Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
[pgp] rPGP Potential Resource Exhaustion when handling Untrusted Messages
Description: During a security audit, Radically Open Security discovered two vulnerabilities which allow attackers to trigger resource exhaustion vulnerabilities in rpgp by providing crafted messages. This affects general message parsing and decryption with symmetric keys. Impact Affected rpgp versions do not correctly set upper limits on the total reserved amount of memory when parsing long sequences of partial OpenPGP packets, which can grow to to several GiB in size. Additionally, up to 4GiB of memory is reserved for OpenPGP packets of fixed size with large length fields, even if less data is received. Depending on existing message size restrictions and available system resources, this can cause out-of-memory conditions and crash the rpgp process or cause other system instability through memory resource exhaustion when parsing crafted messages. Affected rpgp versions are susceptible to excessive memory allocation with values of up to 2TiB or long processing times for some decryption operations which involve the Argon2 function. An attacker can provide a valid Symmetric Key Encrypted Session Key packet (SKESK) which uses Argon2 for String-to-Key hashing with parameters that are excessive, but within specification limits of the RFC9580 OpenPGP standard. Since rpgp did not further restrict the Argon2 parameters, this can cause out-of-memory conditions and crash the rpgp process. Under some conditions, the memory resource exhaustion may trigger other system instability. Alternatively...
Source: Github Advisory Database (Rust)
December 5th, 2024 (5 months ago)
Police shuts down Manson cybercrime market, arrests key suspects
Description: German law enforcement has seized over 50 servers that hosted the Manson Market cybercrime marketplace and fake online shops used in phishing operations. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
New Android spyware found on phone seized by Russian FSB
Description: After a Russian programmer was detained by Russia's Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges
Description: As many as 77 banking institutions, cryptocurrency exchanges, and national organizations have become the target of a newly discovered Android remote access trojan (RAT) called DroidBot. "DroidBot is a modern RAT that combines hidden VNC and overlay attack techniques with spyware-like capabilities, such as keylogging and user interface monitoring," Cleafy researchers Simone Mattia, Alessandro
Source: TheHackerNews
December 5th, 2024 (5 months ago)
'Earth Minotaur' Exploits WeChat Bugs, Sends Spyware to Uyghurs
Description: The emerging threat actor, potentially a Chinese state-sponsored APT, is using the known exploit kit Moonshine in cross-platform attacks that deliver a previously undisclosed backdoor called "DarkNimbus" to ethnic minorities, including Tibetans.
Source: Dark Reading
December 5th, 2024 (5 months ago)
Mitel MiCollab zero-day flaw gets proof-of-concept exploit
Description: Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
Latrodectus malware and how to defend against it with Wazuh
Description: Latrodectus is a versatile malware family that infiltrate systems, steal sensitive data, and evades detection. Learn more from Wazuh about Latrodectus malware and how to defend against it using the open-source XDR. [...]
Source: BleepingComputer
December 5th, 2024 (5 months ago)
Vulnerability Management Challenges in IoT & OT Environments
Description: By understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats.
Source: Dark Reading
December 5th, 2024 (5 months ago)
Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers
Description: Europol on Thursday announced the shutdown of a clearnet marketplace called Manson Market that facilitated online fraud on a large scale. The operation, led by German authorities, has resulted in the seizure of more than 50 servers associated with the service and the arrest of two suspects. More than 200 terabytes of digital evidence have been collected. Manson Market ("manson-market[.]pw") is
Source: TheHackerNews
December 5th, 2024 (5 months ago)
Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
Description: Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input
Source: TheHackerNews
December 5th, 2024 (5 months ago)