and observability issues. …
●●●
NVD
- CVE-2023-43468 – SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to …
- CVE-2023-43338 – Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability v …
- CVE-2023-43470 – SQL injection vulnerability in janobe Online Voting System v.1.0 allows a remote attacker …
- CVE-2023-43469 – SQL injection vulnerability in janobe Online Job Portal v.2020 allows a remote attacker to …
- CVE-2023-31716 – FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log …
EXPLOITS
- Drupal 10.1.2 – web-cache-poisoning-External-service-interaction
- SyncBreeze 15.2.24 – ‘login’ Denial of Service
- Techview LA-5570 Wireless Gateway Home Automation Controller – Multiple Vulnerabilities
- SPA-Cart eCommerce CMS 1.9.0.3 – SQL Injection
- Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS
SECURELIST
- Overview of IoT threats in 2023
- Threat landscape for industrial automation systems. Statistics for H1 2023
- Free Download Manager backdoored – a possible supply chain attack on Linux machines
- From Caribbean shores to your devices: analyzing Cuba ransomware
- Evil Telegram doppelganger attacks Chinese users