[SYSS-2022-043]: Verbatim Store ‘n’ Go Secure Portable SSD – Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384)
Posted by Matthias Deeg on Oct 08 Advisory ID: SYSS-2022-043 Product: Store 'n' Go Secure Portable SSD Manufacturer: Verbatim Affected Version(s): #53402 (GDMSLK02 C-INIC3637-V1.1) Tested...
llhttp-6.0.10-1.fc37
FEDORA-2022-9e7f967d20 Packages in this update: llhttp-6.0.10-1.fc37 Update description: Update to v6.0.10 Disable chunked on obs (https://github.com/nodejs/llhttp/pull/196) https://github.com/nodejs/llhttp/compare/v6.0.9...v6.0.10 Read More
Maggie: New Backdoor Targeting Microsoft SQL Servers
FortiGuard Labs is aware of reports that a new backdoor called "Maggie" targets Microsoft SQL servers. Maggie connects to Command and Control (C2) servers for...
CISA Advisory on Vulnerabilities Actively Exploited By Threat Actors Supported by China
On October 6, 2022, the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Bureau of Investigation (FBI) released a joint advisory...
LilithBot Sold as Malware-as-a-Service (MaaS)
FortiGuard Labs is aware of a report that the LilithBot malware is being sold as Malware-as-a-Service (MaaS) by a group called "Eternity". LilithBot is a...
CISA Adds CVE-2022-36804 to the Known Exploited Vulnerabilities Catalog
FortiGuard Labs is aware that the Cybersecurity & Infrastructure Security Agency (CISA) recently added CVE-2022-36804 (Atlassian Bitbucket Server and Data Center Command Injection Vulnerability) to...
USN-5663-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could...
CVE-2021-40162
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the...
CVE-2021-40163
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing component. Read More
CVE-2021-40164
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary code. Read More