View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION: Low Attack Complexity Vendor: IDEC Corporation Equipment: IDEC PLCs Vulnerabilities: Cleartext Transmission of Sensitive Information, Generation of Predictable Identifiers 2. RISK EVALUATION Successful exploitation of these vulnerabilities
Continue ReadingMonth: September 2024
MegaSys Computer Technologies Telenium Online Web Application
View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: MegaSys Computer Technologies Equipment: Telenium Online Web Application Vulnerability: Improper Input Validation 2. RISK EVALUATION Successful exploitation of this vulnerability could allow
Continue ReadingUNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern Networks
Written by: Stav Shulman, Matan Mimran, Sarah Bock, Mark Lechtik Executive Summary UNC1860 is a persistent and opportunistic Iranian state-sponsored threat actor that is likely affiliated with Iran’s Ministry of Intelligence and Security (MOIS). A key
Continue ReadingISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingTime-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)
Since posting a diary about Vega-Lite [1], I have "played" with other queries that might be interesting and the first one that I wanted to explore since the DShield SIEM [2] capture and parse the iptables
Continue ReadingCISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27348 Apache HugeGraph-Server Improper Access Control Vulnerability CVE-2020-0618 Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability CVE-2019-1069 Microsoft
Continue ReadingApple Releases Security Updates for Multiple Products
Apple released security updates to address vulnerabilities in multiple Apple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the
Continue ReadingPython Infostealer Patching Windows Exodus App, (Wed, Sep 18th)
A few months ago, I wrote a diary[1] about a Python script that replaced the Exodus[2] Wallet app with a rogue one on macOS. Infostealers are everywhere these days. They target mainly browsers (cookies, credentials) and classic
Continue ReadingISC Stormcast For Wednesday, September 18th, 2024 https://isc.sans.edu/podcastdetail/9142, (Wed, Sep 18th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Continue ReadingCISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2014-0497 Adobe Flash Player Integer Underflow Vulnerability CVE-2013-0643 Adobe Flash Player Incorrect Default Permissions Vulnerability CVE-2013-0648 Adobe Flash Player Code Execution
Continue Reading