InfoSec News Feeds
Aggregated InfoSec News
Packetstorm
- Palo Alto OS Command Injectionon 17 April 2024 at 4:58 PM
Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day.
- Palo Alto OS Command Injection Proof Of Concepton 17 April 2024 at 4:56 PM
This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.
- pgAdmin 8.3 Remote Code Executionon 17 April 2024 at 4:50 PM
pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded from an arbitrary location. This can be used to load a malicious, serialized Python object to execute code within the context of the target […]
THN
- Hackers Exploit OpenMetadata Flaws to Mine Crypto...by info@thehackernews.com (The Hacker News) on 18 April 2024 at 6:54 AM
Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the […]
- Malicious Google Ads Pushing Fake IP Scanner...by info@thehackernews.com (The Hacker News) on 18 April 2024 at 5:48 AM
A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged Google Ads to push […]
- Russian APT Deploys New 'Kapeka' Backdoor in...by info@thehackernews.com (The Hacker News) on 17 April 2024 at 2:32 PM
A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the […]
PortSwigger
- We’re going teetotal: It’s goodbye to The...on 2 March 2023 at 3:05 PM
PortSwigger today announces that The Daily Swig is closing down
- Bug Bounty Radar // The latest bug bounty...on 28 February 2023 at 8:15 PM
New web targets for the discerning hacker
- Indian transport ministry flaws potentially...on 28 February 2023 at 3:15 PM
Armed with personal data fragments, a researcher could also access 185 million citizens’ PII
Security Affaris
- Previously unknown Kapeka backdoor linked to...by Pierluigi Paganini on 18 April 2024 at 10:39 AM
Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka that has been used in attacks targeting victims in Eastern Europe since at least mid-2022. The backdoor […]
- Cisco warns of a command injection escalation...by Pierluigi Paganini on 18 April 2024 at 8:16 AM
Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC […]
- Linux variant of Cerber ransomware targets...by Pierluigi Paganini on 17 April 2024 at 7:01 PM
Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence […]
HackerOne
- HackerOne Company Values Matter: Default to...by Debbie Cotton on 12 April 2024 at 6:52 PM
- How a Race Condition Vulnerability Could Cast...by Dane Sherrets on 11 April 2024 at 5:07 PM
Hacker and Senior Solutions Architect Dane Sherrets tells the story of how a race condition vulnerability could cast multiple votes.
- A guide to get the most out of your One-on-Onesby cweiner@hackerone.com on 10 April 2024 at 10:54 PM
WeLiveSecurity
- RDP remains a security concern – Week in...on 29 March 2024 at 11:24 AM
Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result
- Cybercriminals play dirty: A look back at 10...on 28 March 2024 at 11:30 AM
This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity
- Borrower beware: Common loan scams and how to...on 26 March 2024 at 11:30 AM
Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here’s how to avoid being scammed when considering a loan.
TheRegister
- Prolific phishing-made-easy emporium LabHost...by Connor Jones on 18 April 2024 at 11:15 AM
Police mimic Spotify Wrapped videos to let crims know they're being hunted Feature Cops have brought down a dark-web souk that provided cyber criminals with convincing copies of trusted brands' websites for use in phishing campaigns.…
- Singapore infosec boss warns China/West tech...by Laura Dobberstein on 18 April 2024 at 6:32 AM
When you decide not to trust a big chunk of the supply chain, tech (and trade) get harder One of the biggest challenges Singapore faces is the potential for a split between tech stacks developed and used by China and the West, according to the island nation's Cyber Security Administration (CSA) […]
- MGM says FTC can't possibly probe its ransomware...by Jessica Lyons on 16 April 2024 at 9:32 PM
What a twist! MGM Resorts wants the FTC to halt a probe into last year's ransomware infection at the mega casino chain – because the watchdog's boss Lina Khan was a guest at one of its hotels during the cyberattack.…
Security Week
- Cisco Unveils AI-Native Enterprise Security...by Eduard Kovacs on 18 April 2024 at 10:07 AM
Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities. The post Cisco Unveils AI-Native Enterprise Security Solution Hypershield appeared first on SecurityWeek.
- Kapeka: A New Backdoor in Sandworm’s Arsenal of...by Kevin Townsend on 17 April 2024 at 8:00 PM
Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek.
- Miggo Security Gets $7.5 Million Seed Funding to...by Kevin Townsend on 17 April 2024 at 3:54 PM
YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology. The post Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology appeared first on SecurityWeek.
Exploit-DB Updates
- [webapps] djangorestframework-simplejwt 5.3.1 -...on 15 April 2024 at 1:00 AM
djangorestframework-simplejwt 5.3.1 - Information Disclosure
- [webapps] Jenkins 2.441 - Local File Inclusionon 15 April 2024 at 1:00 AM
Jenkins 2.441 - Local File Inclusion
- [webapps] OpenClinic GA 5.247.01 - Information...on 15 April 2024 at 1:00 AM
OpenClinic GA 5.247.01 - Information Disclosure
- [webapps] OpenClinic GA 5.247.01 - Path Traversal...on 15 April 2024 at 1:00 AM
OpenClinic GA 5.247.01 - Path Traversal (Authenticated)
- [webapps] Stock Management System v1.0 -...on 13 April 2024 at 1:00 AM
Stock Management System v1.0 - Unauthenticated SQL Injection
- [webapps] Savsoft Quiz v6.0 Enterprise - Stored...on 13 April 2024 at 1:00 AM
Savsoft Quiz v6.0 Enterprise - Stored XSS
ABOUT US
RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education. Read more
Contact us: security@realinfosec.net
Social
Subscribe for weekly updates
Copyright © RiSec 2023 All rights reserved.
All trademarks, logos, images and brand names are the property of their respective owners.