Author name: Biswajit Pradhan

SEW-EURODRIVE MOVITOOLS MotionStudio | CISA

Vulnerability / / Leave a Comment

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: SEW-EURODRIVE Equipment: MOVITOOLS MotionStudio Vulnerability: Improper Restriction of XML EXTERNAL Entity Reference 2. RISK EVALUATION Successful exploitation of this vulnerability could result in open access to file information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of MOVITOOLS MotionStudio are affected: […]

SEW-EURODRIVE MOVITOOLS MotionStudio | CISA Read More »

CISA Adds One Known Exploited Vulnerability to Catalog

Vulnerability / / Leave a Comment

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited

CISA Adds One Known Exploited Vulnerability to Catalog Read More »

Known Indicators of Compromise Associated with Androxgh0st Malware

Vulnerability / / Leave a Comment

SUMMARY The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with threat actors deploying Androxgh0st malware. Multiple, ongoing investigations and trusted third party reporting yielded the IOCs and TTPs,

Known Indicators of Compromise Associated with Androxgh0st Malware Read More »

Integration Objects OPC UA Server Toolkit

Vulnerability / / Leave a Comment

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Integration Objects Equipment: OPC UA Server Toolkit Vulnerability: Improper Output Neutralization for Logs 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a remote attacker to add content to the log file. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following

Integration Objects OPC UA Server Toolkit Read More »

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks

Vulnerability / / Leave a Comment

Security researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks. These appliances are affected by two DoS security flaws tracked as CVE-2022-22274 and CVE-2023-0656, the former also allowing attackers to gain remote code execution. “Using BinaryEdge source

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks Read More »

Microsoft working on a fix for Windows 10 0x80070643 errors

Vulnerability / / Leave a Comment

Microsoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability. While the security issue was resolved during this month’s Patch Tuesday, deploying KB5034441 on systems with a Windows Recovery Environment (WinRE) partition that’s too small will fail and mistakenly show generic ‘0x80070643

Microsoft working on a fix for Windows 10 0x80070643 errors Read More »

Ivanti Connect Secure zero-days now under mass exploitation

Vulnerability / / Leave a Comment

Two zero-day vulnerabilities affecting Ivanti’s Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. As discovered by threat intelligence company Volexity, which also first spotted the zero-days being used in attacks since December, multiple threat groups chain the CVE-2023-46805 authentication bypass and the CVE-2024-21887 command injection vulnerabilities in

Ivanti Connect Secure zero-days now under mass exploitation Read More »

US court docs expose fake antivirus renewal phishing tactics

Vulnerability / / Leave a Comment

In a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. The now-executed seizure warrant was submitted by Special Agent Jollif of the United States Secret Service (USSS) to recover funds stolen in a fake Norton subscription renewal email that led to the

US court docs expose fake antivirus renewal phishing tactics Read More »

Windows Copilot autostart tests limited to 27″ displays or larger

Vulnerability / / Leave a Comment

Microsoft says that tests of a controversial new Windows 11 feature that automatically opens the AI-powered Copilot assistant after Windows starts are limited to systems with 27-inch displays. For now, the option also requires enrolling in the company’s Windows Insider program since the change is currently being tested in the Windows 11 Insider Preview Build

Windows Copilot autostart tests limited to 27″ displays or larger Read More »

Windows SmartScreen flaw exploited to drop Phemedrone malware

Vulnerability / / Leave a Comment

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. Phemedrone is a new open-source info-stealer malware that harvests data stored in web browsers, cryptocurrency wallets, and software like Discord, Steam, and Telegram. This data is then sent back to the attackers to be

Windows SmartScreen flaw exploited to drop Phemedrone malware Read More »

Scroll to Top