Security
Headlines
HeadlinesLatestCVEs

Tag

#git

Gentoo Linux Security Advisory 202312-15

Gentoo Linux Security Advisory 202312-15 - Several vulnerabilities have been found in Git, the worst of which could lead to remote code execution. Versions greater than or equal to 2.39.3 are affected.

Packet Storm
Open in Source
#vulnerability#web#mac#linux#git#rce
How ransomware operators try to stay under the radar

We look at the three most common methods that ransomware groups use to avoid being detected.

New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices

A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it's developed using an open-source mobile app framework called Xamarin and abuses the operating system's accessibility permissions to fulfill its objectives.

RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen

By Waqas ParkMobile, a globally-used parking app, is the same platform that suffered a massive data breach in 2021 when hackers leaked the data of 21 million customers. This is a post from HackRead.com Read the original post: RingGo, ParkMobile Owner EasyPark Suffers Data Breach, User Data Stolen

FreeSWITCH 1.10.10 Denial Of Service

When handling DTLS-SRTP for media setup, FreeSWITCH version 1.10.10 is susceptible to denial of service due to a race condition in the hello handshake phase of the DTLS protocol. This attack can be done continuously, thus denying new DTLS-SRTP encrypted calls during the attack.

Gentoo Linux Security Advisory 202312-13

Gentoo Linux Security Advisory 202312-13 - Multiple vulnerabilities have been discovered in Gitea, the worst of which could result in information leakage. Versions greater than or equal to 1.20.6 are affected.

How to recognize AI-generated phishing mails

Cybercriminals now have AI to write their phishing emails, which might well improve their success rates. Here's what to watch out for.

Carbanak Banking Malware Resurfaces with New Ransomware Tactics

The banking malware known as Carbanak has been observed being used in ransomware attacks with updated tactics. "The malware has adapted to incorporate attack vendors and techniques to diversify its effectiveness," cybersecurity firm NCC Group said in an analysis of ransomware attacks that took place in November 2023. "Carbanak returned last month through new

GHSA-qp42-5pj7-4ccm: Concrete CMS Cross Site Request Forgery (CSRF)

Concrete CMS 9 before 9.2.3 is vulnerable to Cross Site Request Forgery (CSRF) via `/ccm/system/dialogs/logs/delete_all/submit`. An attacker can force an admin user to delete server report logs on a web application to which they are currently authenticated.

Cloud Atlas' Spear-Phishing Attacks Target Russian Agro and Research Companies

The threat actor referred to as Cloud Atlas has been linked to a set of spear-phishing attacks on Russian enterprises. Targets included a Russian agro-industrial enterprise and a state-owned research company, according to a report from F.A.C.C.T., a standalone cybersecurity company formed after Group-IB's formal exit from Russia earlier this year. Cloud Atlas, active since at