Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
New DroidBot Android banking malware spreads across Europe
Description: A new Android banking malware named 'DroidBot' attempts to steal credentials for over 77 cryptocurrency exchanges and banking apps in the UK, Italy, France, Spain, and Portugal. [...]
Source: BleepingComputer
December 4th, 2024 (6 months ago)
Russian hackers hijack Pakistani hackers' servers for their own attacks
Description: The notorious Russian cyber-espionage group Turla is hacking other hackers, hijacking the Pakistani threat actor Storm-0156's infrastructure to launch their own covert attacks on already compromised networks. [...]
Source: BleepingComputer
December 4th, 2024 (6 months ago)
CISA Adds One Known Exploited Vulnerability to Catalog
Description: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-51378 CyberPanel Incorrect Default Permissions Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.
Source: All CISA Advisories
December 4th, 2024 (6 months ago)
[github.com/cli/cli/v2] Downloading malicious GitHub Actions workflow artifact results in path traversal vulnerability
Description: Summary A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through gh run download. Details This vulnerability stems from a GitHub Actions workflow artifact named .. when downloaded using gh run download. The artifact name and --dir flag are used to determine the artifact’s download path. When the artifact is named .., the resulting files within the artifact are extracted exactly 1 directory higher than the specified --dir flag value. In 2.63.1, gh run download will not download artifacts named .. and . and instead exit with the following error message: error downloading ..: would result in path traversal Impact Successful exploitation heightens the risk of local path traversal attack vectors exactly 1 directory higher than intended. Remediation and Mitigation Upgrade gh to 2.63.1 Implement additional validation to ensure artifact filenames do not contain potentially dangerous patterns, such as .., to prevent path traversal risks. References https://github.com/cli/cli/security/advisories/GHSA-2m9h-r57g-45pj https://github.com/cli/cli/commit/1136764c369aaf0cae4ec2ee09dc35d871076932 https://github.com/advisories/GHSA-2m9h-r57g-45pj
Source: Github Advisory Database (Go)
December 4th, 2024 (6 months ago)
Six password takeaways from the updated NIST cybersecurity framework
Description: Updated NIST guidelines reject outdated password security practices in favor of more effective protections. Learn from Specops Software about 6 takeaways from NIST's new guidance that help create strong password policies. [...]
Source: BleepingComputer
December 4th, 2024 (6 months ago)
Japan warns of IO-Data zero-day router flaws exploited in attacks
Description: Japan's CERT is warning that hackers are exploiting zero-day vulnerabilities in I-O Data router devices to modify device settings, execute commands, or even turn off the firewall. [...]
Source: BleepingComputer
December 4th, 2024 (6 months ago)
Navigating the Changing Landscape of Cybersecurity Regulations
Description: The evolving regulatory environment presents both challenges and opportunities for businesses.
Source: Dark Reading
December 4th, 2024 (6 months ago)
Digital Certificates With Shorter Lifespans Reduce Security Vulnerabilities
Description: Proposals from Google and Apple drastically reduce the life cycle of certificates, which should mean more oversight — and hopefully better control.
Source: Dark Reading
December 4th, 2024 (6 months ago)
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments
Description: Are you using the cloud or thinking about transitioning? Undoubtedly, multi-cloud and hybrid environments offer numerous benefits for organizations. However, the cloud's flexibility, scalability, and efficiency come with significant risk — an expanded attack surface. The decentralization that comes with utilizing multi-cloud environments can also lead to limited visibility into user activity and
Source: TheHackerNews
December 4th, 2024 (6 months ago)
Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown
Description: Europol on Tuesday announced the takedown of an invite-only encrypted messaging service called MATRIX that's created by criminals for criminal purposes. The joint operation, conducted by French and Dutch authorities under the moniker Passionflower, comes in the aftermath of an investigation that was launched in 2021 after the messaging service was discovered on the phone of a criminal convicted
Source: TheHackerNews
December 4th, 2024 (6 months ago)