August 2023 - Page 90 of 93 - Cyber Security News

Unauthorized MFA Code Delivery in EmpowerID

Posted by Patel, Nirav on Aug 01 Severity: High Description: An identified security flaw is present in EmpowerID versions V7.205.0.0 and prior versions, causing the...

August 1, 2023

Advisories

Pentest Paper – Introduction to Web Pentest

Posted by Andrey Stoykov on Aug 01 Just putting this for the new starters. It is in two languages, Bulgarian and English. https://drive.google.com/file/d/1mzYeratoSV82Oxaj_dYvu4fg7vSBuhE1/view https://drive.google.com/file/d/1b8obLloMnmQGI1gqAablzuTyKOFBRZjb/view Has...

August 1, 2023

Advisories

Stored XSS – Perch

Posted by Andrey Stoykov on Aug 01 # Exploit Title: # Date: 07/2023 # Exploit Author: Andrey Stoykov # Version: 3.2 # Tested on: Windows...

August 1, 2023

Advisories

ETSI WEBstore 2023 – Persistent Cross Site Scripting Web Vulnerability

Posted by info () vulnerability-lab com on Aug 01 Document Title: =============== ETSI WEBstore 2023 - Persistent Cross Site Scripting Web Vulnerability References (Source): ====================...

August 1, 2023

News

Novel Worm-Like Malware P2Pinfect Targets Redis Deployments

Cado Security said the malware acts as a botnet and is compatibille with both Windows and Linux Read More

August 1, 2023

News

Canon Inkjet Printers Expose Wi-Fi Threat

The printers retained various information after re-initialization, including SSIDs and passwords Read More

August 1, 2023

News

Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report

Published by Qualys, the document draws from anonymized global cloud scans conducted in April 2023 Read More

August 1, 2023

News

New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts

Unit 42 researchers detail a campaign that aimed to instal an infostealer variant capable of taking over Facebook business accounts Read More

August 1, 2023

Advisories

CVE-2022-39986 (raspap)

A Command injection vulnerability in RaspAP 2.8.0 thru 2.8.7 allows unauthenticated attackers to execute arbitrary commands via the cfg_id parameter in /ajax/openvpn/activate_ovpncfg.php and /ajax/openvpn/del_ovpncfg.php. Read...

August 1, 2023

Advisories

chromium-115.0.5790.110-1.fc38

FEDORA-2023-95d73a5f50 Packages in this update: chromium-115.0.5790.110-1.fc38 Update description: update to 115.0.5790.110. Fixes the following security issue: CVE-2022-4908 CVE-2022-4909 CVE-2022-4910 CVE-2022-4908 CVE-2022-4909 CVE-2022-4910 CVE-2022-4906 CVE-2022-4907 CVE-2022-4906...

August 1, 2023

This Windows PowerShell Phish Has Scary Potential

Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data

FBI Shuts Down Chinese Botnet

Western Agencies Warn Risk from Chinese-Controlled Botnet

8000 Claimants Sue Outsourcing Giant Capita Over 2023 Data Breach

FCC $200m Cyber Grant Pilot Opens Applications for Schools and Libraries

Cryptojacking Gang TeamTNT Makes a Comeback

Insecure APIs and Bot Attacks Cost Global Firms $186bn

Smashing Security podcast #385: TFL security derailed, and is Trump the king of crypto?

Month: August 2023

Unauthorized MFA Code Delivery in EmpowerID

Pentest Paper – Introduction to Web Pentest

Stored XSS – Perch

ETSI WEBstore 2023 – Persistent Cross Site Scripting Web Vulnerability

Novel Worm-Like Malware P2Pinfect Targets Redis Deployments

Canon Inkjet Printers Expose Wi-Fi Threat

Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report

New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts

CVE-2022-39986 (raspap)

chromium-115.0.5790.110-1.fc38