#windows

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: EFACEC Equipment: UC 500 Vulnerabilities: Cleartext Transmission of Sensitive Information, Open Redirect, Exposure of Sensitive Information to an Unauthorized Actor, Improper Access Control 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to retrieve sensitive information, gain unauthorized access to the product, or redirect users to malicious websites. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following version of EFACEC UC 500E, a HMI, is affected: UC 500E: version 10.1.0 3.2 Vulnerability Overview 3.2.1 CLEARTEXT TRANSMISSION OF SENSITIVE INFORMATION CWE-319 An attacker with network access could perform a man-in-the-middle (MitM) attack and capture sensitive information to gain unauthorized access to the application. CVE-2023-50703 has been assigned to this vulnerability. A CVSS v3 base score of 6.3 has been calculated; the CVSS vec...

This is the second installment of the Azure Serial Console blog, which provides insights to improve defenders’ preparedness when investigating Azure Serial Console activity on Azure Linux virtual machines. While the first blog post discussed various tracing activities, such as using Azure activity and Sysmon logs on Windows virtual machines to trace serial console activity, this blog outlines how to enable logging for Azure Linux virtual machines using Sysmon for Linux to capture and how to send these events to a log analytics workspace.

Technical details have emerged about two now-patched security flaws in Microsoft Windows that could be chained by threat actors to achieve remote code execution on the Outlook email service sans any user interaction. "An attacker on the internet can chain the vulnerabilities together to create a full, zero-click remote code execution (RCE) exploit against Outlook clients," Akamai security

A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its command-and-control (C2) network. Microsoft, which made the discovery, described it as a low-volume campaign that began on December 11, 2023, and targeted the hospitality industry. "Targets

A buffer overflow in websockets in UnrealIRCd 6.1.0 through 6.1.3 before 6.1.4 allows an unauthenticated remote attacker to crash the server by sending an oversized packet (if a websocket port is open). Remote code execution might be possible on some uncommon, older platforms.

PikaBot, a stealthy malware normally distributed via malspam is now being spread via malicious ads.

By Waqas Polish authorities and FortiGuard Labs have issued a warning to customers about a new wave of cyberattacks associated with TeamCity. This is a post from HackRead.com Read the original post: Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach

Temporary data passed between application components by Budgie Extras Windows Previews could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has local access to the system. Attackers may read private information from windows, present false information to users, or deny access to the application.

An uncaught exception issue discovered in Softing OPC UA C++ SDK before 6.30 for Windows operating system may cause the application to crash when the server wants to send an error packet, while socket is blocked on writing.

Everyone's New Year's Resolution should be to stop using passwords altogether.