The default privileges for the running service Normand Message Buffer in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
Yearly Archives: 2022
CVE-2022-26239
The default privileges for the running service Normand License Manager in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows unprivileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
CVE-2022-26237
The default privileges for the running service Normand Viewer Service in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
CVE-2022-26235
A vulnerability was discovered in the Remisol Advance v2.0.12.1 and below for the Normand Message Server. On installation, the permissions set by Remisol Advance allow non-privileged users to overwrite and/or manipulate executables and libraries that run as the elevated SYSTEM user on Windows.
CVE-2022-22503
IBM Robotic Process Automation 21.0.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim’s click actions and possibly launch further attacks against the victim. IBM X-Force ID: 227125.
CVE-2021-40556
A stack overflow vulnerability exists in the httpd service in ASUS RT-AX56U Router Version 3.0.0.4.386.44266. This vulnerability is caused by the strcat function called by “caupload” input handle function allowing the user to enter 0xFFFF bytes into the stack. This vulnerability allows an attacker to execute commands remotely. The vulnerability requires authentication.
TransUnion taps behavioral analytics to aid fraud detection, curb false positives
Consumers who have used a credit card for a legitimate purchase only to have the sale rejected may be encountering a problem that costs enterprises billions of dollars a year: cybersecurity technology that is designed for fraud detection often ends up generating false positives, incorrectly sending out an alert that a transaction is suspicious.
To combat this problem, US-based consumer credit reporting agency TransUnion has launched TruValidate Device Risk with Behavioral Analytics, designed to reduce fraud while also eliminating false positives in financial transactions.
FBI and CISA Publish Advisory on Malicious Cyber Activity Against Election Infrastructure
Threat actors trying to compromise elections are unlikely to result in large-scale disruptions
Android Spyware ‘RatMilad’ Targets Enterprise Devices in Iran
The original RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me
Uber’s Former Security Chief Convicted of 2016 Data Breach Cover-Up
Joe Sullivan was charged two years ago with obstruction of justice and misprision