Tag
#web
A new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau of Telegram and kopye (meaning "spear" in Russian), the toolkit functions as an automated means to create a phishing web page from a premade template and send the URL to potential victims, codenamed Mammoths by the criminals. "This toolkit is
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin <= 2.3.6 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin <= 1.1.8 versions.
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin <= 2.2.5 versions.
By Deeba Ahmed While facing a total loss of internal infrastructure and customer data, CloudNordic has declined to pay the ransom. This is a post from HackRead.com Read the original post: CloudNordic Faces Severe Data Loss After Ransomware Attack
Lazarus Group appears to be changing its tactics, increasingly relying on open-source tools and frameworks in the initial access phase of their attacks, as opposed to strictly employing them in the post-compromise phase.
This is the third documented campaign attributed to this actor in less than a year, with the actor reusing the same infrastructure throughout these operations.
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: OPTO 22 Equipment: SNAP PAC S1 Vulnerabilities: Improper Restriction of Excessive Authentication Attempts, Weak Password Requirements, Improper Access Control, Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to brute force passwords, access certain device files, or cause a denial-of-service condition. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of SNAP PAC S1, an industrial programmable automation controller, is affected: SNAP PAC S1 Firmware: Version R10.3b 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER RESTRICTION OF EXCESSIVE AUTHENTICATION ATTEMPTS CWE-307 There is no limit on the number of login attempts. This could allow a brute force attack on the built-in web server login. CVE-2023-40706 has been assigned to this vulnerability. A CVSS v3 base score of 7.5 has been assigne...
1. EXECUTIVE SUMMARY CVSS v3 7.3 ATTENTION: low attack complexity Vendor: CODESYS, GmbH Equipment: CODESYS Development System Vulnerability: Uncontrolled Search Path Element. 2. RISK EVALUATION Successful exploitation of this vulnerability could cause users to unknowingly launch a malicious binary placed by a local attacker. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS CODESYS reports this vulnerability affects the following versions of CODESYS Development System: CODESYS Development System: versions from 3.5.17.0 and prior to 3.5.19.20 3.2 VULNERABILITY OVERVIEW 3.2.1 UNCONTROLLED SEARCH PATH ELEMENT CWE-427 In CODESYS Development System versions from 3.5.17.0 and prior to 3.5.19.20 a vulnerability allows for execution of binaries from the current working directory in the users’ context. CVE-2023-3662 has been assigned to this vulnerability. A CVSS v3 base score of 7.3 has been calculated; the CVSS vector string is (AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H). 3.3 BACKGRO...
1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: KNX Association Equipment: KNX devices using KNX Connection Authorization Vulnerability: Overly Restrictive Account Lockout Mechanism 2. RISK EVALUATION Successful exploitation of this vulnerability could cause users to lose access to their device, potentially with no way to reset the device. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following devices using KNX Protocol are affected: KNX devices using Connection Authorization Option 1 Style in which no BCU Key is currently set: All versions 3.2 VULNERABILITY OVERVIEW 3.2.1 OVERLY RESTRICTIVE ACCOUNT LOCKOUT MECHANISM CWE-645 KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the devi...