Thursday, April 18, 2024

InfoSec News Feeds


  • Palo Alto OS Command Injection
    on 17 April 2024 at 4:58 PM

    Palo Alto OS was recently hit by a command injection zero day attack. These are exploitation details related to the zero day.

  • Palo Alto OS Command Injection Proof Of Concept
    on 17 April 2024 at 4:56 PM

    This is a scanning script to validate vulnerable Palo Alto OS systems for the recent zero day command injection vulnerability.

  • pgAdmin 8.3 Remote Code Execution
    on 17 April 2024 at 4:50 PM

    pgAdmin versions 8.3 and below have a path traversal vulnerability within their session management logic that can allow a pickled file to be loaded from an arbitrary location. This can be used to load a malicious, serialized Python object to execute code within the context of the target […]



Security Affaris

  • Previously unknown Kapeka backdoor linked to...
    by Pierluigi Paganini on 18 April 2024 at 10:39 AM

    Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka that has been used in attacks targeting victims in Eastern Europe since at least mid-2022. The backdoor […]

  • Cisco warns of a command injection escalation...
    by Pierluigi Paganini on 18 April 2024 at 8:16 AM

    Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC […]

  • Linux variant of Cerber ransomware targets...
    by Pierluigi Paganini on 17 April 2024 at 7:01 PM

    Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence […]



  • RDP remains a security concern – Week in...
    on 29 March 2024 at 11:24 AM

    Much has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a result

  • Cybercriminals play dirty: A look back at 10...
    on 28 March 2024 at 11:30 AM

    This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to cybersecurity

  • Borrower beware: Common loan scams and how to...
    on 26 March 2024 at 11:30 AM

    Personal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here’s how to avoid being scammed when considering a loan.


  • Prolific phishing-made-easy emporium LabHost...
    by Connor Jones on 18 April 2024 at 11:15 AM

    Police mimic Spotify Wrapped videos to let crims know they're being hunted Feature  Cops have brought down a dark-web souk that provided cyber criminals with convincing copies of trusted brands' websites for use in phishing campaigns.…

  • Singapore infosec boss warns China/West tech...
    by Laura Dobberstein on 18 April 2024 at 6:32 AM

    When you decide not to trust a big chunk of the supply chain, tech (and trade) get harder One of the biggest challenges Singapore faces is the potential for a split between tech stacks developed and used by China and the West, according to the island nation's Cyber Security Administration (CSA) […]

  • MGM says FTC can't possibly probe its ransomware...
    by Jessica Lyons on 16 April 2024 at 9:32 PM

    What a twist! MGM Resorts wants the FTC to halt a probe into last year's ransomware infection at the mega casino chain – because the watchdog's boss Lina Khan was a guest at one of its hotels during the cyberattack.…

Security Week

  • Cisco Unveils AI-Native Enterprise Security...
    by Eduard Kovacs on 18 April 2024 at 10:07 AM

    Cisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities. The post Cisco Unveils AI-Native Enterprise Security Solution Hypershield appeared first on SecurityWeek.

  • Kapeka: A New Backdoor in Sandworm’s Arsenal of...
    by Kevin Townsend on 17 April 2024 at 8:00 PM

    Kapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek.

  • Miggo Security Gets $7.5 Million Seed Funding to...
    by Kevin Townsend on 17 April 2024 at 3:54 PM

    YL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology. The post Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology appeared first on SecurityWeek.

Exploit-DB Updates