Security
Headlines
HeadlinesLatestCVEs

Tag

#web

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

Wired
#web#mac#sap
Russian Operatives Expose German Military Webex Conversations

By Deeba Ahmed Leaked Military Audio Raises Stakes in Russia-Ukraine Conflict. This is a post from HackRead.com Read the original post: Russian Operatives Expose German Military Webex Conversations

Gentoo Linux Security Advisory 202403-03

Gentoo Linux Security Advisory 202403-3 - Multiple vulnerabilities have been discovered in UltraJSON, the worst of which could lead to key confusion and value overwriting. Versions greater than or equal to 5.4.0 are affected.

TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 Privilege Escalation

TP-Link JetStream Smart Switch TL-SG2210P version 5.0 build 20211201 suffers from a privilege escalation vulnerability.

Gentoo Linux Security Advisory 202403-02

Gentoo Linux Security Advisory 202403-2 - Multiple vulnerabilities have been discovered in Blender, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 3.1.0 are affected.

Wallos Shell Upload

Wallos versions prior to 1.11.2 suffer from a remote shell upload vulnerability.

Gentoo Linux Security Advisory 202403-01

Gentoo Linux Security Advisory 202403-1 - A vulnerability has been discovered in Tox which may lead to remote code execution. Versions greater than or equal to 0.2.13 are affected.

Compromising Industrial Processes Using Web-Based Programmable Logic Controller Malware

This is an interesting whitepaper called Compromising Industrial Processes using Web-Based Programmable Logic Controller Malware. The authors present a novel approach to developing programmable logic controller (PLC) malware that proves to be more flexible, resilient, and impactful than current strategies.

Ubuntu Security Notice USN-6669-1

Ubuntu Security Notice 6669-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.

Employee Management System 1.0-2024 SQL Injection

Employee Management System version 1.0-2024 suffers from a remote SQL injection vulnerability. Original discovery of this finding is attributed to Ozlem Balci in January of 2024.