InfoSecBulletin Cybersecurity for mankind
A threat actor has announced selling a 0day vulnerability for Dahua cameras. The bad actor claimed this vulnerability supposedly works with all versions of the device.
The threat actor announced the vulnerability allowed unrestricted access and control of the camera and describing it as a Remote Code Execution (RCE) exploit.
CVSS 9.6: IBM QRadar & Cloud Pak Security Flaws Exposed
ALERT
Thousands of IP addresses compromised nationwide: CIRT warn
New Android Malware ‘Crocodilus’ Targets Banks in 8 Countries
Qualcomm Patches 3 Zero-Days Used in Targeted Android Attacks
Critical RCE Flaw Patched in Roundcube Webmail
Hacker claim Leak of Deloitte Source Code & GitHub Credentials
CISA Issued Guidance for SIEM and SOAR Implementation
Linux flaws enable password hash theft via core dumps in Ubuntu, RHEL, Fedora
Australia enacts mandatory ransomware payment reporting
Why Govt Demands Foreign CCTV Firms to Submit Source Code?
This exclusive vulnerability is being sold for $400,000. The seller says it’s a rare chance to access a major security solution in the camera market.
The bad actor said that Interested buyers can contact the seller for more information, Proof of Concept (PoC), or to make a purchase link provided in the post.
(Media Disclaimer: This report is based on research conducted internally and externally using different ways. The information provided is for reference only, and users are responsible for relying on it. Infosecbulletin is not liable for the accuracy or consequences of using this information by any means)
