#auth

By Waqas Breach Forums, a notorious cybercrime hub, could be back online with the same domain even after the FBI seizure. Hackers claim to have regained access to the clear web domain, while the dark web version remains in a tug-of-war. This is a post from HackRead.com Read the original post: Breach Forums Admin ShinyHunters Claims Domain Reclaimed from FBI

By Uzair Amir Discover time-saving document merging strategies for professionals. Learn how to streamline workflows, enhance collaboration, and protect document integrity for increased productivity and peace of mind. This is a post from HackRead.com Read the original post: Efficient Document Merging Strategies for Professionals

## ID: NFLX-2024-002 ### Impact Authenticated users can achieve limited RCE in ConsoleMe, restricted to flag inputs on a single CLI command. Due to this constraint, it is not currently known whether full RCE is possible but it is unlikely. However, a specific flag allows authenticated users to read any server files accessible by the ConsoleMe process. Given ConsoleMe's role as an AWS identity broker, accessing files containing secrets on the server could potentially be exploited for privilege escalation. Deployments of ConsoleMe that allow templated resources are impacted and urged to patch immediately. Deployments that do not permit templated resources are not affected. To determine if your ConsoleMe deployment uses templated resources, check the configuration value for `cache_resource_templates.repositories`. If this value does not exist or is an empty array, your deployment is not impacted. ### Description The self-service flow for templated resources in ConsoleMe accepts a user...

By Deeba Ahmed Two MIT graduates arrested for allegedly stealing $25 million in Ethereum through a sophisticated blockchain manipulation scheme. The DOJ cracks down on cryptocurrency theft, highlighting its focus on emerging financial crimes. This is a post from HackRead.com Read the original post: MIT Graduate Brothers Arrested for $25 Million Ethereum Heist

Here’s a rundown of some things you may have missed if you weren’t able to stay on top of the things coming out of the conference.

By Deeba Ahmed Alerted by a recent discovery of employee personal GitHub repos exposing internal Azure and Red Hat secrets, this article dives into the dangers of Shadow IT and offers solutions to prevent cloud credential leaks and secure your cloud environment. This is a post from HackRead.com Read the original post: Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets

By Deeba Ahmed A recent discovery of 4 security flaws in ThroughTek's Kalay platform leaves millions of IoT devices exposed. This article explores the security risks to your connected home and the broader threat to IoT devices. Act now – secure your smart devices! This is a post from HackRead.com Read the original post: IoT Cameras Exposed by Chainable Exploits, Millions Affected

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: RUGGEDCOM APE1808 Vulnerabilities: Insufficiently Protected Credentials, Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privilege, gain unauthorized access, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products using Nozomi Guardian/CMC before 23.4.1, are affected: RUGGEDCOMAPE1808LNX (6GK6015-0AL200GH0): All versions RUGGEDCOM APE1808LNX CC (6GK60150AL20-0GH1): All versions 3.2 Vulnerability Overview 3.2.1 INSUFFICI...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: FactoryTalk View SE Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to inject a malicious SQL statement in the SQL database, resulting in expose sensitive information. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Rockwell Automation's FactoryTalk View SE, monitoring software, are affected: FactoryTalk View SE: Versions prior to 14.0 3.2 Vulnerability Overview 3.2.1 IMPROPER INPUT VALIDATION CWE-20 A vulnerability exists in the FactoryTalk View SE Datalog function that could allow a threat actor to inject a malicious SQL statement if the SQL database has no authentication in place or if legitimate credentials were stolen. If exploited, the attack could result in information exposure, revealing sensitive information. Additionally, a threat actor coul...

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: CPC80 Central Processing/Communication, CPCI85 Central Processing/Communication, OPUPI0 AMQP/MQTT, SICORE Base system Vulnerabilities: Improper Null Termination, Command Injection, Cleartext Storage of Sensitive Information 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to execute code in the context of the current process, allow an authenticated privileged remote attacker to execute arbitrary code with root privileges, or lead to a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The fo...