Security
Headlines
HeadlinesLatestCVEs

Latest News

Delinea Joins CVE Numbering Authority Program

DARKReading
#vulnerability#cisco#intel#auth#zero_day#ssl
Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said. "The attacker failed to install a

Intel Officials Warned Police That US Cities Aren’t Ready for Hostile Drones

In a previously unreported August memo, the Department of Homeland Security urged state and local police to conduct exercises to test their ability to respond to weaponized drones.

5 million payment card details stolen in painful reminder to monitor Christmas spending

An online repository of screenshots where victims filled out their payment card details online was publicly accessible.

Azure Data Factory Bugs Expose Cloud Infrastructure

Three vulnerabilities in the service's Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware.

Hackers Demand Ransom in Rhode Island Health System Data Breach

In a major cyberattack, the state of Rhode Island has fallen victim to a security breach potentially exposing the personal information of thousands of residents.

GHSA-5j33-cvvr-w245: Apache Tomcat Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write (non-default configuration). This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.

GHSA-653p-vg55-5652: Apache Tomcat Uncontrolled Resource Consumption vulnerability

Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97. Users are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue.

GHSA-hxr6-2p24-hf98: Traefik affected by CVE-2024-53259

There is a potential vulnerability in Traefik managing HTTP/3 connections. More details in the [CVE-2024-53259](https://nvd.nist.gov/vuln/detail/CVE-2024-53259). ## Patches - https://github.com/traefik/traefik/releases/tag/v2.11.15 - https://github.com/traefik/traefik/releases/tag/v3.2.2 ## Workarounds No workaround ## For more information If you have any questions or comments about this advisory, please [open an issue](https://github.com/traefik/traefik/issues).

GHSA-7gfc-8cq8-jh5f: Next.js authorization bypass vulnerability

### Impact If a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed for pages directly under the application's root directory. For example: * [Not affected] `https://example.com/` * [Affected] `https://example.com/foo` * [Not affected] `https://example.com/foo/bar` ### Patches This issue was patched in Next.js `14.2.15` and later. If your Next.js application is hosted on Vercel, this vulnerability has been automatically mitigated, regardless of Next.js version. ### Workarounds There are no official workarounds for this vulnerability. #### Credits We'd like to thank [tyage](http://github.com/tyage) (GMO CyberSecurity by IERAE) for responsible disclosure of this issue.