Mandiant’s new solution allows exposure hunting for a proactive defense
Google-owned cybersecurity provider Mandiant has launched Mandiant Proactive Exposure Management offering, a suite of products and services to help organizations focus on “attackable exposures” rather...
UK Education Sector Suffered Most from Ransomware in 2022
British schools were hit far more than those abroad Read More
Five Arrests in Crackdown on $98m Investment Fraud Gang
Police estimate the victim count exceeds 30,000 Read More
Volume of Opaque Breach Notices Surges in Q1
Non-profit calls for more actionable information for victims Read More
ZDI-23-443: Schneider Electric APC Easy UPS Online SocketService Missing Authentication Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to...
ZDI-23-444: Schneider Electric APC Easy UPS Online updateManagerPassword Exposed Dangerous Function Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit this...
ZDI-23-445: Schneider Electric APC Easy UPS Online getMacAddressByIP Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric APC Easy UPS Online. Authentication is not required to exploit...
ZDI-23-446: (Pwn2Own) Sonos One Speaker libsmb2 Integer Overflow Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-447: (Pwn2Own) Sonos One Speaker libsmb2 Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...
ZDI-23-448: (Pwn2Own) Sonos One Speaker msprox Endpoint Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker. Authentication is not required to exploit this vulnerability. Read...