Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

BEC Fraudsters Expand to Snatch Real-World Goods in Commodities Twist

Business email compromise scams are moving beyond just stealing cash, with some threat actors fooling companies into sending goods and materials on credit, and then skipping out on payment.

DARKReading
Open in Source
#mac#git#intel#auth#sap
The Future of Fintech Applications

By Owais Sultan This article explores the world of fintech applications, highlighting their most popular features now and in the next… This is a post from HackRead.com Read the original post: The Future of Fintech Applications

Virtual Reception 1.0 Directory Traversal

Virtual Reception version 1.0 suffers from a directory traversal vulnerability.

CVE-2023-22845: TALOS-2023-1708 || Cisco Talos Intelligence Group

An out-of-bounds read vulnerability exists in the TGAInput::decode_pixel() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-24473: TALOS-2023-1707 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the TGAInput::read_tga2_header functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted targa file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2023-24472: TALOS-2023-1709 || Cisco Talos Intelligence Group

A denial of service vulnerability exists in the FitsOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.7.1. A specially crafted ImageOutput Object can lead to denial of service. An attacker can provide malicious input to trigger this vulnerability.

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and Linux backdoor called KEYPLUG. "RedGolf is a particularly prolific Chinese state-sponsored threat actor group that has likely been active for many years against a wide range of industries globally," Recorded Future told The Hacker News. "The group has shown the ability to

CVE-2023-25076: TALOS-2023-1731 || Cisco Talos Intelligence Group

A buffer overflow vulnerability exists in the handling of wildcard backend hosts of SNIProxy 0.6.0-2 and the master branch (commit: 822bb80df9b7b345cc9eba55df74a07b498819ba). A specially crafted HTTP, TLS or DTLS packet can lead to arbitrary code execution. An attacker could send a malicious packet to trigger this vulnerability.

The 10 Best Cybersecurity Companies in the UK

By Owais Sultan Discover the best cybersecurity companies to protect your business, and learn how to find the top ones that… This is a post from HackRead.com Read the original post: The 10 Best Cybersecurity Companies in the UK

Popular PABX platform, 3CX Desktop App suffers supply chain attack

By Deeba Ahmed According to cybersecurity researchers, a nation-state actor, LABYRINTH CHOLLIMA, is suspected to be behind the multi-stage attack on 3CXDesktopApp. This is a post from HackRead.com Read the original post: Popular PABX platform, 3CX Desktop App suffers supply chain attack