From elastic.co

Kibana 8.15.1 Security Update (ESA-2024-27, ESA-2024-28)

2 2

Kibana arbitrary code execution via YAML deserialization in Amazon Bedrock Connector (ESA-2024-27) A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic...

#cve #elastic #vulnerability #kibana

on Sep 5

From greynoise.io

Heightened In-The-Wild Activity On Key Technologies Observed On March 28

1 1

GreyNoise observed a significant spike in activity targeting multiple edge technologies, including SonicWall, Zoho, Zyxel, F5, Linksys, and Ivanti systems.

#f5 #cve #zoho #ivanti #linksys #greynoise #sonicwall #vulnerability

3h ago

From alienvault.com

LevelBlue - Open Threat Exchange

1 1

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

#bot #mac #otx #rat #uae #email #github #infosec #malware #telecom

5h ago

From grahamcluley.com

The AI Fix #44: AI-generated malware, and a stunning AI breakthrough

1 1

In episode 44 of The AI Fix, ChatGPT won’t build a crystal meth lab, GPT-4o improves the show’s podcast art, some students manage to screw in a lightbulb, Google releases Gemini 2.5…

#ai #grok #google #openai #chatgpt #malware #podcast #theaifix #googlechrome #vulnerability

7h ago

From beyondmachines.net

Researchers report critical flaw in Insight Cluster Management Utility

1 1

A critical vulnerability (CVE-2024-13804, CVSS 9.8) in HPE Insight Cluster Management Utility (CMU) v8.2 allows unauthenticated attackers to execute arbitrary commands as root on cluster management nodes by exploiting a design flaw in the Java RMI interface. There will be no patch as the...

#infosec #advisory #cybersecurity #vulnerability

14h ago

From codeberg.org

rpm-hardened_malloc

1 1

Unofficial micro-architecture optimized hardened_malloc package || https://github.com/GrapheneOS/hardened_malloc

#dcg #fsf #foss #futo #fedora #router #skynet #android #infosec #codeberg

on Feb 4

From beyondmachines.net

Veeam patches 18 Flaws, 5 critical in its products

1 1

Veeam has released security patches addressing 18 high and critical vulnerabilities across multiple products, including critical remote code execution (RCE) flaws in Veeam Backup & Replication (CVE-2024-40711, CVSS score 9.8) and Veeam Service Provider Console (CVE-2024-38650, CVE-2024-39714,...

#infosec #Advisory #cybersecurity #vulnerability

on Sep 6

From cisa.gov

Vulnerability Summary for the Week of August 26, 2024 | CISA

1 1

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info

#cve #cwe #cisa #cvss #cveid #hssedi #vulnerability #vulnerabilitymanagement

on Sep 5