News

• CIS Benchmarks February 2025 Update Wed, 05 Feb 2025 13:29:00 -0500
  Here is an overview of the CIS Benchmarks that the Center for Internet Security (CIS) updated or released for February 2025.

Looking Glass Cyber

Malware Patrol

• InfoSec Articles (01/28/25 – 02/11/25)
• InfoSec Articles (01/14/25 – 01/28/25)

SecList

• Investors, Trump and the Illuminati: What the “Nigerian prince” scams became in 2024
  Compensations for scam victims, and millionaires losing their family to COVID-19: read on to learn about the types of "Nigerian" spam one could come across in 2024.

securingtomorrow.mcafee.com

Quick Heal

Threat Post

• Student Loan Breach Exposes 2.5M Records
• Watering Hole Attacks Push ScanBox Keylogger
• Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
• Ransomware Attacks are on the Rise
• Cybercriminals Are Selling Access to Chinese Surveillance Cameras
• Twitter Whistleblower Complaint: The TL;DR Version
• Firewall Bug Under Active Attack Triggers CISA Warning
• Fake Reservation Links Prey on Weary Travelers
• iPhone Users Urged to Update to Patch 2 Zero-Days
• Google Patches Chrome’s Fifth Zero-Day of the Year

Naked Security

Security Affairs

• Pro-Russia collective NoName057(16) launched a new wave of DDoS attacks on Italian sites
• whoAMI attack could allow remote code execution within AWS account
• Storm-2372 used the device code phishing technique since August 2024
• SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 33
• Security Affairs newsletter Round 511 by Pierluigi Paganini – INTERNATIONAL EDITION
• U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog
• Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug
• U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog
• China-linked APT Salt Typhoon breached telecoms by exploiting Cisco router flaws
• Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks

Security Awareness Tips of the week

Exploits

• [webapps] SOPlanning 1.52.01 (Simple Online Planning Tool) - Remote Code Execution (RCE) (Authenticated)
• [webapps] reNgine 2.2.0 - Command Injection (Authenticated)
• [webapps] openSIS 9.1 - SQLi (Authenticated)
• [webapps] dizqueTV 1.5.3 - Remote Code Execution (RCE)
• [webapps] NoteMark < 0.13.0 - Stored XSS
• [webapps] Gitea 1.22.0 - Stored XSS
• [webapps] Invesalius3 - Remote Code Execution
• [dos] Windows TCP/IP - RCE Checker and Denial of Service
• [webapps] Aurba 501 - Authenticated RCE
• [webapps] HughesNet HT2000W Satellite Modem - Password Reset
• [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Device Config Disclosure
• [webapps] Elber Wayber Analog/Digital Audio STL 4.00 - Authentication Bypass
• [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Device Config
• [webapps] Elber ESE DVB-S/S2 Satellite Receiver 1.5.x - Authentication Bypass
• [webapps] Helpdeskz v2.0.2 - Stored XSS
• [webapps] Calibre-web 0.6.21 - Stored XSS
• [webapps] Devika v1 - Path Traversal via 'snapshot_path'
• [local] Genexus Protection Server 9.7.2.10 - 'protsrvservice' Unquoted Service Path
• [local] SolarWinds Kiwi Syslog Server 9.6.7.1 - Unquoted Service Path
• [local] Oracle Database 12c Release 1 - Unquoted Service Path
• [webapps] Ivanti vADC 9.9 - Authentication Bypass
• [local] Bonjour Service 'mDNSResponder.exe' - Unquoted Service Path Privilege Escalation
• [webapps] Xhibiter NFT Marketplace 1.10.2 - SQL Injection
• [webapps] Azon Dominator Affiliate Marketing Script - SQL Injection
• [webapps] Microweber 2.0.15 - Stored XSS
• [webapps] Customer Support System 1.0 - Stored XSS
• [webapps] Automad 2.0.0-alpha.4 - Stored Cross-Site Scripting (XSS)
• [webapps] SolarWinds Platform 2024.1 SR1 - Race Condition
• [webapps] Flatboard 3.2 - Stored Cross-Site Scripting (XSS) (Authenticated)
• [webapps] Poultry Farm Management System v1.0 - Remote Code Execution (RCE)
• [webapps] Boelter Blue System Management 1.3 - SQL Injection
• [webapps] WP-UserOnline 2.88.0 - Stored Cross Site Scripting (XSS) (Authenticated)
• [webapps] PHP < 8.3.8 - Remote Code Execution (Unauthenticated) (Windows)
• [webapps] AEGON LIFE v1.0 Life Insurance Management System - SQL injection vulnerability.
• [webapps] XMB 1.9.12.06 - Stored XSS
• [webapps] Carbon Forum 5.9.0 - Stored XSS
• [webapps] AEGON LIFE v1.0 Life Insurance Management System - Stored cross-site scripting (XSS)
• [webapps] appRain CMF 4.0.5 - Remote Code Execution (RCE) (Authenticated)
• [webapps] CMSimple 5.15 - Remote Code Execution (RCE) (Authenticated)
• [webapps] WBCE CMS v1.6.2 - Remote Code Execution (RCE)
• [webapps] Monstra CMS 3.0.4 - Remote Code Execution (RCE)
• [webapps] Dotclear 2.29 - Remote Code Execution (RCE)
• [webapps] Serendipity 2.5.0 - Remote Code Execution (RCE)
• [webapps] Sitefinity 15.0 - Cross-Site Scripting (XSS)
• [webapps] FreePBX 16 - Remote Code Execution (RCE) (Authenticated)
• [webapps] Akaunting 3.1.8 - Server-Side Template Injection (SSTI)

Last 20 Website Defacements - Zone-h

Advisories

Symantec Packet Stoem Security