CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

Description: Come learn how to pry government records from the new Trump administration.
Source: 404 Media
January 13th, 2025 (6 months ago)
Description: Apple recently addressed a macOS vulnerability that allows attackers to bypass System Integrity Protection (SIP) and install malicious kernel drivers by loading third-party kernel extensions. [...]
Source: BleepingComputer
January 13th, 2025 (6 months ago)
Description: Dread Pirate Roberts, of the original Silk Road, makes a post about "Why Claims are dangerous to believe."
Source: DarkWebInformer
January 13th, 2025 (6 months ago)
Source: TheRegister
January 13th, 2025 (6 months ago)
Description: A Threat Actor Claims to be Selling Data of Insurgentes University
Source: DarkWebInformer
January 13th, 2025 (6 months ago)
Description: Threat actors are targeting people searching for pirated or cracked software with fake downloaders that include infostealing malware such as Lumma and Vidar.
Source: Dark Reading
January 13th, 2025 (6 months ago)
Description: New insights into the Gravy Analytics data breach reveal the vast extent of the company’s location-tracking operations and the potential for user de-anonymization. The leaked data, part of a 10 TB dataset, exposes the granular details of individuals’ movements and raises fresh concerns about the security and ethics of location data collection. Looking into the … The post Leaked Gravy Analytics Data Expose Scale of Location Tracking appeared first on CyberInsider.
Source: CyberInsider
January 13th, 2025 (6 months ago)
Description: Summary The issue was identified during Quarkslab's security audit on the Certificate Revocation List (CRL) based revocation check feature. After retrieving the CRL, notation-go attempts to update the CRL cache using the os.Rename method. However, this operation may fail due to operating system-specific limitations, particularly when the source and destination paths are on different mount points. This failure could lead to an unexpected program termination. Details In method crl.(*FileCache).Set, a temporary file is created in the OS dedicated area (like /tmp for, usually, Linux/Unix). The file is written and then it is tried to move it to the dedicated notation cache directory thanks os.Rename. As specified in Go documentation, OS specific restriction may apply. When used with Linux OS, it is relying on rename syscall from the libc and as per the documentation, moving a file to a different mountpoint raises an EXDEV error, interpreted as Cross device link not permitted error. Some Linux distribution, like RedHat use a dedicated filesystem (tmpfs), mounted on a specific mountpoint (usually /tmp) for temporary files. When using such OS, revocation check based on CRL will repeatedly crash notation. PoC Ensure that the temporary file storage area (e.g., /tmp) is mounted on a different mount point than the user's 'notation' cache directory. Either disable the Online Certificate Status Protocol (OCSP) revocation check, or utilize certificates that exclusively support Certific...
Source: Github Advisory Database (Go)
January 13th, 2025 (6 months ago)
Description: This issue was identified during Quarkslab's audit of the timestamp feature. Summary During the timestamp signature generation, the revocation status of the certificate(s) used to generate the timestamp signature was not verified. Details During timestamp signature generation, notation-go did not check the revocation status of the certificate chain used by the TSA. This oversight creates a vulnerability that could be exploited through a Man-in-The-Middle attack. An attacker could potentially use a compromised, intermediate, or revoked leaf certificate to generate a malicious countersignature, which would then be accepted and stored by notation. Impact This could lead to denial of service scenarios, particularly in CI/CD environments during signature verification processes because timestamp signature would fail due to the presence of a revoked certificate(s) potentially disrupting operations. References https://github.com/notaryproject/notation-go/security/advisories/GHSA-45v3-38pc-874v https://github.com/notaryproject/notation-go/commit/e99be1954a15673020150c5f8800b8174cd7428d https://github.com/advisories/GHSA-45v3-38pc-874v
Source: Github Advisory Database (Go)
January 13th, 2025 (6 months ago)
Description: DEFACER KAMPUNG Targeted the Website of HARDZON
Source: DarkWebInformer
January 13th, 2025 (6 months ago)