What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-02-17 19:38:08 | Another Critical RCE Discovered in Adobe Commerce and Magento Platforms (lien direct) | Adobe on Thursday updated its advisory for an actively exploited zero-day affecting Adobe Commerce and Magento Open Source to patch a newly discovered flaw that could be weaponized to achieve arbitrary code execution. Tracked as CVE-2022-24087, the issue – like CVE-2022-24086 – is rated 9.8 on the CVSS vulnerability scoring system and relates to an "Improper Input Validation" bug | Vulnerability | ||
|
2022-02-15 21:25:21 | High-Severity RCE Security Bug Reported in Apache Cassandra Database Software (lien direct) | Researchers have revealed details of a now-patched high-severity security vulnerability in Apache Cassandra that, if left unaddressed, could be abused to gain remote code execution on affected installations. "This Apache security vulnerability is easy to exploit and has the potential to wreak havoc on systems, but luckily only manifests in non-default configurations of Cassandra," Omer Kaspi, | Vulnerability | ||
|
2022-02-14 21:06:51 | New Chrome 0-Day Bug Under Active Attack – Update Your Browser ASAP! (lien direct) | Google on Monday rolled out fixes for eight security issues in the Chrome web browser, including a high-severity vulnerability that's being actively exploited in real-world attacks, marking the first zero-day patched by the internet giant in 2022. The shortcoming, tracked CVE-2022-0609, is described as a use-after-free vulnerability in the Animation component that, if successfully exploited, | Vulnerability | ||
|
2022-02-13 19:26:30 | Critical Magento 0-Day Vulnerability Under Active Exploitation - Patch Released (lien direct) | Adobe on Sunday rolled out patches to contain a critical security vulnerability impacting its Commerce and Magento Open Source products that it said is being actively exploited in the wild. Tracked as CVE-2022-24086, the shortcoming has a CVSS score of 9.8 out of 10 on the vulnerability scoring system and has been characterized as an "improper input validation" issue that could be weaponized to | Vulnerability | ||
|
2022-02-10 19:30:50 | Apple Releases iOS, iPadOS, macOS Updates to Patch Actively Exploited Zero-Day Flaw (lien direct) | Apple on Thursday released security updates for iOS, iPadOS, macOS, and Safari to address a new WebKit flaw that it said may have been actively exploited in the wild, making it the company's third zero-day patch since the start of the year. Tracked as CVE-2022-22620, the issue concerns a use-after-free vulnerability in the WebKit component that powers the Safari web browser and | Vulnerability | ||
|
2022-02-07 19:37:09 | Microsoft Temporarily Disables MSIX App Installers to Prevent Malware Abuse (lien direct) | Microsoft last week announced that it's temporarily disabling the MSIX ms-appinstaller protocol handler in Windows following evidence that a security vulnerability in the installer component was exploited by threat actors to deliver malware such as Emotet, TrickBot, and Bazaloader. MSIX, based on a combination of .msi, .appx, App-V and ClickOnce installation technologies, is a universal Windows | Malware Vulnerability Threat | ||
|
2022-02-06 21:03:44 | CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging federal agencies to secure their systems against an actively exploited security vulnerability in Windows that could be abused to gain elevated permissions on affected hosts. To that end, the agency has added CVE-2022-21882 (CVSS score: 7.0) to the Known Exploited Vulnerabilities Catalog, necessitating that Federal | Vulnerability | ||
|
2022-02-05 21:48:25 | New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps (lien direct) | Users of the Argo continuous deployment (CD) tool for Kubernetes are being urged to push through updates after a zero-day vulnerability was found that could allow an attacker to extract sensitive information such as passwords and API keys. The flaw, tagged as CVE-2022-24348 (CVSS score: 7.7), affects all versions and has been addressed in versions 2.3.0, 2.2.4, and 2.1.9. Cloud security firm | Tool Vulnerability | Uber | |
|
2022-02-04 03:52:32 | Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware (lien direct) | A now-patched security vulnerability in Apple iOS that was previously found to be exploited by Israeli company NSO Group was also separately weaponized by a different surveillance vendor named QuaDream to hack into the company's devices. The development was reported by Reuters, citing unnamed sources, noting that "the two rival businesses gained the same ability last year to remotely break into | Hack Vulnerability | ||
|
2022-02-04 00:34:02 | Cynet Log4Shell Webinar: A Thorough - And Clear - Explanation (lien direct) | Most security practitioners are now aware of the Log4Shell vulnerability discovered toward the end of 2021. No one knows how long the vulnerability existed before it was discovered. The past couple of months have had security teams scrambling to patch the Log4Shell vulnerability found in Apache Log4j, a Java library widely used to log error messages in applications. Beyond patching, it's helpful | Vulnerability | ||
|
2022-02-03 21:51:28 | Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users (lien direct) | A threat actor, likely Chinese in origin, is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021. The espionage operation - codenamed "EmailThief" - was detailed by cybersecurity company Volexity in a technical report published Thursday, noting that successful exploitation of the | Vulnerability Threat | ||
|
2022-02-01 21:24:29 | Critical Bug Found in WordPress Plugin for Elementor with Over a Million Installations (lien direct) | A WordPress plugin with over one million installs has been found to contain a critical vulnerability that could result in the execution of arbitrary code on compromised websites. The plugin in question is Essential Addons for Elementor, which provides WordPress site owners with a library of over 80 elements and extensions to help design and customize pages and posts. "This vulnerability allows | Vulnerability | ||
|
2022-01-31 20:16:00 | New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root (lien direct) | Samba has issued software updates to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations. Chief among them is CVE-2021-44142, which impacts all versions of Samba before 4.13.17 and concerns an out-of-bounds heap read/write vulnerability in the VFS module "vfs_fruit" | Vulnerability | ||
|
2022-01-26 21:05:03 | Apple Releases iOS and iPadOS Updates to Patch Actively Exploited 0-Day Vulnerability (lien direct) | Apple on Wednesday released iOS 15.3 and macOS Monterey 12.2 with a fix for the privacy-defeating bug in Safari, as well as to contain a zero-day flaw, which it said has been exploited in the wild to break into its devices. Tracked as CVE-2022-22587, the vulnerability relates to a memory corruption issue in the IOMobileFrameBuffer component that could be abused by a malicious application to | Vulnerability | ||
|
2022-01-26 05:33:05 | Initial Access Broker Involved in Log4Shell Attacks Against VMware Horizon Servers (lien direct) | An initial access broker group tracked as Prophet Spider has been linked to a set of malicious activities that exploits the Log4Shell vulnerability in unpatched VMware Horizon Servers. According to new research published by BlackBerry Research & Intelligence and Incident Response (IR) teams today, the cybercrime actor has been opportunistically weaponizing the shortcoming to download a | Vulnerability | ||
|
2022-01-25 21:39:33 | 12-Year-Old Polkit Flaw Lets Unprivileged Linux Users Gain Root Access (lien direct) | A 12-year-old security vulnerability has been disclosed in a system utility called Polkit that grants attackers root privileges on Linux systems, even as a proof-of-concept (PoC) exploit has emerged in the wild merely hours after technical details of the bug became public. Dubbed "PwnKit" by cybersecurity firm Qualys, the weakness impacts a component in polkit called pkexec, a program that's | Vulnerability | ||
|
2022-01-23 22:53:04 | High-Severity Rust Programming Bug Could Lead to File, Directory Deletion (lien direct) | The maintainers of the Rust programming language have released a security update for a high-severity vulnerability that could be abused by a malicious party to purge files and directories from a vulnerable system in an unauthorized manner. "An attacker could use this security issue to trick a privileged program into deleting files and directories the attacker couldn't otherwise access or delete, | Vulnerability | ||
|
2022-01-20 22:20:56 | Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software (lien direct) | Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager (RCM) for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. Tracked as CVE-2022-20649 (CVSS score: 9.0), the vulnerability stems from the fact that the debug mode has been incorrectly enabled | Vulnerability | ||
|
2022-01-19 20:57:47 | Microsoft: Hackers Exploiting New SolarWinds Serv-U Bug Related to Log4j Attacks (lien direct) | Microsoft on Wednesday disclosed details of a new security vulnerability in SolarWinds Serv-U software that it said was being weaponized by threat actors to propagate attacks leveraging the Log4j flaws to compromise targets. Tracked as CVE-2021-35247 (CVSS score: 5.3), the issue is an " input validation vulnerability that could allow attackers to build a query given some input and send that | Vulnerability Threat | ||
|
2022-01-17 21:13:47 | Zoho Releases Patch for Critical Flaw Affecting ManageEngine Desktop Central (lien direct) | Enterprise software maker Zoho on Monday issued patches for a critical security vulnerability in Desktop Central and Desktop Central MSP that a remote adversary could exploit to perform unauthorized actions in affected servers. Tracked as CVE-2021-44757, the shortcoming concerns an instance of authentication bypass that "may allow an attacker to read unauthorized data or write an arbitrary zip | Vulnerability | ||
|
2022-01-16 21:18:12 | High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites (lien direct) | Researchers have disclosed a security shortcoming affecting three different WordPress plugins that impact over 84,000 websites and could be abused by a malicious actor to take over vulnerable sites. "This flaw made it possible for an attacker to update arbitrary site options on a vulnerable site, provided they could trick a site's administrator into performing an action, such as clicking on a | Vulnerability | ||
|
2022-01-13 23:20:56 | Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM (lien direct) | Cisco Systems has rolled out security updates for a critical security vulnerability affecting Unified Contact Center Management Portal (Unified CCMP) and Unified Contact Center Domain Manager (Unified CCDM) that could be exploited by a remote attacker to take control of an affected system. Tracked as CVE-2022-20658, the vulnerability has been rated 9.6 in severity on the CVSS scoring system, and | Vulnerability | ||
|
2022-01-13 00:37:23 | Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor (lien direct) | An Iranian state-sponsored actor has been observed scanning and attempting to abuse the Log4Shell flaw in publicly-exposed Java applications to deploy a hitherto undocumented PowerShell-based modular backdoor dubbed "CharmPower" for follow-on post-exploitation. "The actor's attack setup was obviously rushed, as they used the basic open-source tool for the exploitation and based their operations | Tool Vulnerability | ||
|
2022-01-12 20:58:10 | Apple Releases iPhone and iPad Updates to Patch HomeKit DoS Vulnerability (lien direct) | Apple on Wednesday rolled out software updates for iOS and iPadOS to remediate a persistent denial-of-service (DoS) issue affecting the HomeKit smart home framework that could be potentially exploited to launch ransomware-like attacks targeting the devices. The iPhone maker, in its release notes for iOS and iPadOS 15.2.1, termed it as a "resource exhaustion issue" that could be triggered when | Vulnerability | ||
|
2022-01-11 22:42:18 | First Patch Tuesday of 2022 Brings Fix for a Critical \'Wormable\' Windows Vulnerability (lien direct) | Microsoft on Tuesday kicked off its first set of updates for 2022 by plugging 96 security holes across its software ecosystem, while urging customers to prioritize patching for what it calls a critical "wormable" vulnerability. Of the 96 vulnerabilities, nine are rated Critical and 89 are rated Important in severity, with six zero-day publicly known at the time of the release. This is in | Vulnerability Patching | ||
|
2022-01-10 23:09:00 | Microsoft Details macOS Bug That Could Let Attackers Gain Access to User Data (lien direct) | Microsoft on Monday disclosed details of a recently patched security vulnerability in Apple's macOS operating system that could be weaponized by a threat actor to expose users' personal information. Tracked as CVE-2021-30970, the flaw concerns a logic issue in the Transparency, Consent and Control (TCC) security framework, which enables users to configure the privacy settings of their apps and | Vulnerability Threat | ||
|
2022-01-07 01:31:46 | Log4Shell-like Critical RCE Flaw Discovered in H2 Database Console (lien direct) | Researchers have disclosed a security flaw affecting H2 database consoles that could result in remote code execution in a manner that echoes the Log4j "Log4Shell" vulnerability that came to light last month. The issue, tracked as CVE-2021-42392, is the " first critical issue published since Log4Shell, on a component other than Log4j, that exploits the same root cause of the Log4Shell | Vulnerability | ||
|
2022-01-05 22:30:43 | VMware Patches Important Bug Affecting ESXi, Workstation and Fusion Products (lien direct) | VMWare has shipped updates to Workstation, Fusion, and ESXi products to address an "important" security vulnerability that could be weaponized by a threat actor to take control of affected systems. The issue relates to a heap-overflow vulnerability - tracked as CVE-2021-22045 (CVSS score: 7.7) - that, if successfully exploited, results in the execution of arbitrary code. The company credited | Vulnerability Threat | ||
|
2022-01-04 03:27:09 | Researchers Detail New HomeKit \'doorLock\' Bug Affecting Apple iOS (lien direct) | A persistent denial-of-service (DoS) vulnerability has been discovered in Apple's iOS mobile operating system that's capable of sending affected devices into a crash or reboot loop upon connecting to an Apple Home-compatible appliance. The behavior, dubbed "doorLock," is trivial in that it can be triggered by simply changing the name of a HomeKit device to a string larger than 500,000 characters | Vulnerability | ||
|
2021-12-28 21:00:00 | New Apache Log4j Update Released to Patch Newly Discovered Vulnerability (lien direct) | The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming to be discovered in the tool in the span of a month. Tracked as CVE-2021-44832, the vulnerability is rated 6.6 in severity on a scale of 10 and | Tool Vulnerability Threat | ||
|
2021-12-24 05:07:16 | Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security (lien direct) | Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.5), the issue relates | Malware Vulnerability Threat | ||
|
2021-12-22 04:00:13 | China suspends deal with Alibaba for not sharing Log4j 0-day first with the government (lien direct) | China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months for failing to promptly report a critical security vulnerability affecting the broadly used Log4j logging library. The development was reported by Reuters and South China Morning | Vulnerability | ||
|
2021-12-21 23:45:57 | New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw (lien direct) | A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation of the attacker's abuse of the CVE-2021-40444 bug and demonstrate that even a patch can't always | Malware Vulnerability | ||
|
2021-12-18 04:26:36 | New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability (lien direct) | Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability," | Vulnerability | ||
|
2021-12-18 02:24:47 | Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability (lien direct) | The issues with Log4j continued to stack up as the Apache Software Foundation (ASF) on Friday rolled out yet another patch - version 2.17.0 - for the widely used logging library that could be exploited by malicious actors to stage a denial-of-service (DoS) attack. Tracked as CVE-2021-45105 (CVSS score: 7.5), the new vulnerability affects all versions of the tool from 2.0-beta9 to 2.16.0, which | Tool Vulnerability | ||
|
2021-12-15 22:24:49 | Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges (lien direct) | Web infrastructure company Cloudflare on Wednesday revealed that threat actors are actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility, making it imperative that customers move quickly to install the latest version as a barrage of attacks continues to pummel unpatched systems with a variety of malware. "This vulnerability is actively being exploited and | Vulnerability Threat | ||
|
2021-12-14 21:53:07 | Second Log4j Vulnerability (CVE-2021-45046) Discovered - New Patch Released (lien direct) | The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations." The second vulnerability - tracked as CVE-2021-45046 - is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all versions of Log4j from 2.0-beta9 | Vulnerability | ||
|
2021-12-14 03:09:49 | Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware (lien direct) | Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The attack leverages the remote code execution flaw to download an additional payload, a .NET binary, from a | Ransomware Vulnerability | ||
|
2021-12-12 21:43:38 | Apache Log4j Vulnerability - Log4Shell - Widely Under Active Attack (lien direct) | Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech giant Qihoo 360, disclosed | Vulnerability | ||
|
2021-12-10 20:18:19 | Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk (lien direct) | The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote | Vulnerability | ||
|
2021-12-06 04:22:29 | Vulnerability Scanning Frequency Best Practices (lien direct) | So you've decided to set up a vulnerability scanning programme, great. That's one of the best ways to avoid data breaches. How often you should run your scans, though, isn't such a simple question. The answers aren't the same for every type of organization or every type of system you're scanning. This guide will help you understand the questions you should be asking and help you come up with the | Vulnerability | ||
|
2021-12-03 21:09:04 | Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks (lien direct) | Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability | Vulnerability | ||
|
2021-12-02 21:50:14 | CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability (lien direct) | The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution | Vulnerability | ||
|
2021-11-30 01:11:45 | Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS (lien direct) | Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as CVE-2021-24084 (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain | Vulnerability | ||
|
2021-11-25 00:10:45 | Warning - Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild (lien direct) | Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos disclosed that it "detected malware samples in the wild that are attempting to take advantage of this | Malware Vulnerability | ||
|
2021-11-24 21:09:55 | VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client (lien direct) | VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the bug has been rated 7.5 out of a maximum of 10 on the CVSS scoring system, | Vulnerability | ||
|
2021-11-23 04:06:22 | Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox (lien direct) | A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads. "Successful attacks of | Vulnerability | ||
|
2021-11-18 04:59:17 | Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models (lien direct) | Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Tracked as CVE-2021-34991 (CVSS score: 8.8), the pre-authentication buffer overflow flaw in small office and home office (SOHO) routers can lead | Vulnerability Guideline | ||
|
2021-11-10 22:35:59 | Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN (lien direct) | A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Massachusetts-based cybersecurity firm Randori | Vulnerability | ||
|
2021-11-04 23:15:46 | Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access (lien direct) | Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems.
Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco |
Vulnerability |
To see everything:
