Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

MiniDVBLinux 5.4 Change Root Password

MiniDVBLinux versions 5.4 and below root password changing proof of concept exploit.

Packet Storm
Open in Source
#vulnerability#web#windows#apple#linux#nodejs#git#php#auth#chrome#webkit#sap
CVE-2022-41498: bug_report/SQLi-1.md at main · aurigee/bug_report

Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editbrand.php.

CVE-2022-3546: Stored-xss-/Poc at main · thehackingverse/Stored-xss-

A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability.

New Prestige Ransomware Targeting Polish and Ukrainian Organizations

A new ransomware campaign targeted the transportation and logistics sectors in Ukraine and Poland on October 11 with a previously unknown payload dubbed Prestige. "The activity shares victimology with recent Russian state-aligned activity, specifically on affected geographies and countries, and overlaps with previous victims of the FoxBlade malware (also known as HermeticWiper)," the Microsoft

A week in security (October 10 - 16)

Categories: News Tags: a week in security Tags: week in security Tags: AI Bill of Rights Tags: Final Fantasy XIV Tags: Lock and Code S03E21 Tags: Meta Tags: WhatsApp Tags: ransomware Tags: tax scam Tags: Chinese APT Tags: Android Tags: Chrome Tags: iOS Tags: managed detection response Tags: MDR Tags: disinformation Tags: FBI Tags: CISA The most important and interesting computer security stories from the last week. (Read more...) The post A week in security (October 10 - 16) appeared first on Malwarebytes Labs.

CVE-2022-2052: VDE-2022-023 | CERT@VDE

Multiple Trumpf Products in multiple versions use default privileged Windows users and passwords. An adversary may use these accounts to remotely gain full access to the system.

6 Best Ways to Make a Collaborative PowerPoint Presentation

By Owais Sultan Among the several online presentation-making platforms, Microsoft PowerPoint is the first choice of professionals. The platform allows you… This is a post from HackRead.com Read the original post: 6 Best Ways to Make a Collaborative PowerPoint Presentation

Elon Musk’s SpaceX Bails on Starlink Funding for Ukraine

Plus: Hackers hit the Mormon Church, Signal plans to ditch SMS for Android, and a Fat Bear election erupts in scandal.

Encrypted Email Service ProtonMail Now Supports Physical Security Keys

By Waqas Two Factor Authentication via Physical Security Keys is Now Possible on ProtonMail. This is a post from HackRead.com Read the original post: Encrypted Email Service ProtonMail Now Supports Physical Security Keys

Linux, Windows and macOS Hit By New “Alchimist” Attack Framework

By Deeba Ahmed Alchimist is a single-file C2 framework discovered on a server hosting an active file listing on the root directory and a set of post-exploitation tools. This is a post from HackRead.com Read the original post: Linux, Windows and macOS Hit By New “Alchimist” Attack Framework