Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

New YTStealer Malware is Hijacking YouTube Channels

By Deeba Ahmed YTStealer is a new info-stealer on the block targeting YouTube content creators to steal authentication tokens and take… This is a post from HackRead.com Read the original post: New YTStealer Malware is Hijacking YouTube Channels

HackRead
Open in Source
#web#google#intel#botnet#auth
RHSA-2022:5316: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2020-28915: kernel: out-of-bounds read in fbcon_get_font function * CVE-2022-27666: kernel: buffer overflow in IPsec ESP transformation code

Google: Hack-for-Hire Groups Present a Potent Threat

Cyber mercenaries in countries like India, Russia, and the UAE are carrying out data theft and hacking missions for a wide range of clients across regions, a couple of new reports said.

CVE-2022-32585: TALOS-2022-1570 || Cisco Talos Intelligence Group

A command execution vulnerability exists in the clish art2 functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-33325: TALOS-2022-1573 || Cisco Talos Intelligence Group

Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network packets can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/ajax/clear_tools_log/` API is affected by command injection vulnerability.

CVE-2022-33312: TALOS-2022-1572 || Cisco Talos Intelligence Group

Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.The `/action/import_cert_file/` API is affected by command injection vulnerability.

CVE-2022-28127: TALOS-2022-1571 || Cisco Talos Intelligence Group

A data removal vulnerability exists in the web_server /action/remove/ API functionality of Robustel R1510 3.3.0. A specially-crafted network request can lead to arbitrary file deletion. An attacker can send a sequence of requests to trigger this vulnerability.

ZuoRAT Can Take Over Widely Used SOHO Routers

Devices from Cisco, Netgear and others at risk from the multi-stage malware, which has been active since April 2020 and shows the work of a sophisticated threat actor.

NXM Announces Platform That Protects Space Infrastructure and IoT Devices From Cyberattacks

NXM Autonomous Security protects against network-wide device hacks and defends against critical IoT vulnerabilities.

CVE-2021-37791: There is an ultra vires vulnerability in viewing personal center · Issue #3 · cdfan/my-admin

MyAdmin v1.0 is affected by an incorrect access control vulnerability in viewing personal center in /api/user/userData?userCode=admin.