CISA: CISA Releases Seven Industrial Control Systems Advisories
CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...
Month: December 2023
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates
CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...
CISA: FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware
FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware Today, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure...
Brute Ratel C4 Detected – 54[.]150[.]226[.]102:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
PipeViewer – A Tool That Shows Detailed Information About Named Pipes In Windows
A GUI tool for viewing Windows Named Pipes and searching for insecure permissions. The tool was published as part of...
HackerOne Bug Bounty Disclosure: b-dos-in-bigdecimal-s-sqrt-function-due-to-miscalculation-of-loop-iterations-b-z
Company Name: b'Ruby' Company HackerOne URL: https://hackerone.com/ruby Submitted By:b'z2_'Link to Submitters Profile:https://hackerone.com/b'z2_' Report Title:b"DoS in bigdecimal's sqrt function due to...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in Safari, iOS, iPadOS, and...
Ransomware Review November 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertiser Copies Pc News Site To Deliver Infostealer
The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that...
Credit Card Skimming On The Rise For The Holiday Shopping Season
As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for...
Atomic Stealer Distributed To Mac Users Via Fake Browser Updates
Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious...
Ransomware Review December 2023
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Malvertisers Zoom In On Cryptocurrencies And Initial Access
During the past month, we have observed an increase in the number of malicious ads on Google searches for “Zoom”,...
Associated Press Espn Cbs Among Top Sites Serving Fake Virus Alerts
ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one...
New Metastealer Malvertising Campaigns
MetaStealer is a popular piece of malware that came out in 2022, levering previous code base from RedLine. Stealers have...
Pikabot Distributed Via Malicious Ads
During this past year, we have seen an increase in the use of malicious ads (malvertising) and specifically those via...
Siemens SCALANCE M-800/S615 Family command execution | CVE-2023-49691
NAME__________Siemens SCALANCE M-800/S615 Family command executionPlatforms Affected:Siemens SCALANCE M800/S615 Siemens RUGGEDCOM RM1224 LTE(4G) EU (6GK6108- 4AM00-2BA2) Siemens RUGGEDCOM RM1224 LTE(4G)...
IBM AIX denial of service | CVE-2023-45172
NAME__________IBM AIX denial of servicePlatforms Affected:IBM AIX 7.2 IBM VIOS 3.1 IBM AIX 7.3Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM AIX 7.2,...
Siemens SIMATIC CP, SINAMICS, SIPLUS NET CP denial of service | CVE-2023-38380
NAME__________Siemens SIMATIC CP, SINAMICS, SIPLUS NET CP denial of servicePlatforms Affected:Siemens SIPLUS NET CP 1543-1 (6AG1543-1AX00- 2XE0) Siemens SIMATIC CP...
libssh denial of service | CVE-2023-6918
NAME__________libssh denial of servicePlatforms Affected:Libssh Libssh 0.9.7 libssh libssh 0.10.5Risk Level:3.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libssh is vulnerable to a denial of...
Gallagher Controller 7000 and Controller 7000 Single Door Controller security bypass | CVE-2023-6355
NAME__________Gallagher Controller 7000 and Controller 7000 Single Door Controller security bypassPlatforms Affected:Gallagher Controller 7000 8.70 Gallagher Controller 7000 8.80 Gallagher...
OpenSSH command execution | CVE-2023-51385
NAME__________OpenSSH command executionPlatforms Affected:OpenSSH OpenSSH 9.5Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenSSH could allow a remote attacker to execute arbitrary commands on the...
