Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Attackers target Ukraine using GoMet backdoor

Executive summary Since the Russian invasion of Ukraine began, Ukrainians have been under a nearly constant barrage of cyber attacks. Working jointly with Ukrainian organizations, Cisco Talos has discovered a fairly uncommon piece of malware targeting Ukraine — this time aimed at a large software development company whose software is used in various state organizations within Ukraine. We believe that this campaign is likely sourced by Russian state-sponsored actors or those acting in their interests. As this firm is involved in software development, we cannot ignore the possibility that the perpetrating threat actor's intent was to gain access to source a supply chain-style attack, though at this time we do not have any evidence that they were successful. Cisco Talos confirmed that the malware is a slightly modified version of the open-source backdoor named "GoMet." The malware was first observed on March 28, 2022. GoMet backdoor The story of this backdoor is rather curious — ther...

TALOS
Open in Source
#sql#vulnerability#web#mac#windows#microsoft#cisco#git#intel#backdoor#rce#auth
CVE-2022-33923: DSA-2022-159: Dell PowerStore Family Security Update for Multiple Vulnerabilities

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

CVE-2022-34590: bug_report/sql_injection.md at master · Renrao/bug_report

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in /HMS/admin.php.

CVE-2022-34586: bug_report/sql_injection.md at master · Renrao/bug_report

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/student_grade_wise.php.

CVE-2022-34588: bug_report/sql_injection3.md at master · Renrao/bug_report

itsourcecode Advanced School Management System v1.0 is vulnerable to SQL Injection via the grade parameter at /school/view/timetable_insert_form.php.

Google ads lead to major malvertising campaign

Scammers go mainstream by hijacking top Google searches and replacing them with malicious ads. The post Google ads lead to major malvertising campaign appeared first on Malwarebytes Labs.

CVE-2022-34042: bug_report/SQLi-1.md at main · tianqi5432/bug_report

Barangay Management System v1.0 was discovered to contain a SQL injection vulnerability via the hidden_id parameter at /pages/household/household.php.

CVE-2022-34599: vuln/H3C/1 at main · Darry-lang1/vuln

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.

CVE-2022-34600: vuln/H3C/3 at main · Darry-lang1/vuln

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm.

CVE-2022-34601: vuln/H3C/2 at main · Darry-lang1/vuln

H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.