Notícias

GreyNoise researchers have observed exploit attempts targeting the remote code execution vulnerability CVE-2023-28771 in Zyxel devices. On June 16, GreyNoise researchers detected exploit attempts targeting CVE-2023-28771 (CVSS score 9.8), a remote code execution flaw impacting Zyxel IKE decoders over UDP port 500. “Exploitation attempts against CVE-2023-28771 were minimal throughout recent weeks. On June 16, GreyNoise observed […]

GreyNoise warns of a spike in exploitation attempts targeting a two-year-old vulnerability in Zyxel firewalls. The post Zyxel Firewall Vulnerability Again in Attacker Crosshairs appeared first on SecurityWeek.

Some 36% of Grafana instances are vulnerable to account takeover bug, putting DevOps teams at risk

Discover how IP geolocation strengthens password security by detecting suspicious login attempts, reducing fraud risks, and enhancing user authentication. The post How IP Geolocation Enhances Password Security appeared first on Security Boulevard.

A vulnerability could allow recovery of the phone number associated with a Google account by carrying out a brute force attack. The security researcher who goes online with the moniker “brutecat” discovered that it is possible to brute force the phone number of any Google abusing an issue in the company's account recovery feature. A […]

In a twist on typical hiring-related social engineering attacks, the FIN6 hacking group impersonates job seekers to target recruiters, using convincing resumes and phishing sites to deliver malware. [...]

SentinelOne revealed details of two new intrusion attempts by China-nexus actors

Exploitation of a critical-severity RCE vulnerability in Roundcube started only days after a patch was released. The post Exploited Vulnerability Impacts Over 80,000 Roundcube Servers appeared first on SecurityWeek.

Play ransomware attacks have hit roughly 900 organizations and recently involved the exploitation of SimpleHelp vulnerabilities. The post FBI Aware of 900 Organizations Hit by Play Ransomware appeared first on SecurityWeek.

Posted by Ron E on Jun 03An authenticated attacker can inject JavaScript into the bio field of their user profile. When the profile is viewed by another user, the injected script executes. *Proof of Concept:* POST /api/method/frappe.desk.page.user_profile.user_profile.update_profile_info HTTP/2 Host: --host-- profile_info={"bio":"\">"}