NAME__________Advantech WebAccss/SCADA code executionPlatforms Affected:Advantech WebAccess/SCADA 9.1.3Risk Level:7.2Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Advantech WebAccss/SCADA could allow a remote attacker to upload arbitrary files,...
NAME__________Splunk Enterprise and Splunk Cloud Platform information disclosurePlatforms Affected:Splunk Splunk Enterprise 9.0.4 Splunk Splunk Enterprise 8.2.10 Splunk Splunk Enterprise 8.1.13...
NAME__________Splunk Enterprise and Splunk Cloud Platform information disclosurePlatforms Affected:Splunk Splunk Enterprise 9.0.4 Splunk Splunk Enterprise 8.2.10 Splunk Splunk Enterprise 8.1.13...
NAME__________ToolJet cross-site scriptingPlatforms Affected:ToolJet ToolJet 1.11.0Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________ToolJet is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
NAME__________Splunk App for Lookup File Editing cross-site scriptingPlatforms Affected:Splunk App for Lookup File Editing 4.0.0Risk Level:4.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Splunk App for...
NAME__________Splunk App for Stream privilege escalationPlatforms Affected:Splunk App for Stream 8.1.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Splunk App for Stream could allow a...
NAME__________Splunk Enterprise Splunk Enterprise and Splunk Cloud Platform security bypassPlatforms Affected:Splunk Splunk Enterprise 9.0.4 Splunk Splunk Enterprise 8.2.10 Splunk Splunk...
It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks....
State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think...
Leading snowboard maker Burton Snowboards confirmed notified customers of a data breach after some of their sensitive information was "potentially"...
Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or...
Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay...
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 25, 2023. This...
CISA and Partners Release Cybersecurity Advisory Guidance detailing PRC state-sponsored actors evading detection by “Living off the Land” Today, CISA...
CISA and Partners Update the #StopRansomware Guide, Developed through the Joint Ransomware Task Force (JRTF) Today, CISA, the Federal Bureau...
CISA Warns of Hurricane/Typhoon-Related Scams CISA urges users to remain on alert for malicious cyber activity following a natural disaster...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Progress Software Releases Security Advisory for MOVEit Transfer Progress Software has released a security advisory(link is external) for a SQL injection...
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 30, 2023. These...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on June 1, 2023. These...
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
