What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-03-07 21:15:11 | CVE-2023-20649 (lien direct) | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628607; Issue ID: ALPS07628607. | Guideline | ||
|
2023-03-07 21:15:11 | CVE-2023-20636 (lien direct) | In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292593; Issue ID: ALPS07292593. | Guideline | ||
|
2023-03-07 21:15:11 | CVE-2023-20635 (lien direct) | In keyinstall, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07563028; Issue ID: ALPS07563028. | Guideline | ||
|
2023-03-07 21:15:11 | CVE-2023-20645 (lien direct) | In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628609; Issue ID: ALPS07628609. | Guideline | ||
|
2023-03-07 21:15:11 | CVE-2023-20642 (lien direct) | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628586; Issue ID: ALPS07628586. | Guideline | ||
|
2023-03-07 21:15:11 | CVE-2023-20641 (lien direct) | In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629574; Issue ID: ALPS07629574. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20634 (lien direct) | In widevine, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07635697; Issue ID: ALPS07635697. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20628 (lien direct) | In thermal, there is a possible memory corruption due to an uncaught exception. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494460; Issue ID: ALPS07494460. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20633 (lien direct) | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628508; Issue ID: ALPS07628508. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20625 (lien direct) | In adsp, there is a possible double free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628532; Issue ID: ALPS07628532. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20621 (lien direct) | In tinysys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664755; Issue ID: ALPS07664755. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20627 (lien direct) | In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20623 (lien direct) | In ion, there is a possible escalation of privilege due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559778; Issue ID: ALPS07559778. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20626 (lien direct) | In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20620 (lien direct) | In adsp, there is a possible escalation of privilege due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554558; Issue ID: ALPS07554558. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20630 (lien direct) | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20624 (lien direct) | In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530. | Guideline | ||
|
2023-03-07 21:15:10 | CVE-2023-20632 (lien direct) | In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628506; Issue ID: ALPS07628506. | Guideline | ||
|
2023-03-07 20:15:09 | CVE-2023-1003 (lien direct) | A vulnerability, which was classified as critical, was found in Typora up to 1.5.5. Affected is an unknown function of the component WSH JScript Handler. The manipulation leads to code injection. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 1.5.8 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-221736. | Vulnerability Guideline | ||
|
2023-03-07 19:15:12 | CVE-2023-27479 (lien direct) | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of UIX parameters. A proof of concept exploit is to log in, add an `XWiki.UIExtensionClass` xobject to the user profile page, with an Extension Parameters content containing `label={{/html}} {{async async="true" cached="false" context="doc.reference"}}{{groovy}}println("Hello " + "from groovy!"){{/groovy}}{{/async}}`. Then, navigating to `PanelsCode.ApplicationsPanelConfigurationSheet` (i.e., `/xwiki/bin/view/PanelsCode/ApplicationsPanelConfigurationSheet` where `` is the URL of your XWiki installation) should not execute the Groovy script. If it does, you will see `Hello from groovy!` displayed on the screen. This vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10-rc-1. Users are advised to upgrade. For users unable to upgrade the issue can be fixed by editing the `PanelsCode.ApplicationsPanelConfigurationSheet` wiki page and making the same modifications as shown in commit `6de5442f3c`. | Vulnerability Guideline | ||
|
2023-03-07 19:15:12 | CVE-2023-27480 (lien direct) | XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions any user with edit rights on a document can trigger an XAR import on a forged XAR file, leading to the ability to display the content of any file on the XWiki server host. This vulnerability has been patched in XWiki 13.10.11, 14.4.7 and 14.10-rc-1. Users are advised to upgrade. Users unable to upgrade may apply the patch `e3527b98fd` manually. | Vulnerability Guideline | ||
|
2023-03-07 15:15:11 | CVE-2023-1253 (lien direct) | A vulnerability, which was classified as critical, was found in SourceCodester Health Center Patient Record Management System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222483. | Vulnerability Guideline | ||
|
2023-03-07 15:15:11 | CVE-2023-1254 (lien direct) | A vulnerability has been found in SourceCodester Health Center Patient Record Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file birthing_print.php. The manipulation of the argument birth_id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-222484. | Vulnerability Guideline | ||
|
2023-03-07 15:15:10 | CVE-2015-10087 (lien direct) | ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability has been found in UpThemes Theme DesignFolio Plus 1.2 and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 53f6ae62878076f99718e5feb589928e83c879a9. It is recommended to apply a patch to fix this issue. The identifier VDB-221809 was assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | Vulnerability Guideline | ||
 |
2023-03-07 14:40:00 | One leader for Cyber Command, NSA has \'substantial benefits,\' report says (lien direct) |
The head of U.S Cyber Command and the National Security Agency testified Tuesday that the two entities should continue to share a leader, citing the conclusions in a recent high-level review that has yet to be shared with the public.
In [written testimony](https://www.cybercom.mil/Media/News/Article/3320195/posture-statement-of-general-paul-m-nakasone/) to a Senate panel, Army Gen. Paul Nakasone directly quoted the review of the “dual hat” leadership structure, which has existed since Cyber Command was established in 2010.
The report found “'substantial benefits that present compelling evidence for retaining the existing structure,'” according to Nakasone, who took over both organizations in 2018. Momentum for splitting the roles increased during the Trump administration.
The Record first reported that the Biden administration had tapped former Joint Chiefs of Staff Chairman Joseph F. Dunford Jr. to lead the review. The team [concluded without a policy recommendation](https://therecord.media/review-of-nsa-cyber-command-leadership-structure-ends-without-official-recommendation) on maintaining or splitting the arraignment, but it leaned heavily toward keeping the two conjoined, despite long-held concerns that the positions are too much for a single person.
Nakasone also wrote that the review “highlighted” CYBERCOM and NSA's work defending U.S. elections from foreign interference, fighting ransomware operators and bolstering the military's other combatant commands as reasons to keep the two together.
Nakasone, one of Cyber Command's original architects, said publicly last year that he met with Dunford's study group and “had an opportunity to share my views.”
“Success in protecting the national security of the United States in cyberspace would be more costly and less decisive with two separate organizations under two separate leaders,” Nakasone wrote in his testimony for the Senate Armed Services Committee.
“The enduring relationship is vital for both organizations to meet the strategic challenges of our adversaries as they mature their capabilities against the United States,” he added.
|
Ransomware Guideline | ★★★ | |
 |
2023-03-07 14:00:24 | Getting to Know Francisco Criado, Check Point\'s New VP, Global Partner Ecosystem Organization (lien direct) | >As Vice President of the Global Partner Ecosystem Organization, Francisco Criado leads all strategy and program deployment with Check Point's partners around the world. He brings nearly two decades of experience in the industry, including leadership roles at Avnet, Tech Data and TD SYNNEX North America. What was your dream job in kindergarten and what… | Guideline | ★ | |
 |
2023-03-07 14:00:00 | CyberheistNews Vol 13 #10 [Eye Opener] BusinessWeek: The Satellite Hack Everyone Is Finally Talking About (lien direct) |
CyberheistNews Vol 13 #10 | March 7th, 2023
[Eye Opener] BusinessWeek: The Satellite Hack Everyone Is Finally Talking About
This week, Bloomberg News pointed at a brand-new article at BusinessWeek, one of their media properties. This is an excellent article that exposes the vulnerabilities when communications systems are not secure by design. It is an excellent wake-up call for your C-level execs and powerful budget ammo.
They started out with: "As Putin began his invasion of Ukraine, a network used throughout Europe-and by the Ukrainian military-faced an unprecedented cyberattack that doubled as an industrywide wake-up call. What they refer to is the Viasat hack. The KnowBe4 blog initially reported on this hack on March 24, 2022 here: https://blog.knowbe4.com/wired-a-mysterious-satellite-hack-has-victims-far-beyond-ukraine and in our CyberheistNews May 17, 2022 here: https://blog.knowbe4.com/cyberheistnews-vol-12-20-heads-up-now-you-need-to-watch-out-for-spoofed-vanity-urls.
The article continues to describe how a large number of Viasat customers lost connectivity. Here is a quote: "Viasat staffers in the U.S., where the company is based, were caught by surprise, too. Across Europe and North Africa, tens of thousands of internet connections in at least 13 countries were going dead.
"Some of the biggest service disruptions affected providers Bigblu Broadband PLC in the U.K. and NordNet AB in France, as well as utility systems that monitor thousands of wind turbines in Germany. The most critical affected Ukraine: Several thousand satellite systems that President Volodymyr Zelenskiy's government depended on were all down, making it much tougher for the military and intelligence services to coordinate troop and drone movements in the hours after the invasion."
"Industry was caught flat-footed," says Gregory Falco, a space cybersecurity expert who has advised the U.S. government. "Ukrainians paid the price. The war is really just revealing the capabilities," says Erin Miller, who runs the Space Information Sharing and Analysis Center, a trade group that gathers data on orbital threats. Cyberattacks affecting the industry, she says, have become a daily occurrence. The Viasat hack was widely considered a harbinger of attacks to come."
For many end-users, the frustrating thing about the Viasat hack is that, unlike with a phishing attack, there was nothing they could have done to prevent it. But the Russians (this smells like GRU) would have to know a lot of detail about Viasat's systems to execute an attack like th |
Guideline | Uber | ★★ |
|
2023-03-07 13:05:00 | Israel blames state-sponsored Iranian hackers for ransomware attack on university (lien direct) |
Israeli cybersecurity officials on Tuesday blamed hackers sponsored by the Iranian government for a ransomware attack on the country's leading technology university.
The attack in February forced the Israel Institute of Technology, also known as Technion, to postpone exams and shut down its IT systems. The incident followed what Israeli defense officials said were dozens of attempted Iranian cyberattacks over the past year.
Hackers from a previously unknown group calling itself DarkBit claimed responsibility in a note left on Technion's systems demanding 80 bitcoins ($1.7 million at the time) to enable the university to recover its files.
The note was unusually ideological, criticizing “an apartheid regime” and stating: “They should pay for their lies and crimes, their names and shames. They should pay for occupation, war crimes against humanity, killing the people (not only Palestinians' bodies, but also Israelis' souls) and destroying the future and all dreams we had.”
Israel's National Cyber Directorate on Tuesday attributed the attack to a threat group tracked as MuddyWater, which last year U.S. Cyber Command linked to the Iranian Ministry of Intelligence and Security.
British and American authorities subsequently issued a warning about the hacking group, saying it was targeting a “range of government and private-sector organizations across sectors - including telecommunications, defense, local government, and oil and natural gas - in Asia, Africa, Europe, and North America.”
While Israel and Iran have never been in a declared war against each other, the countries have repeatedly blamed each other for cyberattacks targeting civilian infrastructure, including a steel plant in Iran. Iranian hackers have been blamed for attacks on water systems in Israel.
The attack on the university in Haifa is not the first time that Iranian state-sponsored hackers have been linked to ransomware incidents. A French-Venezuelan cardiologist called Moises Luis Zagala Gonzalez was charged by the U.S. Department of Justice last year with developing the Thanos ransomware and allegedly boasting about it being used by Iranian government-linked hackers.
Another advisory issued in 2022 by cyber authorities in the United Kingdom, United States, Australia and Canada - members of the Five Eyes intelligence alliance - warned that “cyber actors affiliated with Iran's Islamic Revolutionary Guard Corps are exploiting vulnerabilities to launch ransomware operations against multiple sectors.” |
Ransomware Threat Guideline | ★★ | |
 |
2023-03-07 12:50:30 | 20-22 June 2023 at ExCeL London: Infosecurity Europe agenda spotlights innovation as security leaders address cybersecurity spend in the face of economic headwinds (lien direct) | Infosecurity Europe agenda spotlights innovation as security leaders address cybersecurity spend in the face of economic headwinds Entries open for DSIT competition as Infosecurity Europe look to crown the UK's Most Innovative Cyber SME 2023 - EVENTS | Guideline | ★★★ | |
 |
2023-03-07 11:59:22 | SOCRadar is the Gold Winner of Three Cybersecurity Excellence Awards (lien direct) | We are thrilled to announce that SOCRadar, a leading provider of cyber threat intelligence solutions,... | Threat Guideline | ★★ | |
|
2023-03-07 10:22:08 | 99% of cybersecurity leaders are stressed about email security (lien direct) | 99% of cybersecurity leaders are stressed about email security - Special Reports | Guideline | ★★ | |
 |
2023-03-07 09:30:00 | Two-Thirds of European Firms Have Started Zero Trust (lien direct) | Forrester claims public sector is leading the way | Guideline | ★★★ | |
|
2023-03-07 07:56:28 | Bugcrowd Hires Four Security Industry Leaders (lien direct) | Bugcrowd Hires Four Security Industry Leaders to Drive Go-to-Market Efforts New Chief Revenue Officer, Vice Presidents of Marketing, Sales-Americas, and Global Channel Sales Program to Strengthen Companywide Execution on Sales Vision and Growth Strategy - Business News | Guideline | ★★ | |
|
2023-03-07 00:15:09 | CVE-2017-20181 (lien direct) | A vulnerability classified as critical was found in hgzojer Vocable Trainer up to 1.3.0. This vulnerability affects unknown code of the file src/at/hgz/vocabletrainer/VocableTrainerProvider.java. The manipulation leads to path traversal. Attacking locally is a requirement. Upgrading to version 1.3.1 is able to address this issue. The name of the patch is accf6838078f8eb105cfc7865aba5c705fb68426. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-222328. | Vulnerability Guideline | ||
|
2023-03-06 23:15:11 | CVE-2022-3857 (lien direct) | A flaw was found in libpng 1.6.38. A crafted PNG image can lead to a segmentation fault and denial of service in png_setup_paeth_row() function. | Guideline | ||
|
2023-03-06 23:15:11 | CVE-2023-0330 (lien direct) | A vulnerability in the lsi53c895a device affects the latest version of qemu. A DMA-MMIO reentrancy problem may lead to memory corruption bugs like stack overflow or use-after-free. | Vulnerability Guideline | ||
|
2023-03-06 23:15:10 | CVE-2008-10004 (lien direct) | A vulnerability was found in Email Registration 5.x-2.1. It has been declared as critical. This vulnerability affects the function email_registration_user of the file email_registration.module. The manipulation of the argument namenew leads to sql injection. The attack can be initiated remotely. Upgrading to version 6.x-1.0 is able to address this issue. The name of the patch is 126c141b7db038c778a2dc931d38766aad8d1112. It is recommended to upgrade the affected component. VDB-222334 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-03-06 23:15:10 | CVE-2021-20251 (lien direct) | A flaw was found in samba. A race condition in the password lockout code may lead to the risk of brute force attacks being successful if special conditions are met. | Guideline | ||
|
2023-03-06 23:15:10 | CVE-2019-8720 (lien direct) | A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. | Vulnerability Guideline | ||
|
2023-03-06 23:15:10 | CVE-2022-3277 (lien direct) | An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. | Guideline | ||
|
2023-03-06 21:15:10 | CVE-2015-10095 (lien direct) | A vulnerability classified as problematic has been found in woo-popup Plugin up to 1.2.2. This affects an unknown part of the file admin/class-woo-popup-admin.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.3.0 is able to address this issue. The name of the patch is 7c76ac78f3e16015991b612ff4fa616af4ce9292. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222327. | Vulnerability Guideline | ||
|
2023-03-06 16:15:10 | CVE-2023-1200 (lien direct) | A vulnerability was found in ehuacui bbs. It has been declared as problematic. This vulnerability affects unknown code. The manipulation of the argument username leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-222388. | Vulnerability Guideline | ||
|
2023-03-06 16:15:09 | CVE-2022-4930 (lien direct) | A vulnerability classified as problematic was found in nuxsmin sysPass up to 3.2.4. Affected by this vulnerability is an unknown functionality of the component URL Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.2.5 is able to address this issue. The name of the patch is 4da4d031732ecca67519851fd0c34597dbb8ee55. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-222319. | Vulnerability Guideline | ||
|
2023-03-06 15:15:09 | CVE-2015-10094 (lien direct) | A vulnerability was found in Fastly Plugin up to 0.97. It has been rated as problematic. Affected by this issue is the function post of the file lib/api.php. The manipulation of the argument url leads to cross site scripting. The attack may be launched remotely. Upgrading to version 0.98 is able to address this issue. The name of the patch is d7fe42538f4d4af500e3af9678b6b06fba731656. It is recommended to upgrade the affected component. VDB-222326 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-03-06 14:15:10 | CVE-2023-0328 (lien direct) | The WPCode WordPress plugin before 2.0.7 does not have adequate privilege checks in place for several AJAX actions, only checking the nonce. This may lead to allowing any authenticated user who can edit posts to call the endpoints related to WPCode Library authentication (such as update and delete the auth key). | Guideline | ||
|
2023-03-06 14:03:00 | Vice Society ransomware group claims German university as latest victim (lien direct) |
The Vice Society ransomware group added the Hamburg University of Applied Sciences (HAW Hamburg) to its leak site this weekend following an attack that the institution said took place late last year.
HAW Hamburg is one of several German-speaking institutions with a focus on applied sciences to be targeted by ransomware gangs in recent months.
In [a statement](https://www.haw-hamburg.de/fileadmin/PK/PDF/Infos_Art._34_DS-GVO_final.pdf) sent to all employees and students, the university said the attack was on December 29, describing a ransomware incident without using the term itself. The school has about 16,000 students.
“The attackers worked their way manually from decentralized IT systems via the network to the central IT and security components of HAW Hamburg. They also gained administrative rights to the central storage systems via this attack path and thus compromised the central data storage,” the statement explained.
“With the administrative rights obtained, the encryption of various virtualized platforms and the deletion of saved backups were finally started,” it added.
The university warned that “significant amounts of data from various areas” were copied, including usernames and “cryptographically secured” passwords, email addresses and mobile phone numbers.
Despite describing the compromised passwords as “cryptographically secured” the IT team recommended that students and staff change their passwords “for all internal university applications,” adding “in particular, change your password for Microsoft Teams and avoid using passwords that you have already used before.”
The university said it had to rebuild its IT systems, including the existing Microsoft cloud environment, and was “trying to restore a backup of the email data from the old mail server as of December 14.”
Following the attack, HAW Hamburg's IT security said it had “received several reports from students about attempts to log on to Internet portals such as Amazon and eBay by unauthorized third parties.”
“After reviewing all previous reports, and taking into account the attacker group's previous approach, it can be ruled out that the login attempts are related to the security incident at HAW Hamburg or the attacker group,” the team added.
Back in January the Vice Society ransomware group [claimed responsibility](https://therecord.media/vice-society-ransomware-gang-claims-attack-on-one-of-germanys-largest-universities/) for a November attack against the University of Duisburg-Essen in Germany.
Then in February the University of Zurich, Switzerland's largest university, announced it was the target of a “serious cyberattack,” which a spokesperson described to The Record as “part of a current accumulation of attacks on educational and health institutions.”
The week before, the [Harz University of Applied Sciences](https://www.n-tv.de/regionales/sachsen-anhalt/Hochschule-Harz-nach-digitalem-Angriff-offline-article23885755.html) in Saxony-Anhalt, [Ruhr West University](https://www.hochschule-ruhr-west.de/hrwoffline/), and the [EU/FH European University of Applied Sciences](https://www.eufh.de/hochschule/pressemitteilung) all announced being impacted by cyberattacks.
|
Ransomware Guideline Cloud | ★★ | |
|
2023-03-06 11:15:09 | CVE-2017-20180 (lien direct) | A vulnerability classified as critical has been found in Zerocoin libzerocoin. Affected is the function CoinSpend::CoinSpend of the file CoinSpend.cpp of the component Proof Handler. The manipulation leads to insufficient verification of data authenticity. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is ce103a09ec079d0a0ed95475992348bed6e860de. It is recommended to apply a patch to fix this issue. VDB-222318 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-03-06 08:15:09 | CVE-2023-1191 (lien direct) | A vulnerability classified as problematic has been found in fastcms. This affects an unknown part of the file admin/TemplateController.java of the component ZIP File Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222363. | Vulnerability Guideline | ||
|
2023-03-06 08:15:08 | CVE-2023-1186 (lien direct) | A vulnerability has been found in FabulaTech Webcam for Remote Desktop 2.8.42 and classified as problematic. This vulnerability affects unknown code in the library ftwebcam.sys of the component IoControlCode Handler. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-222358 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-03-06 08:15:08 | CVE-2023-1190 (lien direct) | A vulnerability was found in xiaozhuai imageinfo up to 3.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file imageinfo.hpp. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-222362 is the identifier assigned to this vulnerability. | Vulnerability Guideline |
To see everything:
Our RSS (filtrered)
