CISA: CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps
CISA Releases Joint Guide for Software Manufacturers: The Case for Memory Safe Roadmaps Today, as part of the Secure by...
Month: December 2023
Py-Amsi – Scan Strings Or Files For Malware Using The Windows Antimalware Scan Interface
py-amsi is a library that scans strings or files for malware using the Windows Antimalware Scan Interface (AMSI) API. AMSI...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy...
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
Golang Go information disclosure | CVE-2023-45287
NAME__________Golang Go information disclosurePlatforms Affected:Golang Go 1.19.5Risk Level:5.9Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Golang Go could allow a remote attacker to obtain sensitive information,...
Phoenix Technologies Phoenix SecureCore code execution | US-CERT VU#811862
NAME__________Phoenix Technologies Phoenix SecureCore code executionPlatforms Affected:Phoenix Technologies Phoenix SecureCoreRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Phoenix Technologies Phoenix SecureCore could allow a local...
git-urls denial of service | CVE-2023-46402
NAME__________git-urls denial of servicePlatforms Affected:git-urls git-urls 1.0.0Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________git-urls is vulnerable to a denial of service,...
Insyde InsydeH2O denial of service | US-CERT VU#811862
NAME__________Insyde InsydeH2O denial of servicePlatforms Affected:Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O 5.5 Insyde InsydeH2O 5.6Risk...
Apple macOS Sonoma code execution | CVE-2023-42826
NAME__________Apple macOS Sonoma code executionPlatforms Affected:Apple macOS SonomaRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple macOS Sonoma could allow a remote attacker to execute...
AMI Aptio V code execution | US-CERT VU#811862
NAME__________AMI Aptio V code executionPlatforms Affected:AMI Aptio VRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI Aptio V could allow a local authenticated attacker to...
Devolutions Workspace information disclosure | CVE-2023-6588
NAME__________Devolutions Workspace information disclosurePlatforms Affected:Devolutions Devolutions Workspace 2023.3.2.0Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Devolutions Workspace could allow a remote authenticated attacker to obtain...
EspoCRM server-side request forgery | CVE-2023-46736
NAME__________EspoCRM server-side request forgeryPlatforms Affected:EspoCRM EspoCRM 8.0.4Risk Level:5.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________EspoCRM is vulnerable to server-side request forgery, caused by...
AMI AptioV code execution | US-CERT VU#811862
NAME__________AMI AptioV code executionPlatforms Affected:AMI Aptio VRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI AptioV could allow a local authenticated attacker to execute arbitrary...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
