CISA: CISA Releases Five Industrial Control Systems Advisories
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on December 7, 2023. These...
Month: December 2023
AcuAutomate – Unofficial Acunetix CLI Tool For Automated Pentesting And Bug Hunting Across Large Scopes
AcuAutomate is an unofficial Acunetix CLI tool that simplifies automated pentesting and bug hunting across extensive targets. It's a valuable...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software
Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
N. Korea’s Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks
The North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of...
New 5G Modem Flaws Affect iOS Devices and Android Models from Major Brands
A collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as...
SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs
Researchers from the Vrije Universiteit Amsterdam have disclosed a new side-channel attack called SLAM that could be exploited to leak...
Ransomware-as-a-Service: The Growing Threat You Can’t Ignore
Ransomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of...
IBM Informix Dynamic Server buffer overflow | CVE-2023-28527
NAME__________IBM Informix Dynamic Server buffer overflowPlatforms Affected:IBM Informix Dynamic Server 14.10 IBM Informix Dynamic Server 12.10Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM...
IBM Informix Dynamic Server buffer overflow | CVE-2023-28526
NAME__________IBM Informix Dynamic Server buffer overflowPlatforms Affected:IBM Informix Dynamic Server 14.10 IBM Informix Dynamic Server 12.10Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM...
osCommerce SQL injection | CVE-2023-6579
NAME__________osCommerce SQL injectionPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________osCommerce is vulnerable to SQL injection. A remote attacker could send specially crafted SQL...
Phoenix Technologies Phoenix SecureCore code execution | US-CERT VU#811862
NAME__________Phoenix Technologies Phoenix SecureCore code executionPlatforms Affected:Phoenix Technologies Phoenix SecureCoreRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Phoenix Technologies Phoenix SecureCore could allow a local...
AMI AptioV code execution | US-CERT VU#811862
NAME__________AMI AptioV code executionPlatforms Affected:AMI Aptio VRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI AptioV could allow a local authenticated attacker to execute arbitrary...
AMI Aptio V code execution | US-CERT VU#811862
NAME__________AMI Aptio V code executionPlatforms Affected:AMI Aptio VRisk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMI Aptio V could allow a local authenticated attacker to...
ICONICS SCADA Suite code execution | CVE-2023-6061
NAME__________ICONICS SCADA Suite code executionPlatforms Affected:Risk Level:6.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ICONICS SCADA Suite could allow a remote authenticated attacker to execute arbitrary...
webMethods security bypass | CVE-2023-6578
NAME__________webMethods security bypassPlatforms Affected:Software AG webMethods 10.11Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________webMethods could allow a remote attacker to bypass security restrictions, caused...
Microsoft Edge (Chromium-based) information disclosure | CVE-2023-36880
NAME__________Microsoft Edge (Chromium-based) information disclosurePlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:4.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to obtain...
Insyde InsydeH2O denial of service | US-CERT VU#811862
NAME__________Insyde InsydeH2O denial of servicePlatforms Affected:Insyde InsydeH2O 5.2 Insyde InsydeH2O 5.3 Insyde InsydeH2O 5.4 Insyde InsydeH2O 5.5 Insyde InsydeH2O 5.6Risk...
