In FreeBSD and BSD related operation systems the sysctl.conf file is located in /etc/sysctl.conf and these settings also work perfectly fine in PfSense and OPNsense when go to System > Settings > Tunables

To explore all FreeBSD system sysctl tunables open a terminal and enter sysctl -a and to filter out specific keywords then enter sysctl -a | grep “keyword“

Checkout these articles FreeBSD Tuning and Optimization and FreeBSD – a lesson in poor defaults.

#############################################################
#### Credits: infohack.eu - FreeBSD sysctl.conf tunables #### #############################################################

# Enable H-TCP congestion control: The Hamilton TCP (HighSpeed-TCP) algorithm is a packet loss based congestion control and is more aggressive pushing up to max bandwidth. 	
net.inet.tcp.cc.algorithm=htcp 	
net.inet.tcp.cc.htcp.adaptive_backoff=1 	
net.inet.tcp.cc.htcp.rtt_scaling=1

# Enable Explicit Congestion Notification (ECN) if both ends support it. Set ECN=0 if problems. ECN=1 on Clients for incoming & outgoing connections. ECN=2 on Router only for incoming connections.
net.inet.tcp.ecn.enable=2

# Increase TCP & UDP network buffers for better performance.
kern.ipc.maxsockbuf=4262144	
net.raw.recvspace=65536 	
net.raw.sendspace=65536 	
net.inet.raw.maxdgram=131072 	
net.inet.raw.recvspace=131072 	
net.inet.tcp.recvspace=65536 
net.inet.tcp.recvbuf_inc=65536 	
net.inet.tcp.recvbuf_max=4194304 	
net.inet.tcp.sendbuf_inc=65536 	
net.inet.tcp.sendbuf_max=4194304 	
net.inet.tcp.sendspace=65536 	
net.inet.udp.maxdgram=57344
net.inet.udp.recvspace=1048576
net.local.dgram.maxdgram=8192	
net.local.stream.recvspace=16384 	
net.local.stream.sendspace=16384 	

# Increase maximum number of jumbo clusters.
kern.ipc.nmbjumbo9=65536 	
kern.ipc.nmbjumbo16=32768 	
kern.ipc.nmbjumbop=524288

# Disable SACK against TCP vulnerabilities. 	
net.inet.tcp.sack.enable=0 

# Disable TCP Timestamps against timestamp security vulnerabilities. TCP Timestamps can remotely calculate the system uptime, boot time and host's clock with millisecond precision.
net.inet.tcp.rfc1323=0  	

# Disable Bypassing 3-way handshake. Prevent SYN & FIN bits.
net.inet.tcp.rfc1379=0 	

# TCP Fast Recovery behavior if 3 duplicate ACKs haven't been received. 
net.inet.tcp.rfc3042=1

# Increases the accuracy of TCP Fast Recovery.
net.inet.tcp.rfc6675_pipe=1

# Disable TCP Offload Engine.
net.inet.tcp.tso=0 

# Disable Flow Control for WAN (igb.0) to utilize full network bandwidth. (For Intel igb NIC).
dev.igb.0.fc=0 	 

# Increase maximum number of receive packets to process interrupts. (For Intel igb NIC). 
dev.igb.0.iflib.rx_budget=65535 	 	
dev.igb.1.iflib.rx_budget=65535 	
dev.igb.2.iflib.rx_budget=65535 	

# Increase maximum number of interrupts per second on any interrupt level.
hw.intr_storm_threshold=32000 

# Atheros (ath.0) WiFi adapter optimizations to improve stability & performance (For ath wireless NIC).
hw.ath.rxbuf=4096 	
hw.ath.txbuf=4096 	
hw.ath.txbuf_mgmt=256 
hw.ath.bstuck=44 
dev.ath.0.diversity=0
dev.ath.0.tpc=1 	
dev.ath.0.tpscale=1 

# Enable Stack Smashing Protection (SSP) against buffer overflows.
kern.elf32.nxstack=1
kern.elf64.nxstack=1
security.bsd.stack_guard_page=1

# Enable Address Space Layout Randomization (ASLR) and Position Independent Executable (PIE) to prevent exploitation of memory corruption vulnerabilities.
kern.elf32.aslr.enable=1 
kern.elf64.aslr.enable=1 	
kern.elf32.aslr.pie_enable=1
kern.elf64.aslr.pie_enable=1 

# Disable Indirect Branch Restricted Speculation (Spectre V2 mitigation).
hw.ibrs_disable=1 

# Disable Page Table Isolation (Meltdown mitigation).
vm.pmap.pti=0

# Increase Fortuna Pseudorandom Number Generator (PRNG) poolsize for higher entropy accumulation. 
kern.random.fortuna.minpoolsize=512  	

# Exclude INTERRUPT and NET_ETHER for entropy harvest for few % performance NIC benefit.
kern.random.harvest.mask=351	

# Randomize PID's for better security.
kern.randompid=1 	

# Randomize the ID Field in IP Packets to increase security.
net.inet.ip.random_id=1	

# Set securelevel=0 when the system is first booting it offers no special features. When the system reaches multi-user mode the securelevel is raised to 1. Nobody can write to /dev/mem & /dev/kmem. Many old security exploits relied upon this. Raw disk devices of all mounted file systems are read-only. Programs should only access mounted file systems through the standard devices. This doesn't change day-to-day operations. The schg and sappnd flags cannot be removed. You will need to reboot into single-user mode again to remove these flags. (*set securelevel=-1 manually and reboot for every system update!*)
kern.securelevel=0 		

# Prevent Bogus & Spoofed ICMP Packets.
net.inet.tcp.icmp_may_rst=0 
net.inet.icmp.bmcastecho=0 	
net.inet.icmp.drop_redirect=1 	
net.inet.icmp.icmplim=1 	
net.inet.icmp.icmplim_output=0 	
net.inet.icmp.log_redirect=0 	
net.inet.icmp.maskfake=0 	
net.inet.icmp.maskrepl=0 	
net.inet.icmp.quotelen=8 	
net.inet.icmp.reply_from_interface=0 	
net.inet.icmp.reply_src=0 	
net.inet.icmp.tstamprepl=0 	

# Prevent Fragmented IP Packets.
net.inet.ip.maxfragpackets=0 	
net.inet.ip.maxfrags=0 	
net.inet.ip.maxfragsperpacket=0 	
net.inet6.ip6.maxfragpackets=0 	
net.inet6.ip6.maxfrags=0 	
net.inet6.ip6.maxfragsperpacket=0 

# Disable IP Process Options in the incoming packets.
net.inet.ip.process_options=0 	

# Disable sending ICMP redirects to prevent attacker to reach non-routable addresses, route and next hop to be known.
net.inet.ip.redirect=0 
net.inet6.ip6.redirect=0 
net.inet6.icmp6.rediraccept=0 	
net.inet6.icmp6.redirtimeout=1 	
 
# Disable Source Routing to prevent attacker to reach non-routable addresses. 
net.inet.ip.sourceroute=0 
net.inet.ip.accept_sourceroute=0	
	
# Enable packet verification to check on correct interface.
net.inet.ip.check_interface=1 	

# Enable Fast forwarding to increase 40-60% packet performance.
net.inet.ip.fastforwarding=1

# Drop packets to closed TCP ports without returning a RST. 
net.inet.tcp.blackhole=2 	

# Do not send ICMP port unreachable messages for closed UDP ports.
net.inet.udp.blackhole=1 

# Prevent touching the TTL of packets when goes through the firewall.
net.inet.ip.stealth=1 
net.inet6.ip6.stealth=1

# Slow-start flight size (initial congestion window) in number of segments.
net.inet.tcp.initcwnd_segments=44 	

# Cap the max cwnd increment during slow-start to this number of segments.
net.inet.tcp.abc_l_var=44 	

# Assume SO_KEEPALIVE on all TCP connections.
net.inet.tcp.always_keepalive=0 	

# Time before a delayed ACK is sent.
net.inet.tcp.delacktime=15 	

# Do not delay ACK to try and piggyback it onto a data packet. 
net.inet.tcp.delayed_ack=0 	

# Drop SYN-FIN packets (breaks RFC1379, but nobody uses it anyway).
net.inet.tcp.drop_synfin=1 	

# TCP FIN_WAIT_2 timeout waiting for client FIN packet before state close.
net.inet.tcp.finwait2_timeout=15 

# Recycle closed FIN_WAIT_2 connections faster.
net.inet.tcp.fast_finwait2_recycle=1 	

# TCP Fast Open (TFO) [RFC7413]. Disable TCP Fast Open client side, enforce three way TCP handshake.
net.inet.tcp.fastopen.client_enable=0 	

# Pre-shared key (PSK) mode is enabled for all TFO servers for consistency. Disable TCP Fast Open client side, enforce three way TCP handshake. 	
net.inet.tcp.fastopen.psk_enable=0 	

# TCP Fast Open (TFO) [RFC7413]. Disable TCP Fast Open client side, enforce three way TCP handshake.
net.inet.tcp.fastopen.server_enable=0 	

# Disabling the hostcache increases burst data rates.
net.inet.tcp.hostcache.cachelimit=0 	

# Disabling the hostcache increases burst data rates.
net.inet.tcp.hostcache.expire=0 	

# In order to defend against Sequence Number Attacks the ISN secret key should not be used sufficiently often that it would be regarded as predictable, and thus insecure.
net.inet.tcp.isn_reseed_interval=4500 	

# Amount of tcp keep alive probe failures before socket is forced closed. 
net.inet.tcp.keepcnt=2 	

# Time before keepalive probes begin.
net.inet.tcp.keepidle=10000 	

# Time between keepalive probes.
net.inet.tcp.keepintvl=5000 	

# TCP extended debugging.
net.inet.tcp.log_debug=0 	

# Log all incoming TCP segments to closed ports.
net.inet.tcp.log_in_vain=0 	

# Minimum TCP Maximum Segment Size.
net.inet.tcp.minmss=536 	

# Maximum Segment Lifetime, time the connection spends in TIME_WAIT state.
net.inet.tcp.msl=2500 	

# Default TCP Maximum Segment Size.
net.inet.tcp.mssdflt=1460 	

# Do not create compressed TCP TIME_WAIT entries for local connections.
net.inet.tcp.nolocaltimewait=1 	

# Disable MTU Discovery against security vulnerabilities.
net.inet.tcp.pmtud_blackhole_detection=0 

# Disable Path MTU Discovery against security vulnerabilities.
net.inet.tcp.path_mtu_discovery=0 	

# Drop TCP options from 3rd and later retransmitted SYN.
net.inet.tcp.rexmit_drop_options=1 	

# Reduce the TCP retransmit timer.
net.inet.tcp.rexmit_slop=100 	

# Using soreceive_stream for TCP sockets.
net.inet.tcp.soreceive_stream=1 	

# Per-bucket hash limit for syncache.
net.inet.tcp.syncache.bucketlimit=100 	

# Size of TCP syncache hashtable.
net.inet.tcp.syncache.hashsize=1024 	

# Limiting retranstited SYN/ACKS reduces local syn cache size and a "SYN flood" DoS attack's collateral damage by not sending SYN/ACKs back to spoofed ips, multiple times.
net.inet.tcp.syncache.rexmtlimit=0 	

# Send reset on socket allocation failure.
net.inet.tcp.syncache.rst_on_sock_fail=0 	

# As the returning ACK establishes the connection, it may be possible for an attacker to ACK flood a machine in an attempt to create a connection. Another benefit to overflowing to the point of getting a valid SYN cookie is the attacker can include data payload. Now that the attacker can send data to a FreeBSD network daemon, even using a spoofed source IP address, they can have FreeBSD do processing on the data which is not something the attacker could do without having SYN cookies. Even though syncookies are helpful during a DoS, we are going to disable syncookies at this time. 	
net.inet.tcp.syncookies=0 	

# Generate UDP Checksums.
net.inet.udp.checksum=1 	

# Log all incoming UDP packets.
net.inet.udp.log_in_vain=0 	

# Restrict AF_INET6 sockets to IPv6 addresses only.
net.inet6.ip6.v6only=1

# The hashtable increase is necessary for HTTP/3 UDP traffic due to the sheer number of malicious UDP packets creating states. 
net.pf.source_nodes_hashsize=1048576 	

# Increase size of pf states hashtable.
net.pf.states_hashsize=1048576 

# Maximum routing socket dispatch queue length.
net.route.netisr_maxqlen=2048 	

# Protect the route table from DoS attacks.
net.inet.ip.rtexpire=2 	

# Enable locking of shared memory pages in core. 	
kern.ipc.shm_use_phys=1 	

# Increase shared memory for more performance.
kern.ipc.shmall=256000 	
kern.ipc.shmmax=1000000000 	
kern.ipc.shmmni=1024 	
kern.ipc.shmseg=1024 	

# Maximum listen socket pending connection accept queue size.
kern.ipc.soacceptqueue=2048 	

# Increase size of the listen queue for accepting new TCP connections.
kern.ipc.somaxconn=2048 	

# Max open files.
kern.openfiles=1024 	

# Maximum number of files open.
kern.maxfiles=100000 	

# Maximum process shared memory.
kern.maxproc=100000 	

# Maximum number of file descriptors on your system. 
kern.maxusers=1024 	

# Interactivity score threshold.
kern.sched.interact=5 	

# Quantum for timeshare threads in stathz ticks.
kern.sched.slice=1 

# Time to delay syncing directories, metadata & files.
kern.dirdelay=3 
kern.metadelay=2 	
kern.filedelay=5 	
	
# Increase length of the arguments exceeding the kernel.
kern.ps_arg_cache_limit=4096 	

# Disable forwarding of a signal to a process on a different CPU.
kern.smp.forward_signal_enabled=0 	

# Raise the number of allowed threads per process.
kern.threads.max_threads_per_proc=4096 	

# Flush L1 Data Cache on NMI exit, software bhyve L1TF mitigation assist.
machdep.nmi_flush_l1d_sw=1 	

# Increase maximum size of the IP input queue.
net.inet.ip.intr_queue_maxlen=4096 	

# First Portrange for outgoing connections.
net.inet.ip.portrange.first=10000 	

# Maximum number of random port allocations before switching to a sequental one. 	
net.inet.ip.portrange.randomcps=9999 	

# Enable random port allocation.
net.inet.ip.portrange.randomized=1 	

# Minimum time to keep sequental port allocation before switching to a random one.
net.inet.ip.portrange.randomtime=1 	

# Increase UFS read-ahead speeds (better disk performance - particularly for SSDs) to match the state of hard drives and NCQ.
vfs.read_max=128 	

# Disable Internet Group Management Protocol (IGMP).
net.inet.igmp.recvifkludge=0 	
net.inet.igmp.sendlocal=0 	
net.inet.igmp.sendra=0 	
net.inet.igmp.v1enable=0 	
net.inet.igmp.v2enable=0 	

# Disable loopback multicast datagrams.
net.inet.ip.mcast.loop=0 	

# Disable Multicast Listener Discovery (MLD).
net.inet6.mld.use_allow=0 	
net.inet6.mld.v1enable=0 	
net.inet6.mld.v2enable=0 	

# Disable Panic on NMI raised by hardware failure.
machdep.panic_on_nmi=0 	

# For best performance set to 1. bpf is write-only unless program explicitly specifies the read filter. *Don't enable or opnsense firewall logs stop working*.
net.bpf.optimize_writers=0 	

# No ABORT is sent back in response to an out-of-the-blue packet.	
net.inet.sctp.blackhole=2 	

# Disable sending of the SACK-IMMEDIATELY-bit.
net.inet.sctp.enable_sack_immediately=0 	

# Enable SCTP PKTDROP.
net.inet.sctp.pktdrop_enable=1 	

# Default congestion control module. Default value is 0. The minimum is 0, and the maximum is 3. A value of 0 enables the default congestion control algorithm. A value of 1 enables the High Speed congestion control algorithm. A value of 2 enables the HTCP congestion control algorithm. A value of 3 enables the data center congestion control (DCCC) algorithm.
net.inet.sctp.default_cc_module=2
	     
# Make IPsec tunnel ECN-friendly when set to 1.
net.inet.ipsec.ecn=0           
net.inet6.ipsec6.ecn=0	        

# Maximum number of outgoing ICMPv6 error messages per second.
net.inet6.icmp6.errppslimit=1 	

# Disable loopback route when configuring an IPv6 address.
net.inet6.icmp6.nd6_useloopback=0 	

# Disable RF4620 node information query types.
net.inet6.icmp6.nodeinfo=0 	

# Don't join old IPv6 NI group address in draft-ietf-ipngwg-icmp-name-lookup for compatibility with KAME implementation.
net.inet6.icmp6.nodeinfo_oldmcprefix=0 

# Disable accepting ICMPv6 RA messages.
net.inet6.ip6.accept_rtadv=0 	

# Disable automatically adding an IPv6 link-local address to interfaces when attached.
net.inet6.ip6.auto_linklocal=0 	

# Number of ICMPv6 NS messages sent during duplicate address detection.
net.inet6.ip6.dad_count=0 	

# Disable Enhanced DAD, which adds a random nonce to NS messages for DAD.
net.inet6.ip6.dad_enhanced=0 	

# Disable IPv6 Forwarding. (Disable if you don't use IPV6 routing).
net.inet6.ip6.forwarding=0 	

# Default maximum number of IPv6 extension headers permitted on incoming IPv6 packets, 0 for no artificial limit.
net.inet6.ip6.hdrnestlimit=0 	

# Maximum size of the IPv6 input queue.
net.inet6.ip6.intr_queue_maxlen=2048 	

# Disable IPv6 loopback multicast datagrams.
net.inet6.ip6.mcast.loop=0 	

# Disable routers sending ICMPv6 RA messages on interfaces added into the default router list.
net.inet6.ip6.no_radr=1 	

# Disable the default router list from ICMPv6 RA messages even when packet forwarding is enabled.
net.inet6.ip6.rfc6204w3=0 	
 	
# Disable the use of IPv6 addresses whose preferred lifetimes have expired.
net.inet6.ip6.use_deprecated=0 	

# Enable privacy settings for IPv6 (RFC 4941).
net.inet6.ip6.use_tempaddr=1 	
net.inet6.ip6.prefer_tempaddr=1 	 	1 	

# When the value is zero the stack always use a new SA.
net.key.preferred_oldsa=0 	

# Enable filtering on the bridge interface.
net.link.bridge.pfil_bridge=1 	

# Enable additionally filter on the physical interface for locally destined packets.
net.link.bridge.pfil_local_phys=1 	

# Enable filtering on the incoming and outgoing member interfaces. 
net.link.bridge.pfil_member=1

# Only allow IP packets to pass (subject to firewall rules), set to 0 to unconditionally pass all non-IP Ethernet frames.
net.link.bridge.pfil_onlyip=1 	

# Allow unprivileged access to tap(4) device nodes.
net.link.tap.user_open=0 	

# CPU Power Saving.
# See 'sysctl dev.cpu.0.cx_supported' what lowest CPU sleep states are supported. (for 24/7 active router use C0 or C1 and for desktop use the highest deep sleeping state to save power!)
hw.acpi.cpu.cx_lowest=C1
# See "sysctll dev.cpu.0.freq_levels" what lowest CPU frequencies are supported.
debug.cpufreq.lowest=600

# PCI Power saving put absolutely everything in D3 state. 
hw.pci.do_power_nodriver=3 	

# Deny a process to chroot if it has a directory open.	
kern.chroot_allow_open_directories=0 	

# Revoke mmap access to files via copy-on-write semantics, or by removing all write access.
security.mac.mmap_revocation_via_cow=1 	

# Unprivileged processes prevented from sending certain signals to processes whose credentials have changed.
security.bsd.conservative_signals=1 	

# Unprivileged processes cannot create hard links to files owned by other groups.
security.bsd.hardlink_check_gid=1 	

# Unprivileged processes cannot create hard links to files owned by other users.
security.bsd.hardlink_check_uid=1	 	

# Permit processes to map an object at virtual address zero.
security.bsd.map_at_zero=0 	

# Hide processes running as other groups.	
security.bsd.see_other_gids=0

# Hide processes running as other users.
security.bsd.see_other_uids=0
	
# Disable non-root users to call mlock.
security.bsd.unprivileged_mlock=0 	

# Unprivileged processes may use process debugging facilities.
security.bsd.unprivileged_proc_debug=0 	

# Unprivileged processes may read the kernel message buffer.
security.bsd.unprivileged_read_msgbuf=0 	

# Hide running running processes match jails.
security.bsd.see_jail_proc=0 

# Disable processes in jail can set their hostnames.
security.jail.set_hostname_allowed=0 

# Lower the system load average under FreeBSD. Allows to choose periodic and one-shot operation mode. In periodic mode, periodic interrupts from timer hardware are taken as the only source of time for time events. One-shot mode instead uses currently selected time counter to precisely schedule all needed events and programs event timer to generate interrupt exactly in speci-fied time. Default value depends of chosen timer capabilities, but one-shot mode is preferred, until other is forced by user or hardware. 	
kern.eventtimer.periodic=0 	

# Disable USB Enumeration if don't need it.
hw.usb.disable_enumeration=1 	
dev.uhub.0.disable_enumeration=1 	
dev.uhub.1.disable_enumeration=1 

# Disable USB Port Power if don't need it.
hw.usb.disable_port_power=1 
dev.uhub.0.disable_port_power=1 	
dev.uhub.1.disable_port_power=1 

# Disable KDB on NMI.
machdep.kdb_on_nmi=0 
	
# Restrict ability to change keymap.
hw.kbd.keymap_restrict_change=4 

# Disable key combination to enter debugger. 
kern.vt.kbd_debug=0 	

# Disable keyboard debug.
w.syscons.kbd_debug=0 	

Disable CTRL+ALT+Delete reboot from keyboard.
hw.syscons.kbd_reboot=0

# Disable coredump and text dumps.
kern.nodump_coredump=1 
kern.coredump=0 	
kern.coredump_pack_fileinfo=0 	
kern.coredump_pack_vmmapinfo=0 
debug.minidump=0 	
debug.trace_all_panics=0 	
debug.trace_on_panic=0 	
debug.ddb.textdump.do_config=0 	
debug.ddb.textdump.do_ddb=0 	
debug.ddb.textdump.do_msgbuf=0 	
debug.ddb.textdump.do_panic=0 	
debug.ddb.textdump.do_version=0 	

# Disable device nodes & metadata format if don't use them.
kern.geom.label.ext2fs.enable=0 	
kern.geom.label.msdosfs.enable=0 	
kern.geom.label.ntfs.enable=0 	
kern.geom.label.reiserfs.enable=0 	
kern.geom.raid.enable=0 
kern.geom.raid.concat.enable=0 	
kern.geom.raid.ddf.enable=0 	
kern.geom.raid.intel.enable=0 	
kern.geom.raid.jmicron.enable=0 	
kern.geom.raid.nvidia.enable=0 	
kern.geom.raid.promise.enable=0 	
kern.geom.raid.raid0.enable=0 	
kern.geom.raid.raid1.enable=0 	
kern.geom.raid.raid1e.enable=0 	
kern.geom.raid.raid5.enable=0 	
kern.geom.raid.sii.enable=0

Now for the other FreeBSD sysctl tunables you need to create a new file in /boot/loader.conf.local because can only be activated on boot.

machdep.hyperthreading_allowed="0"
machdep.disable_mtrrs="1"
machdep.syscall_ret_flush_l1d="1"
hw.spec_store_bypass_disable="1"
hw.mds_disable="3"
hw.hn.enable_udp4cs="0"  
hw.hn.enable_udp6cs="0" 
hw.hn.trust_hostudp="0"
hw.hn.trust_hostip="0"
hw.hn.trust_hosttcp="0"
hw.vtnet.rx_process_limit="-1"
hw.vtnet.mq_disable="1"
hw.vtnet.lro_disable="1"
hw.vtnet.tso_disable="1"
hw.vtnet.csum_disable="1"
kern.ipc.nmbclusters="1000000"
kern.ipc.nmbjumbop="524288"
net.inet.tcp.tcbhashsize="65536"
kern.ipc.numopensockets="2048"
net.link.ifqmaxlen="4096"
net.isr.defaultqlimit="4096"
net.isr.dispatch="deferred"
net.isr.bindthreads="1"
net.isr.maxthreads="-1"
net.isr.numthreads="-1"
kern.racct.enable="1"
kern.features.compat_freebsd_32bit="0"
kern.features.ipsec="0"
kern.features.inet6="0"
kern.features.pps_sync="0"
kern.features.nfsd="0"
kern.features.nfscl="0"
kern.features.scbus="0"
kern.features.kdtrace_hooks="0"	
kern.features.ktrace="0"	
kern.features.netdump="0"
kern.smp.maxcpus="-1"
debug.acpi.max_threads="-1"
hw.mca.enabled="0"
microcode_update_enable="YES"
cc_htcp_load="YES"
if_ath_load="YES"
if_bridge_load="NO"
if_enc_load="NO"
if_gif_load="NO"
if_gre_load="NO"
if_lagg_load="NO"
if_tap_load="NO"
if_tun_load="NO"
pfsync_load="NO"
ppp_enable="NO"
pppoed_enable="YES"
icmp_drop_redirect="YES"
icmp_log_redirect="YES"
icmp_bmcastecho="NO"
accept_sourceroute="NO"
forward_sourceroute="NO"
tcp_extensions="NO"
tcp_drop_synfin="YES"
tcp_rack_load="YES"
syslogd_flags="-ss"
sendmail_enable="NONE"
sendmail_submit_enable="NO"
sendmail_outbound_enable="NO"
sendmail_msp_queue_enable="NO"
sshguard_enable="YES"
rpcbind_enable="NO"
nfs_client_enable="NO"
nfs_server_enable="NO"
mountd_enable="NO"
inetd_enable="NO"
ftpproxy_enable="NO"
ipv6_enable="NO"
ipv6_prefer="NO"
ipv6_activate_all_interfaces="NO"
ipv6_privacy="YES"
ipv6_cpe_wanif="NO"
ipv6_ipv4mapping="NO"
ipv6_gateway_enable="NO"
ubthidhci_enable="NO"
bthidd_enable="NO"
hcsecd_enable="NO"
rfcomm_pppd_server_enable="NO"
sdpd_enable="NO"
ipsec_enable="NO"
ftpd_enable="NO"
linux_enable="NO"
lpd_enable="NO"
rtsold_enable="NO"
bsnmpd_enable="NO"
rtadvd_enable="NO"
route6d_enable="NO"
nis_server_enable="NO"
nis_ypxfrd_enable="NO"
nis_ypset_enable="NO"
nis_ypldap_enable="NO"
nis_client_enable="NO"
keyserv_enable="NO"
timed_enable="NO"
rpc_statd_enable="NO"
rpc_lockd_enable="NO"
nfscbd_enable="NO"
nfsuserd_enable="NO"
nfsv4_server_enable="NO"
rwhod_enable="NO"
fsck_y_enable="YES"
kdc_enable="NO"
kfd_enable="NO"
kadmind_enable="NO"
ctld_enable="NO"
iscsid_enable="NO"
iscsictl_enable="NO"
virecover_enable="NO"
mixer_enable="NO"
netwait_enable="NO"
cfumass_load="NO"
amd_enable="NO"
rwhod_enable="NO"
hastd_enable="NO"
harvest_mask="351"
performance_cpu_freq="LOW"
performance_cx_lowest="LOW"
economy_cx_lowest="LOW"
powerd_enable="YES"
ddb_enable="NO"
savecore_enable="NO"
dumpdev="NO"
update_motd="NO"
clear_tmp_enable="YES"
kern_securelevel_enable="YES"
kern_securelevel="0"

Please Donate to support my work and website! Thank you!

Bitcoin (BTC): bc1qh57ull2dlr6nyplxnylg3nknzzhjxhy0s30w6z

Ethereum (ETH): 0x8a71dec3d344ca8a2e55a5499b1643f37c1ee6ac

Polkadot (DOT): 148kirRpkuwUnP47bRXZhQxR3P7jVrBvuq1kYTvLe5kg8dfn

Tether (USDT): 0x8a71dec3d344ca8a2e55a5499b1643f37c1ee6ac

Litecoin (LTC): LhpN9rMg83CnBwEZdtRNAG718b9fts8qpE

Dogecoin (DOGE): DEazATJowtTJmCiMMGa3hnMYFBcZUQmLt9

Cardano (ADA): addr1qx9dy20ur3k4k5vtgqd7ez2kjq2x88sdv3xju833xnxvrzy26g5lc8rdtdgcksqmajy4dyq5vw0q6ezd9c0rzdxvcxyq07ejmp

Leave a Reply Cancel reply

[webapps] unilogies/bumsys v1.0.3 beta - Unrestricted File Upload

31 May 2023

unilogies/bumsys v1.0.3 beta - Unrestricted File Upload [...]

[webapps] SCRMS 2023-05-27 1.0 - Multiple SQL Injection

31 May 2023

SCRMS 2023-05-27 1.0 - Multiple SQL Injection [...]

[webapps] Online Security Guards Hiring System 1.0 - Reflected XSS

31 May 2023

Online Security Guards Hiring System 1.0 - Reflected XSS [...]

[remote] Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit)

31 May 2023

Flexense HTTP Server 10.6.24 - Buffer Overflow (DoS) (Metasploit) [...]

[webapps] Faculty Evaluation System 1.0 - Unauthenticated File Upload

31 May 2023

Faculty Evaluation System 1.0 - Unauthenticated File Upload [...]

[webapps] Pydio Cells 4.1.2 - Unauthorised Role Assignments

31 May 2023

Pydio Cells 4.1.2 - Unauthorised Role Assignments [...]

[webapps] Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download

31 May 2023

Pydio Cells 4.1.2 - Cross-Site Scripting (XSS) via File Download [...]

[webapps] Pydio Cells 4.1.2 - Server-Side Request Forgery

31 May 2023

Pydio Cells 4.1.2 - Server-Side Request Forgery [...]

[webapps] Rukovoditel 3.3.1 - CSV injection

31 May 2023

Rukovoditel 3.3.1 - CSV injection [...]

[webapps] MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI)

31 May 2023

MotoCMS Version 3.4.3 - Server-Side Template Injection (SSTI) [...]

[webapps] Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)

26 May 2023

Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI) [...]

[local] Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation

25 May 2023

Filmora 12 version ( Build 1.0.0.7) - Unquoted Service Paths Privilege Escalation [...]

[webapps] WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS)

25 May 2023

WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS) [...]

[webapps] Zenphoto 1.6 - Multiple stored XSS

25 May 2023

Zenphoto 1.6 - Multiple stored XSS [...]

[webapps] Ulicms 2023.1 - create admin user via mass assignment

25 May 2023

Ulicms 2023.1 - create admin user via mass assignment [...]

[remote] Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit)

25 May 2023

Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit) [...]

[webapps] SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated)

25 May 2023

SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated) [...]

[webapps] Service Provider Management System v1.0 - SQL Injection

24 May 2023

Service Provider Management System v1.0 - SQL Injection [...]

[webapps] Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) via subprocess_execute

24 May 2023

Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE) via subprocess_execute [...]

[webapps] eScan Management Console 14.0.1400.2281 - Cross Site Scripting

23 May 2023

eScan Management Console 14.0.1400.2281 - Cross Site Scripting [...]

[webapps] eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated)

23 May 2023

eScan Management Console 14.0.1400.2281 - SQL Injection (Authenticated) [...]

[local] Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution

23 May 2023

Gin Markdown Editor v0.7.4 (Electron) - Arbitrary Code Execution [...]

[webapps] Affiliate Me Version 5.0.1 - SQL Injection

23 May 2023

Affiliate Me Version 5.0.1 - SQL Injection [...]

[webapps] LeadPro CRM v1.0 - SQL Injection

23 May 2023

LeadPro CRM v1.0 - SQL Injection [...]

[local] Yank Note v3.52.1 (Electron) - Arbitrary Code Execution

23 May 2023

Yank Note v3.52.1 (Electron) - Arbitrary Code Execution [...]

CVE-2015-10106 | mback2k mh_httpbl Extension up to 1.1.7 on TYPO3 mod1/index.php moduleContent sql injection (TYPO3-EXT-SA-2015-021)

31 May 2023

A vulnerability classified as critical was found in mback2k mh_httpbl Extension up to 1.1.7 on TYPO3. This vulnerability affects the function moduleContent of the file mod1/index.php. The manipulation leads to… [...]

CVE-2022-48388 | Unisoc S8000 powerEx service permission

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been rated as critical. Affected… [...]

CVE-2022-48387 | Unisoc S8000 apipe driver out-of-bounds write

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been declared as problematic. Affected… [...]

CVE-2023-3018 | SourceCodester Lost and Found Information System 1.0 /admin/ access control

31 May 2023

A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/?page=user/list. The manipulation leads… [...]

CVE-2022-48385 | Unisoc S8000 cp_dump Driver out-of-bounds write

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000 and classified as problematic. This issue affects… [...]

CVE-2022-48384 | Unisoc S8000 srtd service permission

31 May 2023

A vulnerability has been found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000 and classified as problematic. This vulnerability… [...]

CVE-2022-48383 | Unisoc S8000 srtd service permission

31 May 2023

A vulnerability, which was classified as problematic, was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. This affects… [...]

CVE-2022-48382 | Unisoc S8000 Log Service out-of-bounds write

31 May 2023

A vulnerability, which was classified as critical, has been found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. Affected… [...]

CVE-2022-48381 | Unisoc S8000 Modem Control Device out-of-bounds write

31 May 2023

A vulnerability classified as critical was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. Affected by this vulnerability… [...]

CVE-2022-48380 | Unisoc S8000 Modem Control Device out-of-bounds write

31 May 2023

A vulnerability classified as critical has been found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. Affected is an… [...]

CVE-2022-48379 | Unisoc S8000 Dialer Service denial of service

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been rated as problematic. This… [...]

CVE-2022-48377 | Unisoc S8000 Dialer Service denial of service

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been classified as problematic. This… [...]

CVE-2022-48375 | Unisoc S8000 contacts service authorization

31 May 2023

CVE-2022-48374 | Unisoc S8000 tee service out-of-bounds write

31 May 2023

CVE-2022-48373 | Unisoc S8000 tee service out-of-bounds write

31 May 2023

A vulnerability, which was classified as critical, has been found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. This… [...]

CVE-2022-48372 | Unisoc S8000 bootcp service out-of-bounds write

31 May 2023

A vulnerability classified as critical was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. This vulnerability affects unknown… [...]

CVE-2022-48250 | Unisoc S8000 Audio Service permission

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been declared as critical. Affected… [...]

CVE-2022-48249 | Unisoc S8000 Audio Service permission

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been classified as critical. Affected… [...]

CVE-2022-48248 | Unisoc S8000 Audio Service permission

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000 and classified as critical. This issue affects… [...]

CVE-2022-48247 | Unisoc S8000 Audio Service permission

31 May 2023

A vulnerability has been found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000 and classified as critical. This vulnerability… [...]

CVE-2022-48246 | Unisoc S8000 Audio Service permission

31 May 2023

A vulnerability, which was classified as critical, was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. This affects… [...]

CVE-2022-48245 | Unisoc S8000 Audio Service permission

31 May 2023

CVE-2022-48244 | Unisoc S8000 Audio Service permission

31 May 2023

CVE-2022-48241 | Unisoc S8000 Telephony Service null pointer dereference

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been rated as problematic. This… [...]

CVE-2022-48240 | Unisoc S8000 Camera Driver out-of-bounds write

31 May 2023

A vulnerability was found in Unisoc SC9863A, SC9832E, SC7731E, T610, T310, T606, T760, T610, T618, T606, T612, T616, T760, T770, T820 and S8000. It has been declared as critical. This… [...]

CVE-2022-47525

31 May 2023

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue… [...]

CVE-2023-2547

31 May 2023

The Feather Login Page plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'deleteUser' function in versions starting from 1.0.7 up… [...]

CVE-2023-2987

31 May 2023

The Wordapp plugin for WordPress is vulnerable to authorization bypass due to an use of insufficiently unique cryptographic signature on the 'wa_pdx_op_config_set' function in versions up to, and including, 1.5.0.… [...]

CVE-2015-10107

31 May 2023

A vulnerability was found in Simplr Registration Form Plus+ Plugin up to 2.3.4 on WordPress and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross… [...]

CVE-2023-2436

31 May 2023

The Blog-in-Blog plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blog_in_blog' shortcode in versions up to, and including, 1.1.1 due to insufficient input sanitization and output escaping… [...]

CVE-2023-2998

31 May 2023

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14. (CVSS:0.0) (Last Update:2023-05-31) [...]

CVE-2023-30197

31 May 2023

Incorrect Access Control in the module "My inventory" (myinventory) [...]

CVE-2023-28348

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. A suitably positioned attacker could perform a man-in-the-middle attack on either a connected student or teacher, enabling them to intercept… [...]

CVE-2023-28349

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a crafted program that functions similarly to the Teacher Console. This can… [...]

CVE-2023-28346

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for a remote attacker to communicate with the private API endpoints exposed at /login, /consoleSettings, /console, etc.… [...]

CVE-2023-28347

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. It is possible for an attacker to create a proof-of-concept script that functions similarly to a Student Console, providing unauthenticated… [...]

CVE-2023-28345

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application exposes the teacher's Console password in cleartext via an API endpoint accessible from localhost. Attackers… [...]

CVE-2023-28344

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. The Insight Teacher Console application allows unauthenticated attackers to view constantly updated screenshots of student desktops and to submit falsified… [...]

CVE-2022-47526

31 May 2023

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution… [...]

CVE-2021-31233

31 May 2023

SQL Injection vulnerability found in Fighting Cock Information System v.1.0 allows a remote attacker to obtain sensitive information via the edit_breed.php parameter. (CVSS:0.0) (Last Update:2023-05-31) [...]

CVE-2023-28350

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Attacker-supplied input is not validated/sanitized before being rendered in both the Teacher and Student Console applications, enabling an attacker to… [...]

CVE-2023-23562

31 May 2023

Stormshield Endpoint Security 2.3.0 through 2.3.2 has Incorrect Access Control that allows an authenticated user can update global parameters. (CVSS:0.0) (Last Update:2023-05-31) [...]

CVE-2023-28351

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. Every keystroke made by any user on a computer with the Student application installed is logged to a world-readable directory.… [...]

CVE-2023-2999

31 May 2023

Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14. (CVSS:0.0) (Last Update:2023-05-31) [...]

CVE-2023-28352

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. By abusing the Insight UDP broadcast discovery system, an attacker-controlled artificial Student Console can connect to and attack a Teacher… [...]

CVE-2014-125103

31 May 2023

A vulnerability was found in BestWebSoft Twitter Plugin up to 1.3.2 on WordPress. It has been declared as problematic. Affected by this vulnerability is the function twttr_settings_page of the file… [...]

CVE-2023-28353

31 May 2023

An issue was discovered in Faronics Insight 10.0.19045 on Windows. An unauthenticated attacker is able to upload any type of file to any location on the Teacher Console's computer, enabling… [...]

CVE-2023-2435

31 May 2023

The Blog-in-Blog plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.1.1 via a shortcode attribute. This allows editor-level, and above, attackers to include… [...]

CVE-2023-29742

31 May 2023

An issue found in BestWeather v.7.3.1 for Android allows unauthorized apps to cause a code execution attack by manipulating the database. (CVSS:0.0) (Last Update:2023-05-31) [...]

CVE-2023-2545

31 May 2023

The Feather Login Page plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getListOfUsers' function in versions starting from 1.0.7 up… [...]

CVE-2023-33643

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddWlanMacList interface at /goform/aspForm. [...]

CVE-2023-33640

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetAPWifiorLedInfoById interface at /goform/aspForm. [...]

CVE-2023-33641

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the AddMacList interface at /goform/aspForm. [...]

CVE-2023-33642

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID interface at /goform/aspForm. [...]

CVE-2023-33627

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateSnat interface at /goform/aspForm. [...]

CVE-2023-33628

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelvsList interface at /goform/aspForm. [...]

CVE-2023-33632

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_dellist interface at /goform/aspForm. [...]

CVE-2023-33638

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the Edit_BasicSSID_5G interface at /goform/aspForm. [...]

CVE-2023-33639

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the SetMobileAPInfoById interface at /goform/aspForm. [...]

CVE-2023-33636

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. [...]

CVE-2023-33637

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. [...]

CVE-2023-33635

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateMacClone interface at /goform/aspForm. [...]

CVE-2023-33633

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm. [...]

CVE-2023-33634

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm. [...]

CVE-2023-33631

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DelSTList interface at /goform/aspForm. [...]

CVE-2023-33630

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the EditvsList interface at /goform/aspForm. [...]

CVE-2023-33629

31 May 2023

H3C Magic R300 version R300-2100MV100R004 was discovered to contain a stack overflow via the DeltriggerList interface at /goform/aspForm. [...]

CVE-2023-3006

31 May 2023

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious… [...]

CVE-2022-48502

31 May 2023

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in… [...]

CVE-2023-34257

31 May 2023

** DISPUTED ** An issue was discovered in BMC Patrol through 23.1.00. The agent's configuration can be remotely modified (and, by default, authentication is not required). Some configuration fields related… [...]

CVE-2021-45039

31 May 2023

Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote… [...]

CVE-2023-34256

31 May 2023

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an… [...]

CVE-2023-34255

31 May 2023

An issue was discovered in the Linux kernel through 6.3.5. There is a use-after-free in xfs_btree_lookup_get_block in fs/xfs/libxfs/xfs_btree.c because fs/xfs/xfs_buf_item_recover.c does not perform buffer content verification when log replay is… [...]

CVE-2023-34258

31 May 2023

An issue was discovered in BMC Patrol before 22.1.00. The agent's configuration can be remotely queried. This configuration contains the Patrol account password, encrypted with a default AES key. This… [...]

CVE-2023-33730

31 May 2023

Privilege Escalation in the "GetUserCurrentPwd" function in Microworld Technologies eScan Management Console 14.0.1400.2281 allows any remote attacker to retrieve password of any admin or normal user in plain text format. [...]

VU#782720: TCG TPM2.0 implementations vulnerable to memory corruption

28 February 2023

Overview Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access… [...]

VU#572615: Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2

17 January 2023

Overview TP-Link router WR710N-V1-151022 running firmware published 2015-10-22 and Archer-C5-V2-160201 running firmware published 2016-02-01 are susceptible to two vulnerabilities: A buffer overflow during HTTP Basic Authentication allowing a remote attacker… [...]

VU#986018: New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities

17 January 2023

Overview Netcomm router models NF20MESH, NF20, and NL1902 running software versions earlier than R6B035 contain two vulnerabilities. The first is an authentication bypass vulnerability that allows an unauthenticated user to… [...]

VU#709991: Netatalk contains multiple error and memory management vulnerabilities

16 November 2022

Overview There are six new vulnerabilities in the latest release of Netatalk (3.1.12) that could allow for Remote Code Execution as well as Out-of-bounds Read. Description Below are the new… [...]

VU#434994: Multiple race conditions due to TOCTOU flaws in various UEFI Implementations

8 November 2022

Overview Multiple Unified Extensible Firmware Interface (UEFI) implementations are vulnerable to code execution in System Management Mode (SMM) by an attacker who gains administrative privileges on the local machine. An… [...]

VU#794340: OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly

1 November 2022

Overview Two buffer overflow vulnerabilities were discovered in OpenSSL versions 3.0.0 through 3.0.6. These vulnerabilities were introduced in version 3.0.0 with the inclusion of support for punycode email address parsing… [...]

VU#730793: Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference

7 October 2022

Overview The Heimdal Software Kerberos 5 implementation is vulnerable to a null pointer dereferance. An attacker with network access to an application that depends on the vulnerable code path can… [...]

VU#915563: Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

3 October 2022

Overview Microsoft Exchange Server 2019, Exchange Server 2016 and Exchange Server 2013 are vulnerable to a server-side request forgery (SSRF) attack and remote code execution. An authenticated attacker can use… [...]

VU#855201: L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers

27 September 2022

Overview Layer-2 (L2) network security controls provided by various devices, such as switches, routers, and operating systems, can be bypassed by stacking Ethernet protocol headers. An attacker can send crafted… [...]

VU#309662: Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass

11 August 2022

Overview A security feature bypass vulnerability exists in signed 3rd party UEFI bootloaders that allows bypass of the UEFI Secure Boot feature. An attacker who successfully exploits this vulnerability can… [...]

VU#495801: muhttpd versions 1.1.5 and earlier are vulnerable to path traversal

4 August 2022

Overview Versions 1.1.5 and earlier of the mu HTTP deamon (muhttpd) are vulnerable to path traversal via crafted HTTP request from an unauthenticated user. This vulnerability can allow unauthenticated users… [...]

VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

21 June 2022

Overview SMA Technologies OpCon UNIX agent adds the same SSH key on every installation and subsequent updates. An attacker with access to the private key can gain root access on… [...]

VU#473698: uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID

9 May 2022

Overview The uClibc and uClibc-ng libraries, prior to uClibc-ng 1.0.41, are vulnerable to DNS cache poisoning due to the use of predicatble DNS transaction IDs when making DNS requests. This… [...]

VU#730007: Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

28 April 2022

Overview Tychon contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable that specifies a location where an unprivileged Windows user may be able to place files.… [...]

VU#411271: Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

28 April 2022

Overview Prior to version 5.14, Qt hard-codes the qt_prfxpath value to a fixed value, which may lead to privilege escalation vulnerabilities in Windows software that uses Qt. Description Prior to… [...]

Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi, (Tue, May 30th)

31 May 2023

Apache NiFi describes itself as &#xe2;&#x80;&#x9c;an easy-to-use, powerful, and reliable system to process and distribute data.&#xe2;&#x80;&#x9d; &#x5b;1&#x5d; In simple terms, NiFi implements a web-based interface to define how data is… [...]

ISC Stormcast For Wednesday, May 31st, 2023 https://isc.sans.edu/podcastdetail/8518, (Wed, May 31st)

31 May 2023

ISC Stormcast For Tuesday, May 30th, 2023 https://isc.sans.edu/podcastdetail/8516, (Tue, May 30th)

30 May 2023

Malspam pushes ModiLoader (DBatLoader) infection for Remcos RAT, (Tue, May 30th)

30 May 2023

Introduction [...]

Analyzing Office Documents Embedded Inside PPT (PowerPoint) Files, (Mon, May 29th)

29 May 2023

I was asked how to analyze Office Documents that are embedded inside PPT files. PPT is the "standard" binary format for PowerPoint, it&#39;s an olefile. You can analyze it with… [...]

Wireshark 4.0.6 Released, (Mon, May 29th)

29 May 2023

Wireshark version 4.0.6 was released with 9 vulnerabilities and 15 bugs fixed. [...]

We Can no Longer Ignore the Cost of Cybersecurity, (Sun, May 28th)

28 May 2023

I read recently that disregarding cyber risks is a way of inviting trouble and unnecessary attention to any organization. Cyber threats is nothing new, everyone is a target taking many… [...]

DocuSign-themed email leads to script-based infection, (Sat, May 27th)

27 May 2023

Introduction [...]

Using DFIR Techniques To Recover From Infrastructure Outages, (Fri, May 26th)

26 May 2023

Recently, I was involved in a network outage caused by a defective pfSense firewall appliance. Due to&#xc2;&#xa0;storage issues (with the onboard flash), the firewall did not boot anymore. This can… [...]

ISC Stormcast For Friday, May 26th, 2023 https://isc.sans.edu/podcastdetail/8514, (Fri, May 26th)

26 May 2023

CVE-2022-48336 - Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48336 [+] Title : Buffer Overflow in Widevine Trustlet (PRDiagParseAndStoreData @ 0x5cc8) [+] Vendor : Google [+]… [...]

CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48335 [+] Title : Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) [+] Vendor : Google [+]… [...]

CVE-2022-48334 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48334 [+] Title : Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x7370) [+] Vendor : Google [+]… [...]

CVE-2022-48333 - Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48333 [+] Title : Buffer Overflow in Widevine Trustlet (drm_verify_keys @ 0x730c) [+] Vendor : Google [+]… [...]

CVE-2022-48332 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48332 [+] Title : Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x6a18) [+] Vendor : Google [+]… [...]

CVE-2022-48331 - Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0)

30 May 2023

Posted by Cyber Intel Security on May 301. INFORMATION -------------- [+] CVE : CVE-2022-48331 [+] Title : Buffer Overflow in Widevine Trustlet (drm_save_keys @ 0x69b0) [+] Vendor : Google [+]… [...]

SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer

30 May 2023

Posted by Lennert Preuth via Fulldisclosure on May 30Title ===== SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer Status ====== PUBLISHED Version ======= 1.0 CVE reference ============= CVE-2023-33255 Link ==== https://www.schutzwerk.com/advisories/SCHUTZWERK-SA-2022-001/ Text-only… [...]

[RT-SA-2023-005] Pydio Cells: Server-Side Request Forgery

30 May 2023

Posted by RedTeam Pentesting GmbH on May 30For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be… [...]

[RT-SA-2023-004] Pydio Cells: Cross-Site Scripting via File Download

30 May 2023

Posted by RedTeam Pentesting GmbH on May 30Advisory: Pydio Cells: Cross-Site Scripting via File Download Pydio Cells implements the download of files using presigned URLs which are generated using the… [...]

[RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments

30 May 2023

Posted by RedTeam Pentesting GmbH on May 30Advisory: Pydio Cells: Unauthorised Role Assignments Pydio Cells allows users by default to create so-called external users in order to share files with… [...]

Printerlogic multiple vulnerabilities

30 May 2023

Posted by Eldar Marcussen on May 29PrinterLogic SaaS, multiple vulnerabilities =========================================================== PrinterLogic's Enterprise Print Management software allows IT professionals to simplify printer driver management and empower end users. -- https://www.printerlogic.com/… [...]

SEC Consult SA-20230517-0 :: Stored XSS vulnerability in rename functionality in Wekan (Open-Source kanban)

30 May 2023

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 29SEC Consult Vulnerability Lab Security Advisory < 20230517-0 > ======================================================================= title: Stored XSS vulnerability in rename functionality product: Wekan… [...]

SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software

30 May 2023

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 29SEC Consult Vulnerability Lab Security Advisory < 20230516-0 > ======================================================================= title: Multiple Vulnerabilities product: Serenity and StartSharp Software vulnerable… [...]

APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6

30 May 2023

Posted by Apple Product Security via Fulldisclosure on May 29APPLE-SA-2023-05-18-2 iOS 15.7.6 and iPadOS 15.7.6 iOS 15.7.6 and iPadOS 15.7.6 addresses the following issues. Information about the security content is… [...]

APPLE-SA-2023-05-18-7 watchOS 9.5

30 May 2023

Posted by Apple Product Security via Fulldisclosure on May 29APPLE-SA-2023-05-18-7 watchOS 9.5 watchOS 9.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213764. Apple maintains… [...]

PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass

30 May 2023

Topic: PrinterLogic Build 1.0.757 XSS / SQL Injection / Authentication Bypass Risk: Medium Text:PrinterLogic SaaS, multiple vulnerabilities == PrinterLogic's Enterprise Print Management software allows ... [...]

Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow

30 May 2023

Topic: Widevine Trustlet 5.x / 6.x / 7.x PRDiagVerifyProvisioning Buffer Overflow Risk: High Text:1. INFORMATION -- [+] CVE : CVE-2022-48335 [+] Title : Buffer Overflow in Widevine Trustlet ... [...]

Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens

30 May 2023

Topic: Serenity / StartSharp Software File Upload / XSS / User Enumeration / Reusable Tokens Risk: High Text:SEC Consult Vulnerability Lab Security Advisory == title: Multiple Vulne... [...]

Widevine Trustlet 5.x drm_save_keys Buffer Overflow

30 May 2023

Topic: Widevine Trustlet 5.x drm_save_keys Buffer Overflow Risk: High Text:1. INFORMATION -- [+] CVE : CVE-2022-48332 [+] Title : Buffer Overflow in Widevine Trustlet ... [...]

Webkul Qloapps 1.5.2 Cross Site Scripting

28 May 2023

Topic: Webkul Qloapps 1.5.2 Cross Site Scripting Risk: Low Text:# Exploit Title: Webkul Qloapps 1.5.2 - Cross-Site Scripting (XSS) # Date: 15 May 2023 # Exploit Author: Astik Rawat (ahrixia... [...]

GetSimple CMS 3.3.16 Shell Upload

28 May 2023

Topic: GetSimple CMS 3.3.16 Shell Upload Risk: High Text:# Exploit Title: GetSimple CMS v3.3.16 - Remote Code Execution (RCE) # Data: 18/5/2023 # Exploit Author : Youssef Muhammad #... [...]

JetSınav SQL Injection + Default Password Vulnerability

28 May 2023

Topic: JetSınav SQL Injection + Default Password Vulnerability Risk: Medium Text:Dork: allintext:"Powered by Jetsınav" admin panel:/admin/login.php in script 2 vuln 1)Default Password 2)SQL Injection... [...]

SCM Manager 1.60 Cross Site Scripting

28 May 2023

Topic: SCM Manager 1.60 Cross Site Scripting Risk: Low Text:#!/usr/bin/python3 # Exploit Title: SCM Manager 1.60 - Cross-Site Scripting Stored (Authenticated) # Google Dork: intitle:"... [...]

Screen SFT DAB 600/C Authentication Bypass Admin Password Change

28 May 2023

Topic: Screen SFT DAB 600/C Authentication Bypass Admin Password Change Risk: Medium Text:#!/usr/bin/env python3 # # Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Admin Password Change # Exploit… [...]

TinyWebGallery v2.5 Remote Code Execution (RCE)

28 May 2023

Topic: TinyWebGallery v2.5 Remote Code Execution (RCE) Risk: Low Text:#Exploit Title: TinyWebGallery v2.5 - Remote Code Execution (RCE) #Application: TinyWebGallery #Version: v2.5 #Bugs: RCE #... [...]

Yank Note 3.52.1 Arbitrary Code Execution

27 May 2023

Topic: Yank Note 3.52.1 Arbitrary Code Execution Risk: High Text:# Exploit Title: Yank Note v3.52.1 (Electron) - Arbitrary Code Execution # Date: 2023-04-27 # Exploit Author: 8bitsec # CVE:... [...]

Stackposts Social Marketing Tool v1.0 SQL Injection

27 May 2023

Topic: Stackposts Social Marketing Tool v1.0 SQL Injection Risk: Medium Text:# Exploit Title: Stackposts Social Marketing Tool v1.0 - SQL Injection # Date: 2023-05-17 # Exploit Author: Ahmet Ümit BAYRA... [...]

Seagate Central Storage 2015.0916 User Creation / Command Execution

27 May 2023

Topic: Seagate Central Storage 2015.0916 User Creation / Command Execution Risk: High Text:## # Exploit Title: Seagate Central Storage 2015.0916 - Unauthenticated Remote Command Execution (Metasploit) # Date: Dec 9… [...]

Ulicms 2023.1 Create Administrator

27 May 2023

Topic: Ulicms 2023.1 Create Administrator Risk: Medium Text:#Exploit Title: Ulicms 2023.1 - create admin user via mass assignment #Application: Ulicms #Version: 2023.1-sniffing-vicuna ... [...]

Zenphoto 1.6 Cross Site Scripting

27 May 2023

Topic: Zenphoto 1.6 Cross Site Scripting Risk: Low Text:Exploit Title: Zenphoto 1.6 - Multiple stored XSS Application: Zenphoto-1.6 xss poc Version: 1.6 Bugs: XSS Technology: PH... [...]

Laravel 10.11 Database Disclosure / Information Disclosure

27 May 2023

Topic: Laravel 10.11 Database Disclosure / Information Disclosure Risk: High Text: | # Title : Laravel 10.11 Information Disclosure MySQL Credential Disclosure ... [...]

WBCE CMS 1.6.1 Cross Site Scripting

27 May 2023

Topic: WBCE CMS 1.6.1 Cross Site Scripting Risk: Low Text:Exploit Title: WBCE CMS 1.6.1 - Multiple Stored Cross-Site Scripting (XSS) Version: 1.6.1 Bugs: XSS Technology: PHP Vendor... [...]

Camaleon CMS v2.7.0 Server-Side Template Injection (SSTI)

27 May 2023

Topic: Camaleon CMS v2.7.0 Server-Side Template Injection (SSTI) Risk: Medium Text:Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI) Exploit Author: PARAG BAGUL CVE: CVE-2023-30145 ... [...]

Quicklancer v1.0 SQL Injection

27 May 2023

Topic: Quicklancer v1.0 SQL Injection Risk: Medium Text:# Exploit Title: Quicklancer v1.0 - SQL Injection # Date: 2023-05-17 # Exploit Author: Ahmet Ümit BAYRAM # Vendor: https:/... [...]

Screen SFT DAB 600/C Authentication Bypass Reset Board Config

27 May 2023

Topic: Screen SFT DAB 600/C Authentication Bypass Reset Board Config Risk: Medium Text:#!/usr/bin/env python3 # # Exploit Title: Screen SFT DAB 600/C - Authentication Bypass Reset Board Config # Exploit… [...]

Smart School 1.0 SQL Injection

24 May 2023

Topic: Smart School 1.0 SQL Injection Risk: Medium Text:# Exploit Title: Smart School v1.0 - SQL Injection # Date: 2023-05-17 # Exploit Author: Ahmet Ümit BAYRAM # Vendor: https:/... [...]

No Title

24 May 2023

Topic: Risk: Low Text:... [...]

hyiplab 2.1 Default Credentials

24 May 2023

Topic: hyiplab 2.1 Default Credentials Risk: Medium Text: | # Title : hyiplab V2.1 Insecure Settings Vulnerability ... [...]

thrsrossi Millhouse-Project 1.414 Remote Code Execution

24 May 2023

Topic: thrsrossi Millhouse-Project 1.414 Remote Code Execution Risk: Low Text:< ?php /* Exploit Title: thrsrossi Millhouse-Project 1.414 - Remote Code Execution Date: 12/05/2023 Exploit Author: Chokri H... [...]

PaperCut NG/MG 22.0.4 Remote Code Execution (RCE)

24 May 2023

Topic: PaperCut NG/MG 22.0.4 Remote Code Execution (RCE) Risk: Low Text:# Exploit Title: PaperCut NG/MG 22.0.4 - Remote Code Execution (RCE) # Date: 13 May 2023 # Exploit Author: Mohin… [...]

Fedora 37: bitcoin-core 2023-3317c9b824

1 June 2023

Update to version 24.1. [...]

Fedora 37: editorconfig 2023-6e5d4757df

1 June 2023

Security fix for CVE-2023-0341: update to 0.12.6 (close RHBZ#2162811) [...]

Fedora 37: edk2 2023-ca393d660a

1 June 2023

include latest dbx update (may 9th, black lotus edition). ---- drop ASSERT from NestedInterruptTplLib (rhbz#2183336). [...]

RedHat: RHSA-2023-3415:01 Important: ACS 4.0 enhancement and security update

1 June 2023

Updated images are now available for Red Hat Advanced Cluster Security (RHACS). The updated image includes security and bug fixes. Red Hat Product Security has rated this update as having… [...]

RedHat: RHSA-2023-3408:01 Moderate: openssl security update

1 June 2023

An update for openssl is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of… [...]

Ubuntu 6127-1: Linux kernel vulnerabilities

31 May 2023

Several security issues were fixed in the Linux kernel. [...]

1.470

1 June 2023

Newly Added (1)Security Update 2023-05-30 from Google Chrome [...]

1.469

30 May 2023

Newly Added (8)Multiple Security Vulnerabilities Identified in Axeda Desktop Server for WindowsFiles or Directories Accessible to External Parties vulnerabilities on Acronis Cyber ProtectIncorrect Default Permissions vulnerability on Acronis Cyber ProtectInadequate… [...]

1.468

26 May 2023

Newly Added (5)Apache Log4j Improper Input Validation VulnerabilityApache Log4j Improper Input Validation VulnerabilityUntrusted Search Path Vulnerability for GitImproper Certificate Validation Vulnerability for OpenSSLApache Commons Configuration Insecure Interpolation Defaults Vulnerability [...]

1.467

25 May 2023

Newly Added (2)Improper Certificate Validation Vulnerability for OpenSSLSecurity update HT213763 for iTunesModified (1)Multiple Vulnerabilities in Visual Studio [...]

1.467

25 May 2023

Newly Added (2)Improper Certificate Validation Vulnerability for OpenSSLSecurity update HT213763 for iTunesModified (1)Multiple Vulnerabilities in Visual Studio [...]

1.466

24 May 2023

Newly Added (6)Omission of Security-relevant Information Vulnerability for Brave Web BrowserInjection Vulnerability for Go Programming LanguageInjection Vulnerability for Go Programming LanguageInjection Vulnerability for Go Programming LanguageInadequate Encryption Strength Vulnerability for… [...]

1.465

20 May 2023

Modified (1)Use of Uninitialized Resource and Improper Initialization Vulnerabilities for 7-Zip [...]

1.464

18 May 2023

1.463

18 May 2023

Newly Added (1)Security Update 2023-05-16 from Google Chrome [...]

1.462

16 May 2023

Newly Added (1)Jenkins Security Advisory 2015-11-11 [...]

CVE-2022-36123 – A vulnerability in Linux kernel mainline v5.18-rc1 through v5.19-rc6 does not clear statically allocated variables in the block starting symbol (.bss) due to a failed early_xen_iret_patch leading to an asm_exc_page_fault, or arbitrary code execution

29 July 2022

Title A vulnerability in Linux kernel mainline v5.18-rc1 through v5.19-rc6 does not clear statically allocated variables in the block starting symbol (.bss) due to a failed early_xen_iret_patch leading to an… [...]

CVE-2022-35414 – QEMU 4.1.50 through QEMU 7.0.0 – address_space_translate_for_iotlb allows a guest user to crash a host resulting in a denial of service.

11 July 2022

Title CVE-2022-35414 – QEMU 4.1.50 through QEMU 7.0.0 – address_space_translate_for_iotlb allows a guest user to crash a host resulting in a denial of service. CVE ID CVE-2022-35414 CVSS Score N/A… [...]

Sick Codes @ DEF CON 30 August 11-14 2022!

30 June 2022

Pleased to announce we will be speaking at this year’s DEF CON 30 conference in Las Vegas, which will be an in-person event! You can purchase tickets at: https://defcon.org/ and… [...]

CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors.

15 May 2022

Title CVE-2021-33318 IpMatcher v1.0.4.1 and below for .NET Core 2.0 and .NET Framework 4.5.2. incorrectly validates octal & hexadecimal input data, leading to indeterminate SSRF, LFI, RFI, and DoS vectors.… [...]

CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg

14 April 2022

Title CVE-2022-28345 – Signal client for iOS version 5.33.2 and below are vulnerable to RTLO Injection URI Spoofing using malicious URLs such as gepj.net/selif#/moc.elpmaxe which would appear as example.com/#files/ten.jpeg CVE… [...]

Exploit: RTLO Injection URI Spoofing: WhatsApp, iMessage (Messages app), Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096

24 March 2022

The post Exploit: RTLO Injection URI Spoofing: WhatsApp, iMessage (Messages app), Instagram, Facebook Messenger. CVE-2020-20093, CVE-2020-20094, CVE-2020-20095, CVE-2020-20096 appeared first on Sick Codes - Security Research, Hardware & Software Hacking,… [...]

Fix DIVD-2022-00002: Grafana versions 8.0.0-beta1 through 8.3.0 installed via dpkg/deb package. Mitigation:

21 January 2022

In response to the amazing work by @j0v0x0 “Jordy Versmissen” from Detectify, the double-amazing Dutch Institute for Vulnerability Disclosure, known as DIVD CSIRT, contacted thousands of ISP/IP/Webmasters to resolve the… [...]

CVE-2021-33669 – SAP Mobile SDK Certificate Provider – Insecure Temporary File Storage – Potential Symlink Attack & Denial of Service

4 October 2021

Title CVE-2021-33669 – SAP Mobile SDK Certificate Provider – Insecure Temporary File Storage – Potential Symlink Attack & Denial of Service CVE ID CVE-2021-33669 CVSS Score 7.8 Internal ID SICK-2021-032… [...]

CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux

24 September 2021

Title CVE-2021-39246 – Tor Browser through 10.5.6 and 11.x through 11.0a4 allows a correlation attack excessive verbose logging – Windows, macOS, Linux CVE ID CVE-2021-39246 CVSS Score 6.1 CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N Internal… [...]

Sick Codes Speaking @ CornCon Cyber Security Conference September 10-11, 2021 in Bettendorf, Iowa!

27 August 2021

Come see us live at CornCon September 10-11th 2021, discussing Ag Security, Supply Chain Security, and of course, tractor hacking. CornCon – Season 7 September 10-11, 2021 Event details/Tickets: https://corncon.net/… [...]

ESB-2023.3099 - [SUSE] wireshark: CVSS (Max): 8.8

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3099 Security update for wireshark 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: wireshark Publisher: SUSE… [...]

ESB-2023.3101 - [SUSE] terraform-provider-helm: CVSS (Max): None

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3101 Security update for terraform-provider-helm 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: terraform-provider-helm Publisher: SUSE… [...]

ESB-2023.3100 - [SUSE] tiff: CVSS (Max): 3.3

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3100 Security update for tiff 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tiff Publisher: SUSE… [...]

ESB-2023.3092 - [Debian] libwebp: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3092 libwebp security update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libwebp Publisher: Debian Operating… [...]

ESB-2023.3090 - [RedHat] pcs: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3090 pcs security and bug fix update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: pcs… [...]

ESB-2023.3096 - [SUSE] libaom: CVSS (Max): 5.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3096 Security update for libaom 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: libaom Publisher: SUSE… [...]

ESB-2023.3094 - [Debian] sssd: CVSS (Max): 8.8

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3094 sssd regression update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: sssd Publisher: Debian Operating… [...]

ESB-2023.3107 - [SUSE] compat-openssl098: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3107 Security update for compat-openssl098 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: compat-openssl098 Publisher: SUSE… [...]

ESB-2023.3106 - [SUSE] openssl-1_1: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3106 Security update for openssl-1_1 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl-1_1 Publisher: SUSE… [...]

ESB-2023.3109 - [SUSE] openssl-1_0_0: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3109 Security update for openssl-1_0_0 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl-1_0_0 Publisher: SUSE… [...]

ESB-2023.3108 - [SUSE] openssl-1_0_0: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3108 Security update for openssl-1_0_0 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl-1_0_0 Publisher: SUSE… [...]

ESB-2023.3110 - [SUSE] openssl: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3110 Security update for openssl 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl Publisher: SUSE… [...]

ESB-2023.3111 - [SUSE] go1.18-openssl: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3111 Security update for go1.18-openssl 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: go1.18-openssl Publisher: SUSE… [...]

ESB-2023.3112 - [SUSE] c-ares: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3112 Security update for c-ares 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: c-ares Publisher: SUSE… [...]

ESB-2023.3098 - [SUSE] tomcat: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3098 Security update for tomcat 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tomcat Publisher: SUSE… [...]

ESB-2023.3105 - [SUSE] openssl-1_1: CVSS (Max): 6.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3105 Security update for openssl-1_1 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl-1_1 Publisher: SUSE… [...]

ESB-2023.3097 - [SUSE] installation-images: CVSS (Max): None

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3097 Security update for installation-images 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: installation-images Publisher: SUSE… [...]

ESB-2023.3104 - [SUSE] amazon-ssm-agent: CVSS (Max): None

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3104 Security update for amazon-ssm-agent 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: amazon-ssm-agent Publisher: SUSE… [...]

ESB-2023.3095 - [SUSE] tiff: CVSS (Max): 3.3

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3095 Security update for tiff 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tiff Publisher: SUSE… [...]

ESB-2023.3103 - [SUSE] cni-plugins: CVSS (Max): None

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3103 Security update for cni-plugins 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: cni-plugins Publisher: SUSE… [...]

ESB-2023.3093 - [Debian] openssl: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3093 openssl security update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: openssl Publisher: Debian Operating… [...]

ESB-2023.3102 - [SUSE] terraform: CVSS (Max): None

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3102 Security update for terraform 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: terraform Publisher: SUSE… [...]

ESB-2023.3091 - [RedHat] qatzip: CVSS (Max): 7.8

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3091 qatzip security and bug fix update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: qatzip… [...]

ESB-2023.3089 - [RedHat] Satellite 6.13.1 Async: CVSS (Max): 5.4

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3089 Satellite 6.13.1 Async Security Update 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Satellite 6.13.1… [...]

ESB-2023.3113 - [SUSE] tomcat: CVSS (Max): 7.5

1 June 2023

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2023.3113 Security update for tomcat 1 June 2023 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: tomcat Publisher: SUSE… [...]

WiFi File Transfer v1.0.8 - Cross Site Scripting Vulnerabilities

17 October 2022

The vulnerability laboratory core research team discovered a multiple persistent cross site vulnerabilities in the WiFi ... [...]

Stripe Green Downloads 2.03 - Cross Site Web Vulnerability

17 October 2022

The vulnerability laboratory core research team discovered a persistent cross site vulnerability in the Stripe Green Dow... [...]

RRX IOB LP v1.0 - DNS Cache Snooping Vulnerability

11 October 2022

The vulnerability laboratory core research team discovered a dns snooping vulnerability in the Rhein Ruhr Express (RRX I... [...]

MapTool v1.11.5 - Cross Site Scripting Vulnerabilities

11 October 2022

The vulnerability laboratory core research team discovered a persistent web vulnerability in the official MapTool v1.11.... [...]

Vicidial v2.14-783a - Multiple XSS Web Vulnerabilities

11 October 2022

The vulnerability laboratory core research team discovered multiple client-site cross site scripting vulnerabilities in ... [...]

Webile v1.0.1 - Directory Traversal Web Vulnerability

10 October 2022

The vulnerability laboratory core research team discovered a directory traversal web vulnerability in the Webile v1.0.1 ... [...]

MapTool v1.11.5 - Denial of Service Vulnerability

10 October 2022

The vulnerability laboratory core research team discovered a remote denial of service vulnerability in the official MapT... [...]

Knap (APL) v3.1.3 - Persistent Cross Site Vulnerability

10 October 2022

The vulnerability laboratory core research team discovered a persistent cross site web vulnerability in the Knap Advance... [...]

BootCommerce v3.2.1 - Multiple Persistent Vulnerabilities

7 June 2022

The vulnerability laboratory core research team discovered multiple persistent web vulnerabilities in the official BootC... [...]

Inciga Web v2.8.2 - Cross Site Scripting Vulnerability

8 April 2022

The vulnerability laboratory core research team discovered a non-persistent cross site scripting vulnerability in the In... [...]

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

31 May 2023

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. The findings come from the SANS Internet… [...]

Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

31 May 2023

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. Firmware… [...]

Beware of Ghost Sites: Silent Threat Lurking in Your Salesforce Communities

31 May 2023

Improperly deactivated and abandoned Salesforce Sites and Communities (aka Experience Cloud) could pose severe risks to organizations, leading to unauthorized access to sensitive data. Data security firm Varonis dubbed the abandoned, unprotected, and unmonitored… [...]

Microsoft Details Critical Apple macOS Vulnerability Allowing SIP Protection Bypass

31 May 2023

Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on… [...]

6 Steps to Effectively Threat Hunting: Safeguard Critical Assets and Fight Cybercrime

31 May 2023

Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently and effectively is no small task – but with a… [...]

Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks

31 May 2023

The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April 2023. This… [...]

RomCom RAT Using Deceptive Web of Rogue Software Sites for Covert Attacks

31 May 2023

The threat actors behind RomCom RAT are leveraging a network of fake websites advertising rogue versions of popular software at least since July 2022 to infiltrate targets. Cybersecurity firm Trend Micro is… [...]

Alert: Hackers Exploit Barracuda Email Security Gateway 0-Day Flaw for 7 Months

31 May 2023

Enterprise security firm Barracuda on Tuesday disclosed that a recently patched zero-day flaw in its Email Security Gateway (ESG) appliances had been abused by threat actors since October 2022 to… [...]

Hackers Win $105,000 for Reporting Critical Security Flaws in Sonos One Speakers

30 May 2023

Multiple security flaws uncovered in Sonos One wireless speakers could be potentially exploited to achieve information disclosure and remote code execution, the Zero Day Initiative (ZDI) said in a report published last… [...]

CAPTCHA-Breaking Services with Human Solvers Helping Cybercriminals Defeat Security

30 May 2023

Cybersecurity researchers are warning about CAPTCHA-breaking services that are being offered for sale to bypass systems designed to distinguish legitimate users from bot traffic. "Because cybercriminals are keen on breaking… [...]

Implementing Risk-Based Vulnerability Discovery and Remediation

30 May 2023

In this day and age, vulnerabilities in software and systems pose a considerable danger to businesses, which is why it is essential to have an efficient vulnerability management program in… [...]

Sneaky DogeRAT Trojan Poses as Popular Apps, Targets Indian Android Users

30 May 2023

A new open source remote access trojan (RAT) called DogeRAT targets Android users primarily located in India as part of a sophisticated malware campaign. The malware is distributed via social media and… [...]

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

29 May 2023

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices. The approach, dubbed BrutePrint, bypasses… [...]

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

29 May 2023

A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its… [...]

3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them

29 May 2023

If you're a cybersecurity professional, you're likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP, to CWPP, to CIEM and all of the myriad others,… [...]

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

29 May 2023

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes… [...]

Don't Click That ZIP File! Phishers Weaponizing .ZIP Domains to Trick Victims

29 May 2023

A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a .ZIP domain.… [...]

PyPI Implements Mandatory Two-Factor Authentication for Project Owners

29 May 2023

The Python Package Index (PyPI) announced last week that every account that maintains a project on the official third-party software repository will be required to turn on two-factor authentication (2FA)… [...]

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

27 May 2023

A new stealthy information stealer malware called Bandit Stealer has caught the attention of cybersecurity researchers for its ability to target numerous web browsers and cryptocurrency wallets. "It has the… [...]

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

27 May 2023

A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framework Expo.io. The shortcoming, assigned the CVE identifier CVE-2023-28131, has a severity rating of… [...]

Severe Flaw in Google Cloud's Cloud SQL Service Exposed Confidential Data

26 May 2023

A new security flaw has been disclosed in the Google Cloud Platform's (GCP) Cloud SQL service that could be potentially exploited to obtain access to confidential data. "The vulnerability could… [...]

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

26 May 2023

Security researchers have detailed the inner workings of the commercial Android spyware called Predator, which is marketed by the Israeli company Intellexa (previously Cytrox). Predator was first documented by Google's Threat Analysis… [...]

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

26 May 2023

5G is a game changer for mobile connectivity, including mobile connectivity to the cloud. The technology provides high speed and low latency when connecting smartphones and IoT devices to cloud… [...]

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

26 May 2023

A new strain of malicious software that's engineered to penetrate and disrupt critical systems in industrial environments has been unearthed. Google-owned threat intelligence firm Mandiant dubbed the malware COSMICENERGY, adding it… [...]

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

26 May 2023

Email protection and network security services provider Barracuda is warning users about a zero-day flaw that it said has been exploited to breach the company's Email Security Gateway (ESG) appliances.… [...]

ZDI-CAN-21006: Ivanti

30 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-21030: Ivanti

30 May 2023

A CVSS score 6.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L) severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-20492: Softing

30 May 2023

A CVSS score 8.0 (AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Pan ZhenPeng (@Peterpan0927) & Li JianTao (@CurseRed) of STAR Labs SG Pte. Ltd. (@starlabs_sg)' was reported to the affected vendor on:… [...]

ZDI-CAN-21223: SolarWinds

30 May 2023

A CVSS score 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Piotr Bazydlo (@chudypb) of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2023-05-30, 1 days ago. The… [...]

ZDI-CAN-21005: Ivanti

30 May 2023

A CVSS score 7.3 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L) severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-21004: Ivanti

30 May 2023

ZDI-CAN-21220: SolarWinds

30 May 2023

ZDI-CAN-21179: PDF-XChange

30 May 2023

A CVSS score 3.3 (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-21002: Ivanti

30 May 2023

A CVSS score 7.2 (AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-21081: Ivanti

30 May 2023

A CVSS score 9.8 (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) severity vulnerability discovered by '06fe5fd2bc53027c4a3b7e395af0b850e7b8a044' was reported to the affected vendor on: 2023-05-30, 1 days ago. The vendor is given until 2023-09-27 to publish a… [...]

ZDI-CAN-21245: Adobe

26 May 2023

A CVSS score 3.3 (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N) severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2023-05-26, 5 days ago. The vendor… [...]

ZDI-CAN-21243: Adobe

26 May 2023

ZDI-CAN-21242: Adobe

26 May 2023

ZDI-CAN-21241: Adobe

26 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Mat Powell of Trend Micro Zero Day Initiative' was reported to the affected vendor on: 2023-05-26, 5 days ago. The vendor… [...]

26 May 2023

26 May 2023

26 May 2023

26 May 2023

26 May 2023

24 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Mark Vincent Yason (@MarkYason)' was reported to the affected vendor on: 2023-05-24, 7 days ago. The vendor is given until 2023-09-21… [...]

ZDI-CAN-21063: Adobe

24 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2023-05-24, 7 days ago. The vendor is given until 2023-09-21 to publish a… [...]

ZDI-CAN-21122: Adobe

24 May 2023

ZDI-CAN-21118: Adobe

24 May 2023

ZDI-CAN-20573: Kofax

23 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'rgod' was reported to the affected vendor on: 2023-05-23, 8 days ago. The vendor is given until 2023-09-20 to publish a… [...]

ZDI-CAN-21054: Siemens

23 May 2023

A CVSS score 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) severity vulnerability discovered by 'Anonymous' was reported to the affected vendor on: 2023-05-23, 8 days ago. The vendor is given until 2023-09-20 to publish a… [...]

Student Loan Breach Exposes 2.5M Records

31 August 2022

2.5 million people were affected, in a breach that could spell more trouble down the line. [...]

Watering Hole Attacks Push ScanBox Keylogger

30 August 2022

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool. [...]

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

29 August 2022

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. [...]

Ransomware Attacks are on the Rise

26 August 2022

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. [...]

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

25 August 2022

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed. [...]

Twitter Whistleblower Complaint: The TL;DR Version

24 August 2022

Twitter is blasted for security and privacy lapses by the company’s former head of security who alleges the social media giant’s actions amount to a national security risk. [...]

Firewall Bug Under Active Attack Triggers CISA Warning

23 August 2022

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP. [...]

Fake Reservation Links Prey on Weary Travelers

22 August 2022

Fake travel reservations are exacting more pain from the travel weary, already dealing with the misery of canceled flights and overbooked hotels. [...]

iPhone Users Urged to Update to Patch 2 Zero-Days

19 August 2022

Separate fixes to macOS and iOS patch respective flaws in the kernel and WebKit that can allow threat actors to take over devices and are under attack. [...]

Google Patches Chrome’s Fifth Zero-Day of the Year

18 August 2022

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbitrary code execution and is under active attack. [...]

Volt Typhoon: International Cybersecurity Authorities Detail Activity Linked to Chinese-State Sponsored Threat Actor

25 May 2023

Volt Typhoon: International Cybersecurity Authorities Detail Activity Linked to Chinese-State Sponsored Threat ActorSeveral international cybersecurity authorities from the United States, United Kingdom, Australia, Canada and New Zealand issue a joint… [...]

U.S. and Australian Agencies Publish Joint Cybersecurity Advisory on BianLian Ransomware Group

18 May 2023

U.S. and Australian Agencies Publish Joint Cybersecurity Advisory on BianLian Ransomware GroupThe FBI, ACSC and CISA have released a joint cybersecurity advisory discussing the BianLian ransomware group. Background As part… [...]

Microsoft’s May 2023 Patch Tuesday Addresses 38 CVEs (CVE-2023-29336)

9 May 2023

Microsoft’s May 2023 Patch Tuesday Addresses 38 CVEs (CVE-2023-29336)Microsoft addresses 38 CVEs including three zero-day vulnerabilities, two of which were exploited in the wild. 6Critical 32Important 0Moderate 0Low Microsoft patched… [...]

CVE-2023-20864: VMware Aria Operations for Logs Deserialization Vulnerability

21 April 2023

VMware issues advisory to address two flaws in its VMware Aria Operations for Logs solution, including a critical deserialization flaw assigned a CVSSv3 score of 9.8. Background On April 20,… [...]

Oracle April 2023 Critical Patch Update Addresses 231 CVEs

19 April 2023

Oracle April 2023 Critical Patch Update Addresses 231 CVEsOracle addresses 231 CVEs in its second quarterly update of 2023 with 433 patches, including 74 critical updates. Background On April 18,… [...]

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)

11 April 2023

Microsoft’s April 2023 Patch Tuesday Addresses 97 CVEs (CVE-2023-28252)Microsoft addresses 97 CVEs, including one that was exploited in the wild as a zero day 7Critical 90Important 0Moderate 0Low Microsoft patched… [...]

3CX Desktop App for Windows and macOS Reportedly Compromised in Supply Chain Attack

30 March 2023

A softphone desktop application from 3CX, makers of a popular VoIP PBX solution used by over 600,000 organizations, has reportedly been trojanized as part of a supply chain attack. CVE-2023-29059… [...]

OpenAI’s ChatGPT and GPT-4 Used as Lure in Phishing Email, Twitter Scams to Promote Fake OpenAI Tokens

17 March 2023

OpenAI’s ChatGPT and GPT-4 Used as Lure in Phishing Email, Twitter Scams to Promote Fake OpenAI TokensHoping to cash in on the massive interest around OpenAI’s GPT-4 – ChatGPT’s new… [...]

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)

14 March 2023

Microsoft’s March 2023 Patch Tuesday Addresses 76 CVEs (CVE-2023-23397)Microsoft addresses 76 CVEs including two zero-days exploited in the wild, one of which was publicly disclosed. 9Critical 66Important 1Moderate 0Low Update… [...]

FBI and CISA Release Cybersecurity Advisory on Royal Ransomware Group

4 March 2023

FBI and CISA Release Cybersecurity Advisory on Royal Ransomware GroupThe FBI and CISA have released a joint Cybersecurity Advisory discussing the Royal ransomware group. Background As part of their #StopRansomware… [...]

Rapid7 Data Engineers Inspire Future Tech Talent at Summer Search Career Fest

31 May 2023

Earlier this month, Rapid7 data engineers had the honor of being panelists at the Summer Search Career Fest. [...]

Widespread Exploitation of Zyxel Network Devices

31 May 2023

Rapid7 is tracking reports of ongoing exploitation of CVE-2023-28771, a critical unauthenticated command injection vulnerability affecting multiple Zyxel networking devices. [...]

Fetch Payloads: A Shorter Path from Command Injection to Metasploit Session

25 May 2023

Rapid7 is pleased to announce the availability of Metasploit fetch payloads, which increase efficiency and user control over the commands executed. [...]

Healthcare Orgs: Do You Need an Outsourced SOC?

24 May 2023

Learn how your healthcare organization can benefit from cybersecurity managed services and an outsourced SOC. [...]

VeloCON 2023: Submissions Wanted!

23 May 2023

Our 2nd annual VeloCON virtual summit will be held this September, and the call for presentations closes Monday, July 17, 2023. [...]

Casting a Light on Shadow IT in Cloud Environments

23 May 2023

Shadow IT typically refers to the use of consumer apps or services without explicit IT approval. However, it can also occur at a cloud infrastructure level. [...]

Metasploit Weekly Wrap-Up

19 May 2023

Fetch Based Payloads: Making the Path from Command Injection to Metasploit Session Shorter. Learn more. [...]

Introducing: ‘Saved Filters’ in InsightCloudSec

18 May 2023

New InsightCloudSec release includes "Saved Filters" capability, which lets users save filter combinations they use regularly. [...]

Rapid7 Recognized as a Strong Performer in The Forrester Wave™ for MDR, Q2 2023

18 May 2023

Rapid7 is proud to be recognized amongst the top 13 vendors, as a Strong Performer, in The Forrester WaveTM: Managed Detection and Response, Q2 2023. [...]

CVE-2023-27350: Ongoing Exploitation of PaperCut Remote Code Execution Vulnerability

17 May 2023

CVE-2023-27350 is an unauthenticated remote code execution vulnerability in PaperCut MF/NG print management software. A patch is available for this vulnerability and should be applied on an emergency basis. [...]

Metasploit Wrap-up

12 May 2023

New modules for Zyxel Router RCE, Pentaho Business Server Auth Bypass, ManageEngine ADAudit authenticated file write RCE, and HTTPTrace functionality added to scanner modules [...]

[The Lost Bots] S03E03. The Rise of The Machines

11 May 2023

In this episode of The Lost Bots, Rapid7's Jeffrey Gardner and Stephen Davis discuss the state of AI today and where its going. [...]

The Velociraptor 2023 Annual Community Survey

10 May 2023

Rapid7's Velociraptor team distributed our first community survey in early 2023. Here's what we learned! [...]

Patch Tuesday - May 2023

9 May 2023

A relatively light 49 vulnerabilities patched in May 2023, including a new entry method for BlackLotus bootkit malware. [...]

Metasploit Weekly Wrap-Up

5 May 2023

Rapid7's Stephen Fewer authored a module targeting CVE-2023-26360 affecting ColdFusion 2021 Update 5 and earlier. Learn more. [...]

ROS-20230412-01

4 December 2023

The Libde265 vulnerability is related to the decoder_context::process_slice_segment_header function in decctx.cc. Exploiting the vulnerability could allow an attacker to break segmentation. The Libde265 vulnerability is related to the derive_collocated_motion_vectors function… [...]

ROS-20230412-03

4 December 2023

The Consul server vulnerability is related to allowing an authenticated user to use service: write permissions to start a workflow. Exploiting the vulnerability could allow an intruder acting remotely to… [...]

ROS-20230412-02

4 December 2023

Vim text editor vulnerability related to vim class_object_index() function in vim9class.c file. Exploitation of the vulnerability could allow an intruder acting remotely to trick a user to open a specially… [...]

ROS-20230112-02

1 December 2023

A vulnerability in the Vim text editor is related to a boundary error in the msg_puts_printf(0 in message.c. Exploitation of the vulnerability could allow an intruder acting remotely to trick… [...]

ROS-20230112-01

1 December 2023

Vulnerability in Squid caching proxy server is related to inconsistent processing of internal URIs. Exploitation of the vulnerability can allow a remote attacker to bypass ACL manager protection and gain… [...]

ROS-20230411-01

4 November 2023

CairoSVG SVG converter vulnerability is related to insufficient user input validation during SVG file processing. Exploitation of the vulnerability could allow an attacker acting remotely access to sensitive data located… [...]

ROS-20230411-03

4 November 2023

A vulnerability in the Minio object store is associated with a user with console administrator privileges who could potentially create a user that matches the root access key, once this… [...]

ROS-20230411-02

4 November 2023

The Liblouis Braille translator vulnerability is related to copying to the buffer without checking the size of the input data. Exploitation of the vulnerability could allow an attacker acting remotely… [...]

ROS-20230210-02

2 October 2023

The X.Org Server vulnerability is related to the fact that after free() call the pointer bound to the buffer did not have NULL sign, which caused the buffer to be… [...]

ROS-20230210-01

2 October 2023

The vulnerability of the GNU Less UNIX-like terminal utility is related to the fact that calling "less -R" call will not filter the ANSI escape sequences sent to the terminal.… [...]

ROS-20230210-04

2 October 2023

A vulnerability in the Redis database management system (DBMS) is associated with the setrange and sort (_ro) commands. Exploitation of the vulnerability could allow an intruder acting remotely to cause… [...]

ROS-20230210-03

2 October 2023

Vulnerability of GNU C Library (glibc) system calls and main functions is related to overflow buffer overflow in __monstartup function in gmon.c file of Call Graph Monitor component. Exploiting the… [...]

ROS-20230407-01

4 July 2023

A vulnerability in the libcurl library is related to the connection reuse feature, which can reuse previously established connections with incorrect user permissions due to a failure to check for… [...]

ROS-20230407-03

4 July 2023

Vulnerability in the OpenSSL cryptographic library is related to X.509 certificate chains validation, which include policy restrictions. Exploiting the vulnerability could allow an attacker acting remotely to create a chain… [...]

ROS-20230407-02

4 July 2023

The Redis DBMS vulnerability is related to a command injection error, which exists because of the achievable assertion when processing the MSETNX command. Exploiting the vulnerability could allow an intruder,… [...]

ROS-20230406-01

4 June 2023

A vulnerability in curl is related to the incorrect substitution of the tilde character (~) when used as a prefix in the first path element, in addition to its intended… [...]

kaea.co.kr Cross Site Scripting vulnerability OBB-3369895

1 June 2023

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator… [...]

chaletfinder.co.uk Cross Site Scripting vulnerability OBB-3369896

1 June 2023

applianceelectronics.co.uk Cross Site Scripting vulnerability OBB-3369894

1 June 2023

Exploit for Cross-site Scripting in Elementor Website Builder

1 June 2023

CVE-2022-29455 Mass Scanner for CVE-2022-29455 on Elementor Plugins Wordpress Usage : python cve-2022-29455 list.txt... [...]

mahec.net Cross Site Scripting vulnerability OBB-3369878

1 June 2023

nwfa.mmu.ac.uk Cross Site Scripting vulnerability OBB-3369879

1 June 2023

www2.dakantuspluss.no Cross Site Scripting vulnerability OBB-3369873

1 June 2023

aaprogimmo.fr Cross Site Scripting vulnerability OBB-3369875

1 June 2023

var2.astro.cz Cross Site Scripting vulnerability OBB-3369871

1 June 2023

padre – Padding Oracle Attack Exploiter Tool

28 May 2023

padre is an advanced exploiter and Padding Oracle attack tool that can be deployed against CBC mode encryption. [...]

Privacy Implications of Web 3.0 and Darknets

31 March 2023

The evolution of the internet has been rapid over the years and has impacted the privacy implications of Web 3.0 and Darknets [...]

DataSurgeon – Extract Sensitive Information (PII) From Logs

20 March 2023

DataSurgeon (ds) is a versatile tool designed to Extract Sensitive Information (PII) From Logs, it's intended to be used for incident response, penetration testing, and CTF challenges. [...]

Pwnagotchi – Maximize Crackable WPA Key Material For Bettercap

12 February 2023

Pwnagotchi is an A2C-based "AI" leveraging bettercap that learns from its surrounding WiFi environment to maximize crackable WPA key material it captures [...]

HardCIDR – Network CIDR and Range Discovery Tool

29 December 2022

HardCIDR is a Linux Bash script to discover the netblocks, or ranges, (in CIDR notation) owned by the target organization during the intelligence gathering phase of a penetration test. [...]

Socialscan – Command-Line Tool To Check For Email And Social Media Username Usage

29 April 2022

socialscan is an accurate command-line tool to check For email and social media username usage on online platforms, given an email address or username, socialscan returns whether it is available,… [...]

CFRipper – CloudFormation Security Scanning & Audit Tool

23 January 2022

CFRipper is a Python-based Library and CLI security analyzer that functions as an AWS CloudFormation security scanning and audit tool, it aims to prevent vulnerabilities from getting to production infrastructure… [...]

CredNinja – Test Credential Validity of Dumped Credentials or Hashes

5 January 2022

CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently. At the core of it, you provide it… [...]

assetfinder – Find Related Domains and Subdomains

29 December 2021

assetfinder is a Go-based tool to find related domains and subdomains that are potentially related to a given domain from a variety of sources including Facebook, ThreatCrowd, Virustotal and more.… [...]

Karkinos – Beginner Friendly Penetration Testing Tool

30 August 2021

Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a ‘Swiss Army Knife’ for pen-testing and/or hacking CTF’s. Karkinos Beginner Friendly Penetration Testing Tool Features Encoding/Decoding characters… [...]

This Campaign Delivers Three Malware Via Pirated Software Videos On YouTube

31 May 2023

Researchers have found a malicious campaign exploiting seemingly legit YouTube accounts. The campaign involves uploading… This Campaign Delivers Three Malware Via Pirated Software Videos On YouTube on Latest Hacking News… [...]

Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack

31 May 2023

While biometric locks usually seem a safe device locking method, researchers have now devised a… Hackers Can Bypass Fingerprint Locks On Phones With BrutePrint Attack on Latest Hacking News |… [...]

Is Your Organization Prepared Against Insider Threats?

30 May 2023

As companies in all sectors continue to rely on digital communications, storage, and operations for… Is Your Organization Prepared Against Insider Threats? on Latest Hacking News | Cyber Security News,… [...]

GitLab Released Emergency Fix For Critical Vulnerability – Update Now!

29 May 2023

GitLab has recently rolled out an emergency update, patching a critical path traversal vulnerability. Users… GitLab Released Emergency Fix For Critical Vulnerability – Update Now! on Latest Hacking News |… [...]

XSS Flaw Riddled Beautiful Cookie Consent Banner WP Plugin

29 May 2023

Heads up, WordPress admins! It’s time to update your websites with the latest Beautiful Cookie… XSS Flaw Riddled Beautiful Cookie Consent Banner WP Plugin on Latest Hacking News | Cyber… [...]

iRecorder Android App Targeted Its Users With AhRAT Malware

26 May 2023

Heads up, Android users! If you ever installed the iRecorder app on your phone, it’s… iRecorder Android App Targeted Its Users With AhRAT Malware on Latest Hacking News | Cyber… [...]

Google Introduces Mobile VRP For Its Android Apps

25 May 2023

Shortly after announcing major upgrades to the Android devices bug reward program, Google had now… Google Introduces Mobile VRP For Its Android Apps on Latest Hacking News | Cyber Security… [...]

Samsung ASLR Bypass Flaw Is Actively Exploited – Warns CISA

25 May 2023

US CISA recently issued an alert, warning Samsung users about an ASLR bypass flaw being… Samsung ASLR Bypass Flaw Is Actively Exploited – Warns CISA on Latest Hacking News |… [...]

How Cybersecurity Reporting Tools Can Help Enhance Your Incident Response Capabilities

25 May 2023

A lot goes into ensuring safety while in the online space. One significant step is… How Cybersecurity Reporting Tools Can Help Enhance Your Incident Response Capabilities on Latest Hacking News… [...]

Be Cyber-Vigilant on Your Cruise with These Cyber Security Tips

25 May 2023

It’s so nice to be able to travel once in a while, especially if you’ve… Be Cyber-Vigilant on Your Cruise with These Cyber Security Tips on Latest Hacking News |… [...]

Meet the GoldenJackal APT group. Don’t expect any howls

23 May 2023

GoldenJackal is an APT group, active since 2019, that usually targets government and diplomatic entities in the Middle East and South Asia. The main feature of this group is a… [...]

CloudWizard APT: the bad magic story goes on

19 May 2023

Kaspersky analysis of the CloudWizard APT framework used in a campaign in the region of the Russo-Ukrainian conflict. [...]

Minas – on the way to complexity

17 May 2023

Kaspersky analysis of a complicated multi-stage attack dubbed Minas that features a number of detection evasion and persistence techniques and results in a cryptocurrency miner infection. [...]

The nature of cyberincidents in 2022

16 May 2023

Kaspersky Incident Response report for 2022: incident response statistics, key trends and conclusions, expert recommendations. [...]

New ransomware trends in 2023

11 May 2023

On the eve of the global Anti-Ransomware Day, Kaspersky researchers share an overview of the key trends observed among ransomware groups. [...]

Not quite an Easter egg: a new family of Trojan subscribers on Google Play

4 May 2023

The new Trojan family, Fleckpe, spreads via Google Play inside photo editors and wallpapers, subscribing the unaware user to paid services. [...]

Managed Detection and Response in 2022

2 May 2023

Managed Detection and Response in 2022: number and severity of incidents, detection rate, breakdown by country and industry, data on cyberattacks in different regions. [...]

What does ChatGPT know about phishing?

1 May 2023

Kaspersky research on ChatGPT capabilities to tell a phishing link from a legitimate one by analyzing the URL, as well as extract target organization name. [...]

APT trends report Q1 2023

27 April 2023

For more than five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on… [...]

Tomiris called, they want their Turla malware back

24 April 2023

We continued to track Tomiris as a separate threat actor over three new attack campaigns between 2021 and 2023, and our telemetry allowed us to shed light on the group.… [...]

Chinese Hacking of US Critical Infrastructure

31 May 2023

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks… [...]

Brute-Forcing a Fingerprint Reader

30 May 2023

It’s neither hard nor expensive: Unlike password authentication, which requires a direct match between what is inputted and what’s stored in a database, fingerprint authentication determines a match using a… [...]

Friday Squid Blogging: Online Cephalopod Course

26 May 2023

Atlas Obscura has a five-part online course on cephalopods, taught by squid biologist Dr. Sarah McAnulty. As usual, you can also use this squid post to talk about the security… [...]

Expeditionary Cyberspace Operations

26 May 2023

Cyberspace operations now officially has a physical dimension, meaning that the United States has official military doctrine about cyberattacks that also involve an actual human gaining physical access to a… [...]

On the Poisoning of LLMs

25 May 2023

Interesting essay on the poisoning of LLMs—ChatGPT in particular: Given that we’ve known about model poisoning for years, and given the strong incentives the black-hat SEO crowd has to manipulate… [...]

Indiana, Iowa, and Tennessee Pass Comprehensive Privacy Laws

24 May 2023

It’s been a big month for US data privacy. Indiana, Iowa, and Tennessee all passed state privacy laws, bringing the total number of states with a privacy law up to… [...]

Credible Handwriting Machine

23 May 2023

In case you don’t have enough to worry about, someone has built a credible handwriting machine: This is still a work in progress, but the project seeks to solve one… [...]

Google Is Not Deleting Old YouTube Videos

22 May 2023

Google has backtracked on its plan to delete inactive YouTube videos—at least for now. Of course, it could change its mind anytime it wants. It would be nice if this… [...]

Friday Squid Blogging: Peruvian Squid-Fishing Regulation Drives Chinese Fleets Away

19 May 2023

A Peruvian oversight law has the opposite effect: Peru in 2020 began requiring any foreign fishing boat entering its ports to use a vessel monitoring system allowing its activities to… [...]

Security Risks of New .zip and .mov Domains

19 May 2023

Researchers are worried about Google’s .zip and .mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability. [...]

Crypto Discord Communities Targeted by Malicious Bookmarks & JavaScript

31 May 2023

By Waqas Discord admins, beware: scammers are hijacking accounts and stealing cryptocurrency funds by using malicious bookmarks in a new and tricky attack. This is a post from HackRead.com Read… [...]

Bitdefender Introduces GravityZone Security for Android, iOS, and Chromebook

31 May 2023

By Habiba Rashid According to Bitdefender, GravityZone Security for Mobile is a cutting-edge solution that leverages powerful antimalware technologies driven by real-time threat intelligence and machine learning. This is a… [...]

Buy-Now-Pay-Later (BNPL) is Revolutionising the E-Commerce Landscape

31 May 2023

By Owais Sultan The e-commerce landscape is constantly evolving. With more ways to access the world of online shopping than ever… This is a post from HackRead.com Read the original… [...]

Web3 Needs A Truly Decentralized Infrastructure That IPFS Alone Cannot Deliver

30 May 2023

By Waqas Web3, the next evolution of the internet, requires a truly decentralized infrastructure that goes beyond what IPFS (InterPlanetary File System) can offer on its own. This is a… [...]

SimpleTire Database Leak: Over 2.8 Million Records Exposed

30 May 2023

By Habiba Rashid Despite Fowler's efforts to responsibly disclose the issue, he received no response from the company. This is a post from HackRead.com Read the original post: SimpleTire Database… [...]

Tenet and LayerZero Forge Cross-Chain LSD Adoption

30 May 2023

By Owais Sultan Tenet and LayerZero Partner to Pioneer Cross-Chain Liquidity for Liquid Staking Derivatives. This is a post from HackRead.com Read the original post: Tenet and LayerZero Forge Cross-Chain… [...]

Raidforums Database Leak: Data of 460,000 Users Dumped Online

30 May 2023

By Waqas An analysis by Hackread.com indicates that the database is legitimate since it contains details of the forum's founder, Omnipotent. This is a post from HackRead.com Read the original… [...]

Data Breach at MCNA Dental Insurer Impacts 9 Million Users

29 May 2023

By Habiba Rashid The hackers managed to steal highly sensitive data in the data breach, including Social Security numbers, names, addresses, phone numbers, email addresses, and more. This is a… [...]

Jimbos Protocol Hack: $7.5 Million Lost in Latest DeFi Attack

29 May 2023

By Habiba Rashid The attack on Jimbos Protocol exploited a critical vulnerability related to the lack of slippage control on liquidity conversions. This is a post from HackRead.com Read the… [...]

Stealing From Wallets to Browsers: Bandit Stealer Hits Windows Devices

27 May 2023

By Deeba Ahmed Watch out for the Bandit Stealer malware that is being distributed through phishing emails. This is a post from HackRead.com Read the original post: Stealing From Wallets… [...]

Chrome 114 Released With 18 Security Fixes

31 May 2023

Chrome 114 stable brings 18 security fixes, including 13 for vulnerabilities reported by external researchers. The post Chrome 114 Released With 18 Security Fixes appeared first on SecurityWeek. [...]

Organizations Warned of Backdoor Feature in Hundreds of Gigabyte Motherboards

31 May 2023

A backdoor feature found in hundreds of Gigabyte motherboard models can pose a significant supply chain risk to organizations. The post Organizations Warned of Backdoor Feature in Hundreds of Gigabyte… [...]

Breaking Enterprise Silos and Improving Protection

31 May 2023

When teams have a way to break down enterprise silos and see and understand what is happening, they can improve protection across their increasingly dispersed and diverse environment. The post… [...]

Spyware Found in Google Play Apps With Over 420 Million Downloads

31 May 2023

Security researchers have discovered spyware code in 101 Android applications that had over 421 million downloads in Google Play. The post Spyware Found in Google Play Apps With Over 420… [...]

Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability

31 May 2023

A decade-old critical vulnerability in Jetpack was force-patched on five million WordPress sites over the past few days. The post Millions of WordPress Sites Patched Against Critical Jetpack Vulnerability appeared… [...]

Barracuda Zero-Day Exploited to Deliver Malware for Months Before Discovery

31 May 2023

The recently discovered Barracuda zero-day vulnerability CVE-2023-2868 has been exploited to deliver malware and steal data since at least October 2022. The post Barracuda Zero-Day Exploited to Deliver Malware for… [...]

PyPI Enforcing 2FA for All Project Maintainers to Boost Security

30 May 2023

PyPI will require all accounts that maintain a project to enable two-factor authentication (2FA) by the end of 2023. The post PyPI Enforcing 2FA for All Project Maintainers to Boost… [...]

Personal Information of 9 Million Individuals Stolen in MCNA Ransomware Attack

30 May 2023

Dental benefits manager MCNA is informing roughly 9 million individuals that their personal data was compromised in a data breach. The post Personal Information of 9 Million Individuals Stolen in… [...]

Many Vulnerabilities Found in PrinterLogic Enterprise Software

30 May 2023

Multiple vulnerabilities in PrinterLogic’s enterprise management printer solution could expose organizations to various types of attacks. The post Many Vulnerabilities Found in PrinterLogic Enterprise Software appeared first on SecurityWeek. [...]

Industrial Giant ABB Confirms Ransomware Attack, Data Theft

27 May 2023

Industrial giant ABB has confirmed that it has been targeted in a ransomware attack, with the cybercriminals stealing some data. The post Industrial Giant ABB Confirms Ransomware Attack, Data Theft… [...]

Attackers using Google Ads to distribute Bumblebee malware

22 April 2023

Security Researchers found a new malware called Bumblebee malware that targets users through Google Ads. [...]

Cyber Attack on Indian Health Ministry Website

6 April 2023

During March 2023, a group of Russian hackers cyber-attacked the official website of the Indian [...]

Fake ChatGPT Chrome Extension Hijacking Attack

16 March 2023

In today’s digital era, web browsers and their extensions have become a crucial part of [...]

Top 5 Open Source Firewall for Network Security

14 March 2023

A firewall is a security system that is used to control network traffic and prevent [...]

Understanding Signaling System 7 (SS7)

11 March 2023

The Signaling System 7 (SS7) is a set of protocol suite telecommunication networks used to [...]

We’re going teetotal: It’s goodbye to The Daily Swig

2 March 2023

PortSwigger today announces that The Daily Swig is closing down [...]

Bug Bounty Radar // The latest bug bounty programs for March 2023

28 February 2023

New web targets for the discerning hacker [...]

Indian transport ministry flaws potentially allowed creation of counterfeit driving licenses

28 February 2023

Armed with personal data fragments, a researcher could also access 185 million citizens’ PII [...]

Password managers: A rough guide to enterprise secret platforms

27 February 2023

The second part of our password manager series looks at business-grade tech to handle API tokens, login credentials, and more [...]

Chromium bug allowed SameSite cookie bypass on Android devices

27 February 2023

Protections against cross-site request forgery could be bypassed [...]

Deserialized web security roundup: Twitter 2FA backlash, GoDaddy suffers years-long attack campaign, and XSS Hunter adds e2e encryption

24 February 2023

Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news [...]

NIST plots biggest ever reform of Cybersecurity Framework

23 February 2023

CSF 2.0 blueprint offered up for public review [...]

Cisco ClamAV anti-malware scanner vulnerable to serious security flaw

22 February 2023

Patch released for bug that poses a critical risk to vulnerable technologies [...]

CVSS system criticized for failure to address real-world impact

21 February 2023

JFrog argues vulnerability risk metrics need complete revamp [...]

‘Most web API flaws are missed by standard security tests’ – Corey J Ball on securing a neglected attack vector

20 February 2023

API security is a ‘great gateway’ into a pen testing career, advises specialist in the field [...]

HTTP request smuggling bug patched in HAProxy

17 February 2023

Exploitation could enable attackers to access backend servers [...]

Belgium launches nationwide safe harbor for ethical hackers

15 February 2023

New legal protections for security researchers could be the strongest of any EU country [...]

Remote code execution flaw patched in Apache Kafka

15 February 2023

Possible RCE and denial-of-service issue discovered in Kafka Connect [...]

Password manager security: Which is the right option for me?

14 February 2023

The first guide of our two-part series helps consumers choose the best way to manage their login credentials [...]

Deserialized web security roundup: KeePass dismisses ‘vulnerability’ report, OpenSSL gets patched, and Reddit admits phishing hack

10 February 2023

Your fortnightly rundown of AppSec vulnerabilities, new hacking techniques, and other cybersecurity news [...]

OAuth ‘masterclass’ crowned top web hacking technique of 2022

10 February 2023

Single sign-on and request smuggling to the fore in another stellar year for web security research [...]

Radio silence from DMS vendor quartet over XSS zero-days

10 February 2023

No response or patch yet forthcoming from providers of vulnerable document management systems [...]

New XSS Hunter host Truffle Security faces privacy backlash

9 February 2023

Anonymized numbers of bug discoveries swiftly deleted after pushback [...]

Second UK Computer Misuse Act consultation reflects ‘very little progress’

8 February 2023

Campaigner bemoans glacial progress of review and urges government to set clear timetable [...]

DOM XSS vulnerability in Gartner Peer Insights widget patched

8 February 2023

Web attack vector closed after failed fix [...]

Toyota sealed up a backdoor to its global supplier management network

7 February 2023

Hacker praises carmaker’s prompt response to the (mercifully) good-faith pwnage [...]

Google engineers plot to mitigate prototype pollution

6 February 2023

Plan to create boundary between JavaScript objects and their blueprints gathers momentum [...]

Serious security hole plugged in infosec tool binwalk

3 February 2023

Path traversals could ‘void reverse engineering efforts and tamper with evidence collected’ [...]

Truffle Security relaunches XSS Hunter tool with new features

2 February 2023

Popular hacking aid now available with CORS misconfig detection function following end-of-life announcement [...]

Researcher drops Lexmark RCE zero-day rather than sell vuln ‘for peanuts’

1 February 2023

Printer exploit chain could be weaponized to fully compromise more than 100 models [...]

New Strain of Sotdas Malware Discovered

18 May 2023

Introduction There are numerous malicious codes that are currently active on smart devices, such as Ddosf, Dofloo, Gafgyt, MrBlack, Persirai, Sotdas, Tsunami, Triddy, Mirai, Moose, and Satori, among others. These… [...]

Microsoft and Adobe Patch Tuesday, May 2023 Security Update Review

9 May 2023

Microsoft has addressed 49 vulnerabilities in its May Patch Tuesday edition. The security advisories cover various vulnerabilities in different products, features, and roles. Let’s guide you through this month’s Patch… [...]

Oracle Patch Tuesday April 2023 Security Update Review

19 April 2023

Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various… [...]

Qualys Security Updates: Cloud Agent for Windows and Mac

18 April 2023

As part of our commitment to transparency and keeping customers and the community informed, Qualys is publicly disclosing three CVEs pertaining to the Qualys Cloud Agent for Windows and one… [...]

Microsoft and Adobe Patch Tuesday April 2023 Security Update Review

12 April 2023

Microsoft released security updates to address 114 vulnerabilities in the April Patch Tuesday edition. The security advisories cover various vulnerabilities in different products, features, and roles. Let’s know more about… [...]

3CXDesktopApp Backdoored in a Suspected Lazarus Campaign

4 April 2023

Introduction The attack involved a compromised version of the 3CX VoIP desktop client, which was used to target 3CX’s customers. The compromised 3CX application is a private automatic branch exchange… [...]

Risk Fact #5: Infrastructure Misconfigurations Open the Door to Ransomware

3 April 2023

Qualys Blog Series – Threat Research Unit Report In this last blog of our series describing the top Risk Facts discovered in the 2023 Qualys TruRisk Research Report, we go… [...]

Risk Fact #4: Misconfigurations Still Prevalent in Web Applications

31 March 2023

Qualys Blog Series – Threat Research Unit Report The Open Web Application Security Project (OWASP) Top 10 is a list of the most common and most critical vulnerabilities that can… [...]

Risk-based Vulnerability Management Combined With A Cyber Risk Management Platform

31 March 2023

Recent insights from IDC’s recent report, Worldwide Device Vulnerability Management Forecast, 2023–2027: Evolving Beyond Scanning (Feb. 2023), provide a sobering look at the future of what cybersecurity stacks may look… [...]

Risk Fact #3: Initial Access Brokers Attack What Organizations Ignore

30 March 2023

Qualys Blog Series – Threat Research Unit Report “Divide and Conquer” is an emerging and winning strategy for cyber criminals who split responsibilities to improve execution of the attack process.… [...]

Critical Jetpack WordPress Flaw Exposes Millions of Website

31 May 2023

This vulnerability could be used by authors on a site to manipulate any files in the WordPress installation The post Critical Jetpack WordPress Flaw Exposes Millions of Website appeared first… [...]

Shut Down Phishing Attacks – Types, Methods, Detection, Prevention Checklist

31 May 2023

In today’s interconnected world, where digital communication and transactions dominate, phishing attacks have become an ever-present threat. By masquerading as trustworthy entities, phishing attacks deceive users and organizations into divulging… [...]

Kali Linux 2023.2 Released – What’s New!

31 May 2023

Users of Kali Linux can now upgrade to the 2023.2 version, which has many new features and enhanced capabilities. The post Kali Linux 2023.2 Released – What’s New! appeared first… [...]

Google CTF 2023 – Rewards over $32,000 For Winners

30 May 2023

CTF (Capture The Flag) exercises have existed for several years. These CTF exercises provide a great challenge and provide great knowledge for ethical hackers and Bug Bounty Hunters. Many companies… [...]

New Phishing Attack Abuses .Zip Domain to Emulate Fake WinRAR Within the Browser

30 May 2023

A phishing attack that involved mimicking a browser-based file archiver software like WinRAR using a .zip domain to enhance its credibility. The post New Phishing Attack Abuses .Zip Domain to… [...]

Invicta Malware Delivered Through Fake GoDaddy Refund Invoices

29 May 2023

The creator of this Invicta malware is heavily active on social networking sites, using them to advertise their information-stealing malware and its deadly powers. GoDaddy refund emails have become a… [...]

New Bandit Malware Attacks Browsers to Steal Personal & Financial Logins

29 May 2023

Bandit malware prioritizes Windows as its target and leverages the legitimate command-line tool to execute programs under different user permissions. The post New Bandit Malware Attacks Browsers to Steal Personal… [...]

Critical Google Cloud’s SQL Service Flaw Exposes Sensitive Data

29 May 2023

Critical Google Cloud SQL Service could be exploited by attackers to access sensitive data and breach other cloud services. The post Critical Google Cloud’s SQL Service Flaw Exposes Sensitive Data… [...]

What is SaaS Security? – Types, Challenges, Threats & Protection Guide

29 May 2023

SaaS (Software-as-a-Service) has become popular for delivering software applications and services over the cloud. While SaaS offers numerous benefits, such as flexibility and scalability, it also introduces unique security challenges.… [...]

Commercial PREDATOR Spyware – Delivered Through Zero-Click Exploit

28 May 2023

A commercial spyware product offered by the spyware company Intellexa (formerly Cytrox) has been described by Cisco Talos. By designing deployment procedures that frequently call for little to no user engagement,… [...]

Adversaries can reconstruct classified information from unclassified data, warns White House official

31 May 2023

In a keynote at the 15th annual CyCon conference in Tallinn, the White House acting national cyber director, Kemba Walden, noted that protecting classified data had been an issue “of… [...]

Cybercriminals Targeting Apache NiFi Instances for Cryptocurrency Mining

31 May 2023

A financially motivated threat actor is actively scouring the internet for unprotected Apache NiFi instances to covertly install a cryptocurrency miner and facilitate lateral movement. [...]

Inactive, unmaintained Salesforce sites vulnerable to threat actors

31 May 2023

Improperly deactivated and unmaintained Salesforce sites are vulnerable to threat actors who can gain access to sensitive business data and personally identifiable information (PII) by simply changing the host header. [...]

Russia’s ‘Silicon Valley’ hit by cyberattack; Ukrainian group claims deep access

31 May 2023

According to Skolkovo Foundation's statement, the hackers managed to gain limited access to certain information systems of the organization, including its file hosting service on physical servers. [...]

Critical Firmware Vulnerability in Gigabyte Systems Exposes About 7 Million Devices

31 May 2023

Zyxel patches vulnerability in NAS devices (CVE-2023-27988)

31 May 2023

Zyxel has patched a high-severity authenticated command injection vulnerability (CVE-2023-27988) in some of its network attached storage (NAS) devices aimed at home users. [...]

Swiss Real Estate Agency Neho Fails to Secure Environment File on its Website

31 May 2023

A misconfiguration of Swiss real estate agency Neho’s systems exposed sensitive credentials to the public. Using leaked data, threat actors could potentially breach the company’s internal systems and hijack official… [...]

SeroXen RAT Combines Capabilities of Quasar RAT, r77-rootkit, and NirCmd

31 May 2023

SeroXen is a fileless RAT, performing well at evading detections on static and dynamic analysis. The malware combines several open-source projects to improve its capabilities, including the Quasar RAT, r77-rootkit,… [...]

Free Malware Builder for Invicta Stealer Promoted on Facebook

31 May 2023

Researchers recently encountered a new information stealer known as Invicta Stealer that is being promoted on social media platforms for its dangerous capabilities. For initial infection, a spam email is… [...]

BlackSuit Ransomware Shares Huge Similarities to Royal Ransomware

31 May 2023

BlackSuit appends the .blacksuit file extension to the files it encrypts, drops its ransom note into the directory, and lists its TOR chat site in the ransom note along with… [...]

Hacked DJ's Twitter account costs cryptocurrency investors $170,000

31 May 2023

The Twitter account of American DJ and electronic music producer Steve Aoki, who is considered something of an "influencer" in the world of cryptocurrency, lies at the heart of the… [...]

Dark Pink APT Group Leverages TelePowerBot and KamiKakaBot in Sophisticated Attacks

31 May 2023

The threat actor known as Dark Pink has been linked to five new attacks aimed at various entities in Belgium, Brunei, Indonesia, Thailand, and Vietnam between February 2022 and April… [...]

Nigerian Cybercrime Ring's Phishing Tactics Exposed

31 May 2023

According to ESET, before their incarceration, the cybercriminals utilized various fraudulent methods, including business email compromise (BEC), work-from-home fraud, check fraud, and credit card scams. [...]

Attackers leave organizations with no recovery option

31 May 2023

Organizations of all sizes are increasingly falling victim to ransomware attacks and inadequately protecting against this rising threat, according to Veeam. One in seven organizations will see almost all (>80%)… [...]

WordPress plugin ‘Gravity Forms’ vulnerable to PHP object injection

31 May 2023

The vulnerability, which is tracked as CVE-2023-28782, impacts all plugin versions from 2.73 and below. The flaw was discovered by PatchStack on March 27, 2023, and fixed by the vendor… [...]

DogeRAT Android Malware Mimic Popular Apps to Steal Sensitive Data

31 May 2023

The malware can take significant information from the victim's device after it has been installed, including contacts, messages, and banking credentials. The post DogeRAT Android Malware Mimic Popular Apps to… [...]

Kali Linux 2023.2 Released – What’s New!

31 May 2023

Offensive Security launched Kali Linux 2023.2, an updated Penetration testing distro with new features, hacking tools, and various updates. The post Kali Linux 2023.2 Released – What’s New! appeared first… [...]

Lazarus Hacking Group Attack IIS Web Servers to Install Web Shell

31 May 2023

Organizations, regardless of their size, employ Windows IIS web servers to host various web content, including websites, applications, and services like Outlook on the Web from Microsoft Exchange. The post… [...]

New Wi-Fi MITM Attack That Can Evade WPA3 Security Mechanisms

30 May 2023

NPU's wireless frame forwarding procedure allows attackers to launch Man-in-the-Middle (MITM) attacks on Wi-Fi networks without requiring rogue APs. The post New Wi-Fi MITM Attack That Can Evade WPA3 Security… [...]

Over 421,000,000 Times Installed Android Apps from Google Play Contain Malware

30 May 2023

A spyware-enabled Android app module that can gather details about files kept on devices and send them to attackers. Additionally, clipboard contents can be replaced and uploaded to a remote… [...]

PyPI Mandates 2FA for all Developers Account

30 May 2023

PyPI has insisted its users enable 2FA by the end of 2023. This is because many of the projects in PyPI are downloaded and used worldwide by several developers and… [...]

Why Do You Need a Cloud-native Web Application Firewall (WAF)?

29 May 2023

With your on-premise security solution comprising hardware, software, signatures, rules, and even machine learning, you may think your applications are fully protected. How do you know for sure that your… [...]

GobRAT Malware Attacking Linux Routers to Deploy Backdoor

29 May 2023

After an internet-exposed router is compromised, a loader script is deployed to deliver GobRAT, which disguises itself as the Apache daemon process (apached) to avoid being detected. The post GobRAT… [...]

What is Zero-Trust? – How Does It Protect Your Enterprise From Cyber Attacks?

29 May 2023

Traditional perimeter-based security measures must be upgraded in an increasingly interconnected digital ecosystem where the frequency and sophistication of cyber attacks are increasing. Enterprises face the burden of protecting sensitive… [...]

COSMICENERGY – New OT Malware Causes Electric Power Disruption

29 May 2023

COSMICENERGY is a unique tool developed by a contractor for power disruption exercises. This malware shows that developing offensive OT capabilities is becoming easier as attackers learn from previous attacks.… [...]

Hackers find new way to hack Discord admins via bookmarks and empty their crypto wallets

1 June 2023

This past month, a number of Discord groups that were centered on cryptocurrencies were compromised after the administrators of such communities were duped into executing malicious Javascript code that wasRead… [...]

478,000 RaidForums members data leaked to a new hacker forum

31 May 2023

A database that formerly belonged to the cybercrime platform known as RaidForums but has since been shut down has been exposed on a new hacker forum known as Exposed. TheRead… [...]

Hack infosec guys infected packet capture file exploiting flaws in the software Wireshark

26 May 2023

Wireshark is a network packet analyzer that is both open-source and free, and it is used by people all over the globe. When it comes to packet analysis, it mayRead… [...]

How to bypass Netflix password sharing ban?

25 May 2023

Sorry, password zealots, but Netflix now recommends you change your password after implementing some controversial new rules. The well-known streaming service has, for many years, made it possible for individualsRead… [...]

How chinese threat actors hacked into US critical infrastructures like nuclear plants

24 May 2023

Since at least the middle of 2021, a Chinese cyberespionage group known as Volt Typhoon has been targeting critical infrastructure companies throughout the United States, including Guam, according to Microsoft,Read… [...]

Free Screen Recording App for Android phones can empty your bank account

23 May 2023

A malicious Android remote access Trojan (RAT) was revealed to be hidden inside the iRecorder – Screen Recorder application, which was at one time considered to be a genuine AndroidRead… [...]

Scammer alert: This guy robbed 200,000 people via 10 million spoofed phone calls

22 May 2023

Tejay Fletcher, the brains of the infamous scam website iSpoof, was given a sentence of 13 years and 4 months in jail after being found guilty of his crimes. TheRead… [...]

Get hacked & blackmailed easily by buying a cheap Android-based TV, watch or smartphone

19 May 2023

Recent events have revealed the existence of a widespread cybercriminal group going by the name “Lemon Group,” which is responsible for the widespread distribution of malware on thousands of AndroidRead… [...]

Don’t trash your old Apple iPad, iWatch, Mac, iPhone, iPod this new sofwtare update is for you

19 May 2023

Apple has patched three newly discovered zero-day vulnerabilities that were being used in efforts to get into iOS devices including iPhones, iPads, and Macs. The vulnerabilities, which were recorded asRead… [...]

Programming using Visual Studio Code Marketplace Extensions? Your code could have a back door

17 May 2023

Visual Studio Code, more often known by its acronym VSCode, is a source code editor that was created by Microsoft and is available for free. It is a very effectiveRead… [...]

Ransomware shuts down 3 big manufacturing plants in France, Germany and Tunisia

16 May 2023

Lacroix develops and manufactures electronic equipment for the automotive, home automation, aerospace, industrial, and healthcare industries. Lacroix also creates and manufactures equipment for the administration of critical infrastructures. The corporationRead… [...]

Warning! WordPress Plugin ”Gravity Forms” Vulnerable to PHP Object Injection

31 May 2023

Researchers revealed that the largely used WordPress plugin ”Gravity Forms” is vulnerable to unauthenticated PHP Object Injection. The flaw was tracked as CVE-2023-28782 and affects all plugin versions from 2.73… [...]

MacOS Vulnerability Enables Hackers to Bypass SIP Root Restrictions

31 May 2023

Researchers discovered an Apple vulnerability that threat actors can use to deploy undeletable malware. In order to exploit CVE-2023-32369, hackers need to previously gain root privileges over the device. The… [...]

Warning: Lazarus Targets Windows IIS Web Servers For Initial Access

30 May 2023

The notorious Lazarus Group of North Korean state-sponsored threat actors is currently targeting vulnerable Windows Internet Information Services (IIS) web servers to obtain first access to business networks. Lazarus’ primary… [...]

RaidForums Members Data Leaked on New Hacking Forum

30 May 2023

Threat actors and security researchers now have access to a database for the notorious RaidForums hacking forums, giving them insight into the forum’s regulars. RaidForums was a very popular hacking… [...]

New Phishing Kit: File Archivers in the Browser

29 May 2023

A new phishing kit, “File Archivers in the Browser” abuses ZIP domains. The kit displays bogus WinRAR or Windows File Explorer windows in the browser. The goal is to convince… [...]

What Is ZTNA? Zero Trust Network Access Explained.

26 May 2023

In today’s fast-changing digital landscape, ensuring strong network security has become a top priority for companies of all sizes. Given the rise of remote work, cloud computing, and increasingly complex… [...]

CosmicEnergy: The New Russian-Linked Malware Targets Industrial System

26 May 2023

A new malware has been discovered in the wild by security researchers. Called CosmicEnergy, the malware is designed to disrupt industrial systems. Sources say that the Russian cybersecurity group Rostelecom-Solar… [...]

Buhti Ransomware: Blacktail’s Newest Operation Affects Multiple Countries

26 May 2023

A new ransomware operation emerges. Named “Buhti”, the operation uses the leaked code of the LockBit and Babuk ransomware families to target machines running Windows and Linux. The group was… [...]

Heimdal®’s Threat Prevention Endpoint Wins ‘Cloud-Based Solution of the Year’ at the Network Computing Awards 2023

26 May 2023

In an era where cyber threats continue to evolve and grow in complexity, Heimdal has once again risen to the occasion and emerged as a leading force in the industry.… [...]

Apria Loses Financial Data of Nearly Two Million Customers Due to Cyberattack

24 May 2023

Threat actors breached Apria`s Healthcare LLC system and stole the credit card data of 1,869,598 patients and employees. Apria is one of the top US home medical equipment delivery and… [...]

Breach Alert! Rheinmetall AG Confirms Being Hit by BlackBasta Ransomware Attack

24 May 2023

Rheinmetall AG announced they suffered a data breach after being a target of a BlackBasta ransomware attack. On May 20th, 2023, the threat group leaked samples of the stolen data… [...]

Almost 300k People Affected by Ransomware Attack on Dish Network

23 May 2023

Dish Network reported a data breach subsequent to the ransomware attack in February and started the process of notifying the affected parties. The broadcast company went offline on February 24,… [...]

The Royal Gang Is Developing Its Own Malware Loader

23 May 2023

It has been reported that the Royal ransomware group is enhancing its arsenal with new malware. This group is said to have surfaced following the dismantling of the notorious Conti… [...]

IAM-Driven Biometrics: The Security Issues with Biometric Identity and Access Management

23 May 2023

The increase of cybersecurity incidents brings along a higher demand for enhanced security protections. Thus, in the attempt of preventing unauthorized third parties from accessing their accounts and sensitive data,… [...]

Privileged Access Management (PAM) Best Practices

23 May 2023

Privileged access management, PAM in short, is a crucial set of tools and technologies allowing organizations to maintain steadfast control and monitorization over the access to critical information and resources, as… [...]

RaidForums - 478,604 breached accounts

31 May 2023

In May 2023, 478k user records from the now defunct hacking forum known as "RaidForums" was posted to another hacking forum. The data dated back to September 2020 and included… [...]

Polish Credentials - 1,204,870 breached accounts

30 May 2023

In May 2023, a credential stuffing list of 6.3M Polish email address and password pairs appeared on a local forum. Likely obtained by malware running on victims' machines, each record… [...]

Luxottica - 77,093,812 breached accounts

19 May 2023

In March 2021, the world's largest eyewear company Luxoticca suffered a data breach via one of their partners that exposed the personal information of more than 70M people. The data… [...]

RentoMojo - 2,185,697 breached accounts

10 May 2023

In April 2023, the Indian rental service RentoMojo suffered a data breach. The breach exposed over 2M unique email addresses along with names, phone, passport and Aadhaar numbers, genders, dates… [...]

MEO - 8,227 breached accounts

24 April 2023

In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered. Dating back to December 2020, the data contained over 8k customer… [...]

Terravision - 2,075,625 breached accounts

23 April 2023

In February 2023, the European airport transfers service Terravision suffered a data breach. The breach exposed over 2M records of customer data including names, phone numbers, email addresses, salted password… [...]

OGUsers (2022 breach) - 529,020 breached accounts

14 April 2023

In July 2022, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fifth since December 2018. The breach contained usernames, email and IP addresses and passwords… [...]

The Kodi Foundation - 400,635 breached accounts

13 April 2023

In February 2023, The Kodi Foundation suffered a data breach that exposed more than 400k user records. Attributed to an account belonging to "a trusted but currently inactive member of… [...]

Sundry Files - 274,461 breached accounts

31 March 2023

In January 2022, the now defunct file upload service Sundry Files suffered a data breach that exposed 274k unique email addresses. The data also included usernames, IP addresses and passwords… [...]

Leaked Reality - 114,907 breached accounts

31 March 2023

In January 2022, the now defunct uncensored video website Leaked Reality suffered a data breach that exposed 115k unique email addresses. The data also included usernames, IP addresses and passwords… [...]

TheGradCafe - 310,975 breached accounts

24 March 2023

In February 2023, the grad school admissions search website TheGradCafe suffered a data breach that disclosed the personal records of 310k users. The data included email addresses, names and usernames,… [...]

Shopper+ - 878,290 breached accounts

11 March 2023

In March 2023, "Canada's online shopping mall" Shopper+ disclosed a data breach discovered on a public hacking forum. The breach dated back to September 2020 and included 878k customer records… [...]

HDB Financial Services - 1,658,750 breached accounts

11 March 2023

In March 2023, the Indian non-bank lending unit HDB Financial Services suffered a data breach that disclosed over 70M customer records. Containing 1.6M unique email addresses, the breach also disclosed… [...]

Eye4Fraud - 16,000,591 breached accounts

6 March 2023

In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale on a popular hacking forum. Spanning tens of millions of rows… [...]

iD Tech - 415,121 breached accounts

6 March 2023

In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular hacking forum. The data included 415k unique email addresses, names, dates… [...]

LBB - 39,288 breached accounts

5 March 2023

In August 2022, customer data of the Indian shopping site "LBB" (Little Black Book) was posted to a popular hacking forum. The data contained over 3M records with 39k unique… [...]

GunAuction.com - 565,470 breached accounts

2 March 2023

In December 2022, the online firearms auction website GunAuction.com suffered a data breach which was later discovered left unprotected on the hacker's server. The data included over 565k user records… [...]

Convex - 150,129 breached accounts

26 February 2023

In February 2023, the Russian telecommunications provider Convex was hacked by "Anonymous" who subsequently released 128GB of data publicly, alleging it revealed illegal government surveillance. The leaked data contained 150k… [...]

RealDudesInc - 101,543 breached accounts

19 February 2023

In October 2022, the GTA mod menu provider RealDudesInc suffered a data breach that exposed over 100k email addresses (many of which are temporary guest account addresses). The breach also… [...]

Weee - 1,117,405 breached accounts

8 February 2023

In February 2023, data belonging to the Asian and Hispanic food delivery service Weee appeared on a popular hacking forum. Dating back to mid-2022, the data included 1.1M unique email… [...]

Ultimate FreeBSD sysctl tunables & security hardening

Please Donate to support my work and website! Thank you!

Share on:

Leave a Reply Cancel reply