Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2023-31242: TALOS-2023-1769 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.

CVE
Open in Source
#vulnerability#windows#linux#cisco#intel#auth#docker
CVE-2023-32615: TALOS-2023-1771 || Cisco Talos Intelligence Group

A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-34994: TALOS-2023-1773 || Cisco Talos Intelligence Group

An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-35124: TALOS-2023-1775 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2023-34353: TALOS-2023-1776 || Cisco Talos Intelligence Group

An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.

CVE-2023-41012: Command Execution Vulnerability in China Mobile Intelligent Home Gateway HG6543C4 Identity verification has design flaws

An issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism.

Gcore Thwarts 500 Million PPS DDoS Attack on Gaming Company

By Owais Sultan Technology enhances our lives, but it also leaves us vulnerable to unprecedented cyber threats.  This is a post from HackRead.com Read the original post: Gcore Thwarts 500 Million PPS DDoS Attack on Gaming Company

Red Hat Security Advisory 2023-4962-01

Red Hat Security Advisory 2023-4962-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds access, out of bounds write, and use-after-free vulnerabilities.

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

Banking and logistics industries are under the onslaught of a reworked variant of a malware called Chaes. "It has undergone major overhauls: from being rewritten entirely in Python, which resulted in lower detection rates by traditional defense systems, to a comprehensive redesign and an enhanced communication protocol," Morphisec said in a new detailed technical write-up shared with The Hacker

Key Cybersecurity Tools That Can Mitigate the Cost of a Breach

IBM's 2023 installment of their annual "Cost of a Breach" report has thrown up some interesting trends. Of course, breaches being costly is no longer news at this stage! What’s interesting is the difference in how organizations respond to threats and which technologies are helping reduce the costs associated with every IT team’s nightmare scenario.  The average cost of a breach rose once again