#git

This new backdoor we’re calling “TinyTurla-NG” (TTNG) is similar to Turla’s previously disclosed implant, TinyTurla, in coding style and functionality implementation.

As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).  View CSAF 1. EXECUTIVE SUMMARY CVSS v3 9.1 ATTENTION: Exploitable remotely/low attack complexity Vendor: Siemens Equipment: SCALANCE SC-600 Family Vulnerabilities: Acceptance of Extraneous Untrusted Data With Trusted Data, Use of Weak Hash, Forced Browsing, Uncontrolled Resource Consumption, Unchecked Return Value, Injection, OS Command Injection 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to escalate privileges, execute arbitrary code, or spawn a system root shell on the affected system. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following Siemens products are affected: SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (CVE-2023-44317, C...

Personal data belonging to 200,000 Facebook Marketplace users has been published online, including email addresses and phone numbers.

By Owais Sultan Debut Title Overworld Designed Around Multiplayer Role-Playing Action. This is a post from HackRead.com Read the original post: Overworld secures $10M for cross-platform ARPG development

By Uzair Amir Infrastructure-as-code (IaC) continues to gain traction and is even hailed for having changed software development towards greater efficiency… This is a post from HackRead.com Read the original post: 5 Ways to Maximize the Impact of IaC Scans

Statamic CMS versions prior to 4.46.0 and 3.4.17 suffer from multiple persistent cross site scripting vulnerabilities.

### Summary Treasure Data's digdag workload automation system is susceptible to a path traversal vulnerability if it's configured to store log files locally. ### Impact This issue may lead to Information Disclosure.

Red Hat Security Advisory 2024-0801-03 - A new image is available for Red Hat Single Sign-On 7.6.7, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include bypass, cross site scripting, and open redirection vulnerabilities.

Red Hat Security Advisory 2024-0741-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include denial of service and traversal vulnerabilities.

Red Hat Security Advisory 2024-0740-03 - Red Hat OpenShift Container Platform release 4.13.33 is now available with updates to packages and images that fix several bugs. Issues addressed include denial of service and traversal vulnerabilities.