Tag: SQL INJECTION

Italy Bans Chinese DeepSeek AI Over Data Privacy and Ethical Concerns
Summary: Italy’s data protection authority has blocked the Chinese AI firm DeepSeek’s service due to inadequate clarity regarding its data handling practices and personal data usage. This decision follows concerns over user data collection, potential legal implications, and vulnerabilities in the company’s models, which have raised national security alarms.…
Read More
US-CERT Vulnerability Summary for the Week of January 20, 2025 – RedPacket Security
The CISA Vulnerability Bulletin has highlighted several new vulnerabilities identified within various software products, primarily focusing on vulnerabilities that pose risks of arbitrary code execution, cross-site scripting, and SQL injection among others. The vulnerabilities are categorized based on their severity. High-profile examples include serious security weaknesses in software from Enrich Technology, Apache Software Foundation, and WordPress plugins.…
Read More

Attacker: SUKASEPONG01Target: aksi.smpmuhasa.sch.idSource: https://zone-xsec.com/mirror/id/703684

Attacker: SUKASEPONG01Target: explorer.smpmuhasa.sch.idSource: https://zone-xsec.com/mirror/id/703683

Attacker: SUKASEPONG01Target: main.smpmuhasa.sch.idSource: https://zone-xsec.com/mirror/id/703682

Attacker: SUKASEPONG01Target: literasi.smpmuhasa.sch.idSource: https://zone-xsec.com/mirror/id/703681

Attacker: SUKASEPONG01Target: www.ujian.smpmuhasa.sch.idSource: https://zone-xsec.com/mirror/id/703680

Attacker: RidXploitTarget: sibolgakota.go.id/home/wp-cont…Source: https://zone-xsec.com/mirror/id/703679

Attacker: ./FreedomXploitTarget: sid.banyumaskab.go.id/desa/upl…Source: https://zone-xsec.com/mirror/id/703588

Attacker: D0R4H4X0RTarget: gimnasionuevaamerica.edu.co/5….Source: https://zone-xsec.com/mirror/id/703586

Attacker: KenzoXploitTarget: mooc.ba.rmuti.ac.th/log/index….Source: https://zone-xsec.com/mirror/id/703573

Attacker: KaiyoTarget: cdvdna.edu.vn/vi/khoadien/tran…Source: https://zone-xsec.com/mirror/id/703572

Attacker: RidXploitTarget: sibolgakota.go.id/home/wp-content/uploads/2025/…Source: https://defacer.id/mirror/id/140185

Attacker: SUKASEPONG01Target: aksi.smpmuhasa.sch.id/Source:…

Read More
Summary: Researcher Mehdi Elyassa from Synacktiv disclosed a critical SQL injection vulnerability in Microsoft Configuration Manager (CVE-2024-43468) with a CVSS score of 9.8, allowing unauthenticated attacks that can execute arbitrary commands. The flaw exists in the MP_Location service, enabling attackers to gain sysadmin-level privileges and potentially achieve full control over the deployment environment.…
Read More
Anatomy of an Exploit Chain: CISA, FBI Detail Ivanti CSA Attacks 
Threat actors exploited four vulnerabilities in Ivanti Cloud Service Appliances (CSA) to conduct attacks on multiple organizations in September. The FBI and CISA have issued an advisory urging users to upgrade their systems and implement threat hunting techniques. The vulnerabilities, suspected to be linked to sophisticated nation-state actors, were used to gain access, execute code, and implant web shells.…
Read More
Practical Application of the MITRE ATT&CK Framework for SOC/Cybersecurity Analysts: Mapping Techniques to Real-World Threats
This article highlights a significant gap in threat detection capabilities within SIEM technologies, which reportedly only cover 19% of the MITRE ATT&CK techniques. Focusing on the MOVEit Transfer attack in 2023, it illustrates the importance of the MITRE ATT&CK framework for cybersecurity analysts in mapping real-world threats, enhancing detection rules, and improving incident response strategies.…
Read More
3 Use Cases for Third-Party API Security
Summary: The commentary discusses the importance of adapting security strategies for third-party APIs, highlighting the unique risks and considerations that differ from first-party APIs. It emphasizes the need for security leaders to focus on three specific use cases: managing outbound data flows, protecting against inbound traffic, and overseeing data management for third-party applications.…
Read More
Multiple Cybersecurity Giants’ Account Credentials Leaked and Sold on Dark Web; Ministry of Industry and Information Technology Warns: Beware of Androxgh0st Botnet Risks | NiuLan – Security Niu
A recent report reveals that multiple cybersecurity firms have had their account credentials leaked and are being sold on the dark web. This poses risks not only to the companies involved but also to their customers. Additionally, the Ministry of Industry and Information Technology highlights the ongoing threat of the Androxgh0st botnet, which targets IoT devices and network infrastructure.…
Read More
CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380 Detection: CISA and FBI Warn Defenders of Two Exploit Chains Using Critical Ivanti CSA Vulnerabilities – SOC Prime
Recent vulnerabilities in Ivanti Cloud Service Appliances (CSA) pose significant risks, allowing adversaries to exploit them through various chains. The CISA and FBI alert highlights the need for immediate action, as attackers have been able to gain access, execute remote code, and compromise sensitive networks. Affected: Ivanti Cloud Service Appliances, Enterprise Security

Keypoints :

Ivanti Cloud Service Appliances (CSAs) face critical vulnerabilities tracked as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380.…
Read More
CVE-2025-23006: SonicWall Secure Mobile Access SMA 1000 Zero-Day Reportedly Exploited
A zero-day vulnerability (CVE-2025-23006) affecting SonicWall’s Secure Mobile Access (SMA) 1000 has been actively exploited, potentially allowing unauthorized remote command execution. Although SonicWall provided a fix, the advisory warns of ongoing threats from malicious actors targeting this security flaw. Affected: SonicWall SMA 1000, SonicWall Firewall devices

Keypoints :

A zero-day vulnerability identified as CVE-2025-23006 was disclosed by SonicWall.…
Read More
CISA: Ivanti Vulns Chained Together in Cyberattack Onslaught
Summary: Cyberattackers are exploiting multiple Ivanti vulnerabilities to compromise the company’s Cloud Service Appliance (CSA). CISA and the FBI have identified several critical vulnerabilities that allow attackers to gain initial access and execute remote code on victim networks. Organizations are urged to upgrade their systems and implement detection methods to mitigate these threats.…
Read More
Four Critical Ivanti CSA Vulnerabilities Exploited, CISA and FBI Urge Mitigation
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have issued a joint advisory regarding the active exploitation of four critical vulnerabilities in Ivanti Cloud Service Appliances. These include CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380, which can lead to unauthorized access, remote code execution, and credential theft.…
Read More
Weekly IT Vulnerability Report: Critical Updates for SAP, Microsoft, Fortinet, and Others
Key vulnerabilities in major platforms such as SAP, Microsoft, and Fortinet have been identified, necessitating immediate attention due to active exploitation by threat actors. The vulnerabilities include privilege escalation, unauthorized access, and critical flaws in widely used applications. Affected: SAP, Microsoft, Fortinet

Keypoints :

Cyble Research and Intelligence Labs (CRIL) analyzed vulnerabilities disclosed between January 8 and 14, 2025.…
Read More
Critical Vulnerability Threatens STEALTHONE Network Storage Servers
Summary: JPCERT/CC has issued a warning about critical vulnerabilities in STEALTHONE D220, D340, and D440 network storage servers, urging immediate firmware updates. The vulnerabilities, identified as CVE-2025-20016, CVE-2025-20055, and CVE-2025-20620, could allow attackers to execute arbitrary commands, gain unauthorized access, and steal administrative passwords. Users are advised to update their devices to the latest firmware to mitigate these risks.…
Read More
Gootloader inside out
The Gootloader malware employs sophisticated social engineering tactics to infect users through compromised WordPress sites. It manipulates search engine results to direct victims to these sites, where they encounter fake message boards that link to the malware. The infection process is complex and heavily obfuscated, making it difficult for even site owners to detect.…
Read More