Read Time:5 Second
An unidentified threat actor has attempted to develop ransomware targeting macOS devices, posing as LockBit
Daily Archives: October 25, 2024
python-single-version-1.6.0-1.fc40
Read Time:6 Second
FEDORA-2024-e82145eb25
Packages in this update:
python-single-version-1.6.0-1.fc40
Update description:
Initial import
SEC Consult SA-20241024-0 :: Unauthenticated Path Traversal Vulnerability in Lawo AG – vsm LTC Time Sync (vTimeSync) (CVE-2024-6049)
Read Time:17 Second
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Oct 24
SEC Consult Vulnerability Lab Security Advisory < 20241024-0 >
=======================================================================
title: Unauthenticated Path Traversal Vulnerability
product: Lawo AG – vsm LTC Time Sync (vTimeSync)
vulnerable version: <4.5.6.0
fixed version: 4.5.6.0
CVE number: CVE-2024-6049
impact: high
homepage:…
[RESEARCH] DTLS ‘ClientHello’ Race Conditions in WebRTC Implementations
Read Time:19 Second
Posted by Sandro Gauci via Fulldisclosure on Oct 24
Dear Full Disclosure community,
We’ve released a white paper detailing a critical vulnerability affecting multiple WebRTC implementations: “DTLS
‘ClientHello’ Race Conditions in WebRTC Implementations”.
White paper: https://www.enablesecurity.com/research/webrtc-hello-race-conditions-paper.pdf
Key points:
1. Vulnerability: Failure to properly verify the origin of DTLS “ClientHello” messages in WebRTC…
Adversary3 updated with 700 malware and C2 panel vulnerabilities
Read Time:10 Second
Posted by malvuln on Oct 24
Adversary3 malware vulnerability intel tool for third-party attackers
living off malware (LOM), updated with 700 malware and C2 panel
vulnerabilities
https://github.com/malvuln/Adversary3
Thanks,
malvuln