ICS attacks, little known to the general public, are perhaps the most devastating in terms of potential negative consequences. New Bluetooth vulnerability and cool malware news. Vulnerabilities: Not an interesting microsoft patch (yet), ICS and bluetooth; Tools: Traditionally; News: Malware activity and CERT alert; Research: Mainly for Windows enthusiasts. Feedback -> here Vulnerabilities Microsoft released … Continue reading Second Tuesday patch, another victim of the ransomware and a friendly…
ICS attacks, little known to the general public, are perhaps the most devastating in terms of potential negative consequences. New Bluetooth vulnerability and cool malware news. Vulnerabilities: Not an interesting microsoft patch (yet), ICS and bluetooth; Tools: Traditionally; News: Malware activity and CERT alert; Research: Mainly for Windows enthusiasts. Feedback -> here Vulnerabilities Microsoft released … Continue reading Second Tuesday patch, another victim of the ransomware and a friendly…
The week of the second Tuesday of the month always sees a lot of important updates from various vendors. It’s been a long time since our news section was bigger than Vulnerabilities. In the Research section you will traditionally find the most useful stuff that the author couldn’t pass by. Content: Vulnerabilities: Microsoft patch and … Continue reading Second Tuesday patches and several attacks in weekly news →
Grafana is an open-source platform for monitoring and observability. Affected versions of Grafana expose multiple API endpoints which do not properly handle user authorization. `/teams/:teamId` will allow an authenticated attacker to view unintended data by querying for the specific team ID, `/teams/:search` will allow an authenticated attacker to search for teams and see the total number of available teams, including for those teams that the user does not have access to, and `/teams/:teamId/members` when…