Author: Joe-W

0

CISA gets new No. 2: Madhu Gottumukkala  – CyberScoop

The Cybersecurity and Infrastructure Security Agency will soon have a new second-in-command. Madhu Gottumukkala has been named deputy director. He comes over to CISA from his prior position in the South Dakota government, where Kristi Noem was most recently governor before taking over as secretary of the Department of Homeland Security. Gottumukkala had been commissioner of the Bureau of Information...

0

VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025  – CyberScoop

Attackers exploited nearly a third of vulnerabilities within a day of CVE disclosure in the first quarter of 2025, VulnCheck said in a report released Thursday. The company, which focuses on vulnerability threat intelligence, identified 159 actively exploited vulnerabilities from 50 sources during the quarter. The time from CVE disclosure to evidence of exploitation in the first quarter was marginally...

0

AI speeds up analysis work for humans, two federal cyber officials say  – CyberScoop

Two federal cybersecurity officials said Thursday that they’re using — or contemplating using — artificial intelligence to conduct tasks that speed up the work of human analysts. AI is an important current and future contributor to a variety of security-related administrative jobs like accreditation and compliance, and for the Department of the Air Force as it undertakes modernization efforts, said...

0

Judge tosses citizenship provisions in Trump elections order  – CyberScoop

A federal court partially blocked a Trump administration executive order Thursday that seeks to impose requirements on states to use the White House’s definition of “documentary proof” of citizenship, inhibit mail voting and other election-related elements by threatening to withhold federal funding.  The order was subject to multiple lawsuits from Democratic Party organizations as well as civic groups like the...

0

CISA Releases Seven Industrial Control Systems Advisories  – All CISA Advisories

CISA released seven Industrial Control Systems (ICS) advisories on April 24, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-25-114-01 Schneider Electric Modicon Controllers ICSA-25-114-02 ALBEDO Telecom Net.Time – PTP/NTP Clock ICSA-25-114-03 Vestel AC Charger ICSA-25-114-04 Nice Linear eMerge E3 ICSA-25-114-05 Johnson Controls ICU ICSA-25-114-06 Planet Technology Network Products  ICSA-24-338-05 Fuji Electric Monitouch...

0

Vestel AC Charger  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Vestel Equipment: AC Charger Vulnerability: Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker access to sensitive information, such as credentials which could subsequently enable them to cause a denial of service or...

0

Planet Technology Network Products  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Planet Technology Equipment: Planet Technology Network Products Vulnerabilities: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’), Use of Hard-coded Credentials, Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to read or manipulate...

0

Nice Linear eMerge E3  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Nice Equipment: Linear eMerge E3 Vulnerability: Improper Neutralization of Special Elements used in an OS Command (‘OS Command Injection’) 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary OS commands. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of...

0

Johnson Controls ICU  – All CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Johnson Controls Inc. Equipment: ICU Vulnerability: Stack-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS Johnson Controls reports the following versions of ICU are affected: ICU: Versions prior to 6.9.5...

0

Lazarus Hits 6 South Korean Firms via Cross EX, Innorix Zero-Day and ThreatNeedle Malware  – The Hacker News

At least six organizations in South Korea have been targeted by the prolific North Korea-linked Lazarus Group as part of a campaign dubbed Operation SyncHole. The activity targeted South Korea’s software, IT, financial, semiconductor manufacturing, and telecommunications industries, according to a report from Kaspersky published today. The earliest evidence of compromise was first detected in  – Read More  – The...

0

Deep and Dark Web Scavenging  – Da Vinci Cybersecurity: Leading Cyber Security Services in South Africa.

A Growing Threat and How Da Vinci helps Businesses Fight Back As businesses continue to digitise operations, sensitive data becomes increasingly vulnerable to exposure on hidden layers of the internet. Deep and dark web scavenging has emerged as a prominent tactic used by cybercriminals to exploit personal, corporate, and government data. While the deep web […] The post Deep and...

0

159 CVEs Exploited in Q1 2025 — 28.3% Within 24 Hours of Disclosure  – The Hacker News

As many as 159 CVE identifiers have been flagged as exploited in the wild in the first quarter of 2025, up from 151 in Q4 2024. “We continue to see vulnerabilities being exploited at a fast pace with 28.3% of vulnerabilities being exploited within 1-day of their CVE disclosure,” VulnCheck said in a report shared with The Hacker News. This...

0

Linux io_uring PoC Rootkit Bypasses System Call-Based Threat Detection Tools  – The Hacker News

Cybersecurity researchers have demonstrated a proof-of-concept (PoC) rootkit dubbed Curing that leverages a Linux asynchronous I/O mechanism called io_uring to bypass traditional system call monitoring. This causes a “major blind spot in Linux runtime security tools,” ARMO said. “This mechanism allows a user application to perform various actions without using system calls,” the company said in  – Read More  –...

0

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals  – The Hacker News

The threat actors behind the Darcula phishing-as-a-service (PhaaS) platform have released new updates to their cybercrime suite with generative artificial intelligence (GenAI) capabilities. “This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to deploy customized scams in minutes,” Netcraft said in a new report shared with The Hacker News. ”  – Read More  – The...

0

Critical Commvault Command Center Flaw Enables Attackers to Execute Code Remotely  – The Hacker News

A critical security flaw has been disclosed in the Commvault Command Center that could allow arbitrary code execution on affected installations. The vulnerability, tracked as CVE-2025-34028, carries a CVSS score of 9.0 out of a maximum of 10.0. “A critical security vulnerability has been identified in the Command Center installation, allowing remote attackers to execute arbitrary code without  – Read...

0

Automating Zero Trust in Healthcare: From Risk Scoring to Dynamic Policy Enforcement Without Network Redesign  – The Hacker News

The Evolving Healthcare Cybersecurity Landscape  Healthcare organizations face unprecedented cybersecurity challenges in 2025. With operational technology (OT) environments increasingly targeted and the convergence of IT and medical systems creating an expanded attack surface, traditional security approaches are proving inadequate. According to recent statistics, the healthcare sector  – Read More  – The Hacker News 

0

WhatsApp Adds Advanced Chat Privacy to Blocks Chat Exports and Auto-Downloads  – The Hacker News

WhatsApp has introduced an extra layer of privacy called Advanced Chat Privacy that allows users to block participants from sharing the contents of a conversation in traditional chats and groups. “This new setting available in both chats and groups helps prevent others from taking content outside of WhatsApp for when you may want extra privacy,” WhatsApp said in a statement....

0

APPLE-SA-04-16-2025-4 visionOS 2.4.1  – Full Disclosure

  Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-4 visionOS 2.4.1 visionOS 2.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122402. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: Apple Vision Pro Impact: Processing an audio stream in a maliciously...

0

HNS-2025-10 – HN Security Advisory – Local privilege escalation in Zyxel uOS  – Full Disclosure

  Posted by Marco Ivaldi on Apr 23 Hi, Please find attached a security advisory that describes some vulnerabilities we discovered in the Zyxel uOS Linux-based operating system. * Title: Local privilege escalation via Zyxel fermion-wrapper * Product: USG FLEX H Series * OS: Zyxel uOS V1.31 (and potentially earlier versions) * Author: Marco Ivaldi <marco.ivaldi () hnsecurity it> *...

0

APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1  – Full Disclosure

  Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-1 iOS 18.4.1 and iPadOS 18.4.1 iOS 18.4.1 and iPadOS 18.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122282. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: iPhone XS and later, iPad...

0

APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1  – Full Disclosure

  Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-2 macOS Sequoia 15.4.1 macOS Sequoia 15.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122400. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: macOS Sequoia Impact: Processing an audio stream in a...

0

APPLE-SA-04-16-2025-3 tvOS 18.4.1  – Full Disclosure

  Posted by Apple Product Security via Fulldisclosure on Apr 23 APPLE-SA-04-16-2025-3 tvOS 18.4.1 tvOS 18.4.1 addresses the following issues. Information about the security content is also available at https://support.apple.com/122401. Apple maintains a Security Releases page at https://support.apple.com/100100 which lists recent software updates with security advisories. CoreAudio Available for: Apple TV HD and Apple TV 4K (all models) Impact: Processing...

0

BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution  – Full Disclosure

  Posted by Housma mardini on Apr 23 Hi Full Disclosure, I’d like to share a local privilege escalation technique involving BBOT (Bighuge BLS OSINT Tool) when misconfigured with sudo access. — Exploit Title: BBOT 2.1.0 – Local Privilege Escalation via Malicious Module Execution Date: 2025-04-16 Exploit Author: Huseyin Mardinli Vendor Homepage: https://github.com/blacklanternsecurity/bbot Version: 2.1.0.4939rc (tested) Tested on: Kali Linux...

0

XSS via SVG Image Upload – AlegroCartv1.2.9  – Full Disclosure

  Posted by Andrey Stoykov on Apr 23 # Exploit Title: XSS via SVG Image Upload – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ XSS via SVG Image Upload: Steps to Reproduce: 1. Visit http://192.168.58.129/alegrocart/administrator/?controller=download 2. Upload SVG image file with the contents below 3. Intercept the...

0

Stored XSS in “Message” Functionality – AlegroCartv1.2.9  – Full Disclosure

  Posted by Andrey Stoykov on Apr 23 # Exploit Title: Stored XSS in “Message” Functionality – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Stored XSS #1: Steps to Reproduce: 1. Login as demonstrator account and visit “Customers” > “Newsletter” 2. In “Message” use the following XSS...

0

Business Logic Flaw: Price Manipulation – AlegroCartv1.2.9  – Full Disclosure

  Posted by Andrey Stoykov on Apr 23 # Exploit Title: Business Logic Flaw: Price Manipulation – alegrocartv1.2.9 # Date: 04/2025 # Exploit Author: Andrey Stoykov # Version: 1.2.9 # Tested on: Debian 12 # Blog: https://msecureltd.blogspot.com/ Business Logic Flaw: Price Manipulation #1: Steps to Reproduce: 1. Visit the store and add a product 2. Intercept the HTTP GET request...

0

Smashing Security podcast #414: Zoom.. just one click and your data goes boom!  – Graham Cluley

Graham explores how the Elusive Comet cybercrime gang are using a sneaky trick of stealing your cryptocurrency via an innocent-appearing Zoom call, and Carole goes under the covers to explore the extraordinary lengths bio-hacking millionaire Bryan Johnson is attempting to extend his life. All this and more is discussed in the latest edition of the award-winning “Smashing Security” podcast by...

0

Attackers hit security device defects hard in 2024  – CyberScoop

Attackers are having a field day with software defects in security devices, according to a new report released Wednesday by Mandiant  Exploits were the most common initial infection vector, representing 1 of every 3 attacks in 2024, and the four most frequently exploited vulnerabilities were all contained in edge devices, such as VPNs, firewalls and routers, Mandiant said in its...

0

DOGE Worker’s Code Supports NLRB Whistleblower  – Krebs on Security

A whistleblower at the National Labor Relations Board (NLRB) alleged last week that denizens of Elon Musk’s Department of Government Efficiency (DOGE) siphoned gigabytes of data from the agency’s sensitive case files in early March. The whistleblower said accounts created for DOGE at the NLRB downloaded three code repositories from GitHub. Further investigation into one of those code bundles shows...

0

DPRK Hackers Steal $137M from TRON Users in Single-Day Phishing Attack  – The Hacker News

Multiple threat activity clusters with ties to North Korea (aka Democratic People’s Republic of Korea or DPRK) have been linked to attacks targeting organizations and individuals in the Web3 and cryptocurrency space. “The focus on Web3 and cryptocurrency appears to be primarily financially motivated due to the heavy sanctions that have been placed on North Korea,” Google-owned Mandiant said in ...

0

10 key numbers from the 2024 FBI IC3 report  – CyberScoop

It looks like 2024 was a record year in cybercrime for all the wrong reasons, according to the FBI’s annual Internet Crime Complaint Center (IC3) report released Wednesday.  As cyber-enabled fraud and ransomware continue to harm individuals, businesses, and critical infrastructure, the report, now in its 25th year, provides crucial insight into evolving criminal tactics and their nationwide impact. The...

AttackFeed by Joe Wagner
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.