#web

A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2

IntelBroker is offering source code from major companies for sale. Are they demonstrating the value of a zero-day they are also selling?

Using a Trump-era authority, the US Commerce Department has banned the sale of Kaspersky’s antivirus tools to new customers in the US, citing alleged threats to national security.

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its inception is a fabricated identity.

More on the recent Snowflake breach, MFA bypass techniques and more.

Microsoft Edge Channel Microsoft Edge Version Date Released Based on Chromium Version Stable 126.0.2592.68 6/20/2024 126.0.6478.114/115

### Impact SFTPGo WebAdmin and WebClient support password reset. This feature is disabled in the default configuration. In SFTPGo versions prior to v2.6.1, if the feature is enabled, even users with access restrictions (e.g. expired) can reset their password and log in. ### Patches Fixed in v2.6.1. ### Workarounds The following workarounds are available: - keep the password reset feature disabled. - Set a blank email address for users and admins with access restrictions so they cannot receive the email with the reset code and exploit the vulnerability.

The "Markopolo" threat actors built a convincing brand and Web presence for fake software to deliver the dangerous Atomic macOS stealer, among other malware, to carry out cryptocurrency heists.

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 7.7 ATTENTION: Exploitable remotely/Low attack complexity Vendor: Yokogawa Equipment: CENTUM Vulnerability: Uncontrolled Search Path Element 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to execute arbitrary programs. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Yokogawa CENTUM, a distributed control system (DCS), are affected: CENTUM CS 3000 (Including CENTUM CS 3000 Entry Class): Version R3.08.10 to R3.09.50 CENTUM VP (Including CENTUM VP Entry Class): Version R4.01.00 to R4.03.00 CENTUM VP (Including CENTUM VP Entry Class): Version R5.01.00 to R5.04.20 CENTUM VP (Including CENTUM VP Entry Class): Version R6.01.00 to R6.11.10 3.2 Vulnerability Overview 3.2.1 Improper Access Control CWE-284 If an attacker is somehow able to intrude into a computer that installed affected product or access to a shared folder, by replacing the DLL file with a tampered one, it is possible to execute ...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: CAREL Equipment: Boss-Mini Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to manipulate an argument path, which would lead to information disclosure. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of CAREL Boss-Mini, a local supervisor solution, are affected: Boss-Mini: Version 1.4.0 (Build 6221) 3.2 Vulnerability Overview Under certain conditions, a malicious actor already present in the same network segment of the affected product, could abuse Local File Inclusion (LFI) techniques to access unauthorized file system resources, such as configuration files, password files, system logs, or other sensitive data. This could expose confidential information and potentially lead to further threats. CVE-2023-3643 has been assigned to this vulnerability. A CVSS v3.1 base s...