https://www.europesays.com/2183857/ Banks in S. Korea, Taiwan, Thailand #Economy #outlook #RetailNews #RetailProblems #retailers #sector #SouthKorea #vulnerabilities
Recent searches
Search options
#vulnerabilities
1 post1 participant0 posts today
(Maybe intentional, maybe unintentional) deceptive advisories 101: https://certvde.com/en/advisories/VDE-2025-052/ .
The actual vulns here are OS command injection issues (CWE-78). The webapp just so happens to be vulnerable to CSRF too, so they use CWE-352, but honestly nobody in their right mind gives a crap about CSRF as a top priority item.
There are multiple ways to exploit the bugs. The score/vector in the advisory is technically correct, but you could also exploit the bug (or series of bugs) as 9.1 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) or 9.9 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H) depending on the privilege required to do the OS command injection. But honestly the 'what privilege required' becomes moot when you search the user manual for default credentials....
Whether the deception is intentional or not, who knows, it is what it is. Attackers are never* gonna use CSRF, but they are absolutely positively going to abuse command injection (even authenticated command injection), especially against devices which has 1) a cellular modem and 2) published default credentials that are incredibly easy to learn.
This is all an example of the fact that CVSS does not score a vulnerability, but rather scores one exploitation method of a vulnerability. There are often multiple ways to interpret 'a vuln'. In this case the advisory probably should have reserved more CVEs anyway: some to cover the CSRF, and others to cover the command injection bugs (the fixes for each are most likely distinct code changes, so worthy of independent CVEs, but I digress).
And sorry for the sales pitch: this is the kind of thing that we manually review all week, every week, and publish details about in our Worldview reports: https://www.dragos.com/dragos-worldview/
certvde.comVDE-2025-052 | CERT@VDEAdvisories
Secure Boot just got a wake-up call—hackers are now exploiting a new flaw to slip bootkit malware past our digital bouncer. Ever wonder how secure your system really is?
https://thedefendopsdiaries.com/navigating-the-challenges-of-secure-boot-vulnerabilities/
The DefendOps Diaries · Navigating the Challenges of Secure Boot Vulnerabilities
Latest issue of my curated #cybersecurity and #infosec list of resources for week #23/2025 is out!
It includes the following and much more:
Cartier announced a #databreach;
Microsoft and CrowdStrike are working together to connect the different names used for hacking groups;
German authorities have identified Vitaly Nikolaevich Kovalev as the leader of the #TrickBot cybercrime gang;
Over 30 #Vulnerabilities Patched in #Android;
Microsoft has launched a free European Security Program to enhance cybersecurity for #EU governments;
#Microsoft Helps India CBI Dismantle Indian Call Centers;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
https://infosec-mashup.santolaria.net/p/infosec-mashup-23-2025
X’s InfoSec Newsletter🕵🏻♂️ [InfoSec MASHUP] 23/2025Cartier announced a data breach; Microsoft and CrowdStrike are working together to connect the different names used for hacking groups; German authorities have identified Vitaly Nikolaevich Kovalev as the leader of the TrickBot cybercrime gang; Over 30 Vulnerabilities Patched in Android; Microsoft has launched a free European Security Program to enhance cybersecurity for EU governments; Microsoft Helps India CBI Dismantle Indian Call Centers;
The VLAI Severity model is accessible via API. Here is a simple example from a recent Ivanti vulnerability description from their vulnerability webpage.
The VLAI Security model for vulnerabilities is accessible via vulnerability-lookup and the public instance operated by CIRCL.
So, if you have a vulnerability description, you can quickly assess it to get a general idea of its severity.
curl -X 'POST' \
'https://vulnerability.circl.lu/api/vlai/severity-classification' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{ "description": "Ivanti has released updates for Ivanti Neurons for ITSM (on-prem only) which addresses one critical severity vulnerability. Depending on system configuration, successful exploitation could allow an unauthenticated remote attacker to gain administrative access to the system. We are not aware of any customers being exploited by these vulnerabilities at the time of disclosure. We have included an environmental score to provide customers with additional context on the adjusted risk of this vulnerability with typical use cases. Customers who have followed Ivanti guidance on securing the IIS website and restricted access to a limited number of IP addresses and domain names have a reduced risk to their environment. Customers who have users log into the solution from outside their company network also have a reduced risk to their environment if they ensure that the solution is configured with a DMZ." }'
and the result
{
"severity": "Critical",
"confidence": 0.9256
}
#cve #ivanti #vulnerability #vulnerabilitymanagement #vulnerabilities
For more details: https://www.vulnerability-lookup.org/2025/05/22/vulnerability-lookup-2-10-0/#ai-powered-enrichment-using-our-in-house-ai-models
www.vulnerability-lookup.org · Vulnerability-Lookup 2.10.0 releasedWe’re delighted to announce the release of Vulnerability-Lookup 2.10.0,
and it’s packed with exciting features!
What’s New
AI-Powered Enrichment using our in-house AI models
Vulnerability-Lookup now enhances vulnerability advisories using our in-house AI models.
We recently worked on a new project, ML-Gateway,
a FastAPI service for serving NLP models. It loads one or more pre-trained NLP models during startup
and expose them through a clean, RESTful API for inference.
For example, it leverages the transformers library to load the
CIRCL/vulnerability-severity-classification-roberta-base
model, which specializes in classifying vulnerability descriptions according to their severity level.
The server initializes this model once at startup, ensuring minimal latency during inference requests.
Do you remember the infamous Sony PlayStation Network hack? As a pivotal case study, this attack highlights the advancements in cybersecurity following one of history's most significant cyberattacks on cloud platforms.
European vulnerability database opens in case the dumbass Americans cut funding again.
https://www.infosecurity-magazine.com/news/european-vulnerability-database-us/
Infosecurity Magazine · European Vulnerability Database Launches Amid US CVE Chaos
This time I'm begging you to update yo shit!
PSA: iOS 18.5 patches over 30 iPhone security vulnerabilties - 9to5Mac
Open source project #curl is sick of users submitting “AI slop” #vulnerabilities - Ars Technica
"One way you can tell is it's always such a nice report," founder tells Ars.
#aislop #ai #security
Ars Technica · Open source project curl is sick of users submitting “AI slop” vulnerabilities
Okay. Every now and then, I may use some AI to help write something.
But if I can't articulate what's wrong or where something is broken to get it fixed, maybe I should leave that up to someone who can.
Open source project curl is sick of users submitting “AI slop” vulnerabilities
Open source project curl is sick of users submitting “AI slop” vulnerabilities https://arstechni.ca/LAhpm #vulnerabilities #bugreports #hackerone #security #Tech #curl #AI
Ars Technica · Open source project curl is sick of users submitting “AI slop” vulnerabilities
Latest issue of my curated #cybersecurity and #infosec list of resources for week #18/2025 is out!
It includes the following and much more:
France has linked Russian APT to 12 #cyberattacks on French Orgs.;
Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation;
#Vulnerabilities in Apple's #AirPlay Protocol;
New York's Metropolitan Transportation Authority plans to use #AI and cameras to detect potential subway crimes before they happen;
@SentinelOne Targeted by Chinese #PurpleHaze Group;
#Microsoft sets all new accounts #passwordless by default;
The #Trump administration plans to cut $491 million from #CISA's budget;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end
https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2025
X’s InfoSec Newsletter🕵🏻♂️ [InfoSec MASHUP] 18/2025France has linked Russian APT to 12 cyberattacks on French Orgs.; Cybersecurity experts demand the reinstatement of Chris Krebs' security clearances and the withdrawal of the investigation; Vulnerabilities in Apple's AirPlay Protocol; New York's Metropolitan Transportation Authority plans to use AI and cameras to detect potential subway crimes before they happen; SentinelOne Targeted by Chinse PurpleHaze Group; Microsoft sets all new Accounts passwordless by Default; The Trump administration plans to cut $491 million from CISA's budget;
Seven new GNAs have been registered on GCVE.EU !
We're glad to see the community grow and are open to new GNA applications
JSON https://gcve.eu/dist/gcve.json Why and How to become a GNA https://gcve.eu/about/#eligibility-and-process-to-obtain-a-gna-id
Latest issue of my curated #cybersecurity and #infosec list of resources for week #17/2025 is out!
It includes the following and much more:
Two top officials from #CISA resigned;
U.S. Defense Secretary Pete Hegseth caught in another information leak;
Yearly Threat Intelligence Reports Released;
U.S. lost record $16.6 billion to #cybercrime in 2024;
5.5 Million Patients Affected by #DataBreach at Yale New Haven Health;
VulnCheck spotted 159 actively exploited #vulnerabilities in first few months of 2025;
FBI is seeking public help to identify Chinese hackers known as #SaltTyphoon and offers $10 million reward;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end
https://infosec-mashup.santolaria.net/p/infosec-mashup-17-2025
X’s InfoSec Newsletter🕵🏻♂️ [InfoSec MASHUP] 16/2025Two top officials from CISA resigned; U.S. Defense Secretary Pete Hegseth caught in another information leak; Yearly Threat Intelligence Reports Released; U.S. lost record $16.6 billion to cybercrime in 2024; 5.5 Million Patients Affected by Data Breach at Yale New Haven Health; VulnCheck spotted 159 actively exploited vulnerabilities in first few months of 2025; FBI is seeking public help to identify Chinese hackers known as Salt Typhoon and offers $10 million reward;
A Python client for the Global CVE Allocation System has been released.
by @cedric
GitHubGitHub - gcve-eu/gcve: A Python client for the Global CVE Allocation System.A Python client for the Global CVE Allocation System. - gcve-eu/gcve
Cybercriminals switch up their top initial access vectors of choice – Source: www.csoonline.com https://ciso2ciso.com/cybercriminals-switch-up-their-top-initial-access-vectors-of-choice-source-www-csoonline-com/ #ThreatandVulnerabilityManagement #IdentityandAccessManagement #rssfeedpostgeneratorecho #CyberSecurityNews #IncidentResponse #vulnerabilities #cyberattacks #Cybercrime #CSOonline #CSOOnline #Phishing
CISO2CISO.COM & CYBER SECURITY GROUP · Cybercriminals switch up their top initial access vectors of choice – Source: www.csoonline.comSource: www.csoonline.com - Author: News AnalysisApr 25, 20256 minsCyberattacksIncident ResponsePhishing
The first publication of the GCVE-BCP-01 - Signature Verification of the Directory File
More information about BCP https://gcve.eu/bcp/ GCVE-BCP-01 https://gcve.eu/bcp/gcve-bcp-01/
gcve.euGCVE.eu - Best Current Practice (BCP)
The digital signature of the directory file was added in response to requests from various open-source developers and GNAs.
#cve #gcve #vulnerabilities #opensource
FAQ https://gcve.eu/faq/#q13-is-the-json-file-distributed-by-gcve-signed-and-how-can-the-signature-be-verified Directory file https://gcve.eu/dist/
gcve.euFAQGCVE Frequently Asked Questions (FAQ)Q1: What is GCVE?
A: GCVE (Global CVE Allocation System) is a new, decentralized system for identifying and numbering security vulnerabilities. It aims to increase flexibility, scalability, and autonomy for organizations involved in vulnerability management, while remaining compatible with the traditional CVE® system.
Q2: How is GCVE different from the traditional CVE system?
A: The main difference is decentralization. GCVE introduces GCVE Numbering Authorities (GNAs), which are independent entities that can allocate GCVE identifiers without needing blocks pre-allocated from a central authority or adhering strictly to centrally enforced policies. The traditional CVE system typically relies on a more centralized structure for ID allocation and policy.
New Research Alert: Attackers are exploiting a dangerous class of cyber flaws—resurgent vulnerabilities. Learn how they work, why they matter, and what defenders can do. Full analysis
#Cybersecurity #GreyNoise #Vulnerabilities
www.greynoise.ioGreyNoise Uncovers Unique Risks From Resurgent Cybersecurity VulnerabilitiesAttackers from every corner of the internet are exploiting a uniquely dangerous class of cyber flaws: resurgent vulnerabilities.