What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-18 02:59:54 | Hackers Distributing Password Cracking Tool for PLCs and HMIs to Target Industrial Systems (lien direct) | Industrial engineers and operators are the target of a new campaign that leverages password cracking software to seize control of Programmable Logic Controllers (PLCs) and co-opt the machines to a botnet. The software "exploited a vulnerability in the firmware which allowed it to retrieve the password on command," Dragos security researcher Sam Hanson said. "Further, the software was a malware | Tool Vulnerability | ||
|
2022-07-15 21:07:41 | New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain (lien direct) | Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. "Since this service is typically executed with extensive privileges in an Active Directory environment, the attacker would likely be able to compromise the Active Directory domain," Bishop Fox said in an | Vulnerability Guideline | ||
|
2022-07-14 02:54:07 | Microsoft Details App Sandbox Escape Bug Impacting Apple iOS, iPadOS, macOS Devices (lien direct) | Microsoft on Wednesday shed light on a now patched security vulnerability affecting Apple's operating systems that, if successfully exploited, could allow attackers to escalate device privileges and deploy malware. "An attacker could take advantage of this sandbox escape vulnerability to gain elevated privileges on the affected device or execute malicious commands like installing additional | Vulnerability | ||
|
2022-07-13 06:22:23 | New \'Retbleed\' Speculative Execution Attack Affects AMD and Intel CPUs (lien direct) | Security researchers have uncovered yet another vulnerability affecting numerous older AMD and Intel microprocessors that could bypass current defenses and result in Spectre-based speculative-execution attacks. Dubbed Retbleed by ETH Zurich researchers Johannes Wikner and Kaveh Razavi, the issues are tracked as CVE-2022-29900 (AMD) and CVE-2022-29901 (Intel), with the chipmakers releasing | Vulnerability | ||
|
2022-07-12 20:15:40 | Microsoft Releases Fix for Zero-Day Flaw in July 2022 Security Patch Rollout (lien direct) | Microsoft released its monthly round of Patch Tuesday updates to address 84 new security flaws spanning multiple product categories, counting a zero-day vulnerability that's under active attack in the wild. Of the 84 shortcomings, four are rated Critical, and 80 are rated Important in severity. Also separately resolved by the tech giant are two other bugs in the Chromium-based Edge browser, one | Vulnerability | ||
|
2022-07-09 00:49:23 | Hackers Exploiting Follina Bug to Deploy Rozena Backdoor (lien direct) | A newly observed phishing campaign is leveraging the recently disclosed Follina security vulnerability to distribute a previously undocumented backdoor on Windows systems. "Rozena is a backdoor malware that is capable of injecting a remote shell connection back to the attacker's machine," Fortinet FortiGuard Labs researcher Cara Lin said in a report this week. Tracked as CVE-2022-30190, the | Malware Vulnerability | ||
|
2022-07-04 18:55:41 | Update Google Chrome Browser to Patch New Zero-Day Exploit Detected in the Wild (lien direct) | Google on Monday shipped security updates to address a high-severity zero-day vulnerability in its Chrome web browser that it said is being exploited in the wild. The shortcoming, tracked as CVE-2022-2294, relates to a heap overflow flaw in the WebRTC component that provides real-time audio and video communication capabilities in browsers without the need to install plugins or download native | Vulnerability | ||
|
2022-07-03 22:38:18 | HackerOne Employee Caught Stealing Vulnerability Reports for Personal Gains (lien direct) | Vulnerability coordination and bug bounty platform HackerOne on Friday disclosed that a former employee at the firm improperly accessed security reports submitted to it for personal gain. "The person anonymously disclosed this vulnerability information outside the HackerOne platform with the goal of claiming additional bounties," it said. "In under 24 hours, we worked quickly to contain the | Vulnerability | ||
|
2022-07-01 03:06:34 | Solving the indirect vulnerability enigma - fixing indirect vulnerabilities without breaking your dependency tree (lien direct) | Fixing indirect vulnerabilities is one of those complex, tedious and, quite frankly, boring tasks that no one really wants to touch. No one except for Debricked, it seems. Sure, there are lots of ways to do it manually, but can it be done automatically with minimal risk of breaking changes? The Debricked team decided to find out. A forest full of fragile trees So, where do you even start? | Vulnerability | ||
|
2022-06-30 23:09:06 | Amazon Quietly Patches \'High Severity\' Vulnerability in Android Photos App (lien direct) | Amazon, in December 2021, patched a high severity vulnerability affecting its Photos app for Android that could have been exploited to steal a user's access tokens. "The Amazon access token is used to authenticate the user across multiple Amazon APIs, some of which contain personal data such as full name, email, and address," Checkmarx researchers João Morais and Pedro Umbelino said. "Others, | Vulnerability | ||
|
2022-06-29 01:29:21 | New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers (lien direct) | A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive. | Hack Vulnerability | ||
|
2022-06-28 20:01:21 | CISA Warns of Active Exploitation of \'PwnKit\' Linux Vulnerability in the Wild (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue, tracked as CVE-2021-4034 (CVSS score: 7.8), came to light in January 2022 and concerns a case of local privilege escalation in polkit's pkexec utility, which allows an | Vulnerability | ||
|
2022-06-28 00:59:56 | OpenSSH to Release Security Patch for Remote Memory Corruption Vulnerability (lien direct) | The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. The issue has been identified in OpenSSL version 3.0.4, which was released on June 21, 2022, and impacts x64 systems with the AVX-512 instruction set. OpenSSL 1.1.1 as well as OpenSSL forks BoringSSL and LibreSSL are not affected. Security | Vulnerability | ||
|
2022-06-22 22:36:32 | Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks (lien direct) | QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config," the hardware vendor said in an | Vulnerability | ||
|
2022-06-22 04:51:03 | Russian Hackers Exploiting Microsoft Follina Vulnerability Against Ukraine (lien direct) | The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the "Follina" flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure document titled "Nuclear Terrorism | Vulnerability | APT 28 | |
|
2022-06-20 02:10:26 | Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild (lien direct) | A security flaw in Apple Safari that was exploited in the wild earlier this year was originally fixed in 2013 and reintroduced in December 2016, according to a new report from Google Project Zero. The issue, tracked as CVE-2022-22620 (CVSS score: 8.8), concerns a case of a use-after-free vulnerability in the WebKit component that could be exploited by a piece of specially crafted web content to | Vulnerability | ||
|
2022-06-17 20:11:14 | Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners (lien direct) | A recently patched critical security flaw in Atlassian Confluence Server and Data Center products is being actively weaponized in real-world attacks to drop cryptocurrency miners and ransomware payloads. In at least two of the Windows-related incidents observed by cybersecurity vendor Sophos, adversaries exploited the vulnerability to deliver Cerber ransomware and a crypto miner called z0miner | Ransomware Vulnerability | ||
|
2022-06-17 01:39:56 | Chinese Hackers Exploited Sophos Firewall Zero-Day Flaw to Target South Asian Entity (lien direct) | A sophisticated Chinese advanced persistent threat (APT) actor exploited a critical security vulnerability in Sophos' firewall product that came to light earlier this year to infiltrate an unnamed South Asian target as part of a highly-targeted attack. "The attacker implement[ed] an interesting web shell backdoor, create[d] a secondary form of persistence, and ultimately launch[ed] attacks | Vulnerability Threat | ||
|
2022-06-17 01:10:39 | Over a Million WordPress Sites Forcibly Updated to Patch a Critical Plugin Vulnerability (lien direct) | WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that's suspected of having been actively exploited in the wild. The issue, which relates to a case of code injection, is rated 9.8 out of 10 for severity and affects multiple versions starting from 3.0. It has been fixed in 3.0.34.2, 3.1.10, 3.2.28, | Vulnerability | ||
|
2022-06-16 03:06:20 | Difference Between Agent-Based and Network-Based Internal Vulnerability Scanning (lien direct) | For years, the two most popular methods for internal scanning: agent-based and network-based were considered to be about equal in value, each bringing its own strengths to bear. However, with remote working now the norm in most if not all workplaces, it feels a lot more like agent-based scanning is a must, while network-based scanning is an optional extra. This article will go in-depth on the | Vulnerability | ||
|
2022-06-16 00:25:57 | High-Severity RCE Vulnerability Reported in Popular Fastjson Library (lien direct) | Cybersecurity researchers have detailed a recently patched high-severity security vulnerability in the popular Fastjson library that could be potentially exploited to achieve remote code execution. Tracked as CVE-2022-25845 (CVSS score: 8.1), the issue relates to a case of deserialization of untrusted data in a supported feature called "AutoType." It was patched by the project maintainers in | Vulnerability | ||
|
2022-06-15 19:28:48 | Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication (lien direct) | Cisco on Wednesday rolled out fixes to address a critical security flaw affecting Email Security Appliance (ESA) and Secure Email and Web Manager that could be exploited by an unauthenticated, remote attacker to sidestep authentication. Assigned the CVE identifier CVE-2022-20798, the bypass vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring system and stems from improper | Vulnerability | ||
|
2022-06-15 01:46:41 | New Hertzbleed Side-Channel Attack Affects All Modern AMD and Intel CPUs (lien direct) | A newly discovered security vulnerability in modern Intel and AMD processors could let remote attackers steal encryption keys via a power side channel attack. Dubbed Hertzbleed by a group of researchers from the University of Texas, University of Illinois Urbana-Champaign, and the University of Washington, the issue is rooted in dynamic voltage and frequency scaling (DVFS), power and thermal | Vulnerability | ||
|
2022-06-14 19:42:01 | Patch Tuesday: Microsoft Issues Fix for Actively Exploited \'Follina\' Vulnerability (lien direct) | Microsoft officially released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five other shortcomings were resolved in the Microsoft Edge browser. | Vulnerability | ||
|
2022-06-14 07:13:25 | New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials (lien direct) | A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal services and steal | Vulnerability | ||
|
2022-06-14 05:21:21 | Technical Details Released for \'SynLapse\' RCE Vulnerability Reported in Microsoft Azure (lien direct) | Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes to sandboxed ephemeral instances and using scoped tokens to prevent adversaries from using a client | Vulnerability | ||
|
2022-06-08 06:24:15 | Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability (lien direct) | An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue - referenced as DogWalk - relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a | Tool Vulnerability | ||
|
2022-06-06 03:58:16 | CISA Warned About Critical Vulnerabilities in Illumina\'s DNA Sequencing Devices (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) have issued an advisory about critical security vulnerabilities in Illumina's next-generation sequencing (NGS) software. Three of the flaws are rated 10 out of 10 for severity on the Common Vulnerability Scoring System (CVSS), with two others having severity ratings of 9.1 and 7.4. The issues | Vulnerability | ||
|
2022-06-05 18:54:10 | State-Backed Hackers Exploit Microsoft \'Follina\' Bug to Target Entities in Europe and U.S (lien direct) | A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190 (CVSS score: 7.8). No less than 1,000 phishing messages | Vulnerability Threat | ||
|
2022-06-03 07:01:16 | GitLab Issues Security Patch for Critical Account Takeover Vulnerability (lien direct) | GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover. Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company. The security flaw affects all versions of GitLab Enterprise Edition (EE) starting from 11.10 before 14.9.5, all versions starting from 14.10 | Vulnerability | ||
|
2022-06-02 19:57:46 | Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability (lien direct) | Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild. The Australian software company credited cybersecurity firm Volexity for identifying the flaw, which is being tracked as CVE-2022-26134. "Atlassian has been made aware of current active exploitation of a | Vulnerability | ||
|
2022-06-02 02:09:08 | Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones (lien direct) | A critical security flaw has been uncovered in UNISOC's smartphone chipset that could be potentially weaponized to disrupt a smartphone's radio communications through a malformed packet. "Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location," Israeli cybersecurity company Check Point said in a report shared with The | Vulnerability | ||
|
2022-06-01 06:56:56 | New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email (lien direct) | A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can silently take over the complete mail server without any further user interaction," SonarSource said in a report shared | Vulnerability | ||
|
2022-05-31 22:02:54 | Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability (lien direct) | An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. "TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day using URLs to deliver ZIP archives which contain Word Documents that use the technique," enterprise security firm Proofpoint said in | Vulnerability Threat | ||
|
2022-05-30 21:12:31 | Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation (lien direct) | Microsoft on Monday published guidance for a newly discovered zero-day security flaw in its Office productivity suite that could be exploited to achieve code execution on affected systems. The weakness, now assigned the identifier CVE-2022-30190, is rated 7.8 out of 10 for severity on the CVSS vulnerability scoring system. Microsoft Office versions Office 2013, Office 2016, Office 2019, and | Vulnerability | ||
|
2022-05-30 01:40:43 | Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild (lien direct) | Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems. The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document ("05-2022-0438.doc") that was uploaded to VirusTotal from an IP address in Belarus. "It uses Word's | Vulnerability | ||
|
2022-05-27 08:21:18 | Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel (lien direct) | Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitation of which could "allow an attacker to execute arbitrary code in the context of the browser." The | Vulnerability | ||
|
2022-05-26 23:28:02 | Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices (lien direct) | Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. The list of security vulnerabilities is as follows - CVE-2022-0734 - A cross-site scripting (XSS) vulnerability in some firewall versions that could be exploited to access information stored in the user's | Vulnerability | ||
|
2022-05-26 05:18:32 | Critical \'Pantsdown\' BMC Vulnerability Affects QCT Servers Used in Data Centers (lien direct) | Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe "Pantsdown" Baseboard Management Controller (BMC) flaw, according to new research published today. "An attacker running code on a vulnerable QCT server would be able to 'hop' from the server host to the BMC and move their attacks to the server management network, possibly continue and obtain further | Vulnerability | ||
|
2022-05-24 04:02:38 | SIM-based Authentication Aims to Transform Device Binding Security to End Phishing (lien direct) | Let's face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All it takes is one password to be compromised for all other users to become victims of a data breach. To deliver additional security, therefore, | Vulnerability | ||
|
2022-05-24 01:34:29 | Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code (lien direct) | Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to | Vulnerability Threat | ||
|
2022-05-23 03:02:00 | New Unpatched Bug Could Let Attackers Steal Money from PayPal Users (lien direct) | A security researcher claims to have discovered an unpatched vulnerability in PayPal's money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing, refers to a technique wherein an unwitting user is tricked into clicking seemingly innocuous webpage elements like buttons | Vulnerability | ||
|
2022-05-20 20:06:58 | Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild (lien direct) | Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. "A successful exploit could allow | Vulnerability | ||
|
2022-05-20 02:23:24 | Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor (lien direct) | The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart. "The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch," AhnLab Security Emergency Response Center (ASEC) said in a | Vulnerability Medical | APT 38 | |
|
2022-05-19 19:08:09 | New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars (lien direct) | A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range. | Hack Vulnerability | ||
|
2022-05-19 02:05:10 | High-Severity Bug Reported in Google\'s OAuth Client Library for Java (lien direct) | Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature. | Vulnerability | ||
|
2022-05-16 19:24:22 | Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability (lien direct) | Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw | Vulnerability | ||
|
2022-05-13 21:16:51 | (Déjà vu) Google Created \'Open Source Maintenance Crew\' to Help Secure Critical Projects (lien direct) | Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers | Tool Vulnerability | ||
|
2022-05-13 05:26:14 | Google Created \'Open-Source Maintenance Crew\' to Help Secure Critical Projects (lien direct) | Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers | Tool Vulnerability | ||
|
2022-05-12 23:24:37 | Zyxel Releases Patch for Critical Firewall OS Command Injection Vulnerability (lien direct) | Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution. "A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device," the company said in an advisory | Vulnerability | ★★★ |
To see everything:
Our RSS (filtrered)
