Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

WordPress Slider Revolution 4.6.5 Shell Upload

WordPress Slider Revolution plugin version 4.6.5 suffers from a remote shell upload vulnerability.

Packet Storm
#vulnerability#web#mac#windows#apple#linux#wordpress#php#backdoor#perl#auth#zero_day#chrome#webkit#firefox#ssl
Rackspace Confirms Play Ransomware Gang Responsible for Recent Breach

Cloud services provider Rackspace on Thursday confirmed that the ransomware gang known as Play was responsible for last month's breach. The security incident, which took place on December 2, 2022, leveraged a previously unknown security exploit to gain initial access to the Rackspace Hosted Exchange email environment. "This zero-day exploit is associated with CVE-2022-41080," the Texas-based

Threat Actors Evade Detection Through Geofencing & Fingerprinting

Security teams may be missing targeted attacks and advanced exploits if attackers are using evasive techniques to avoid detection. Defenders need to up their game.

CVE-2023-0077: Synology_SA_22_25 | Synology Inc.

Integer overflow or wraparound vulnerability in CGI component in Synology Router Manager (SRM) before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to overflow buffers via unspecified vectors.

Rackspace: Ransomware Attack Bypassed ProxyNotShell Mitigations

The hosting provider had not applied Microsoft's new patch due to publicly reported issues with the update.

SugarCRM Shell Upload

SugarCRM versions up to 12.2.0 suffer from a remote shell upload vulnerability.

Internet AppSec Remains Abysmal & Requires Sustained Action in 2023

A variety of initiatives — such as memory-safe languages and software bills of materials — promise more secure applications, but sustained improvements will require that vendors do much better, researchers agree.