What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-05-11 21:42:42 | CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild. The flaw, assigned the identifier CVE-2022-1388 (CVSS score: 9.8), concerns a critical bug in the BIG-IP iControl REST endpoint that provides an unauthenticated adversary with a method to | Vulnerability | ★★★ | |
|
2022-05-10 02:48:16 | Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory (lien direct) | Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2022-29972, has been codenamed "SynLapse" by researchers from Orca Security, who reported the flaw to Microsoft in January 2022. "The vulnerability was specific to | Vulnerability | ★★★★ | |
|
2022-05-08 20:06:57 | Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability (lien direct) | Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning that they were able to create an exploit for the shortcoming. Tracked CVE-2022-1388 (CVSS score: 9.8), the flaw relates to an iControl REST authentication bypass that, if successfully exploited, could lead to remote code execution, allowing | Vulnerability Guideline | ||
|
2022-05-06 20:20:36 | QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices (lien direct) | QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. "A vulnerability has been reported to affect QNAP VS Series NVR running QVR," QNAP said in an advisory. "If exploited, this vulnerability allows remote attackers to run arbitrary | Vulnerability | ★★★★ | |
|
2022-05-05 22:13:54 | Google Releases Android Update to Patch Actively Exploited Vulnerability (lien direct) | Google has released monthly security patches for Android with fixes for 37 flaws across different components, one of which is a fix for an actively exploited Linux kernel vulnerability that came to light earlier this year. Tracked as CVE-2021-22600 (CVSS score: 7.8), the vulnerability is ranked "High" for severity and could be exploited by a local user to escalate privileges or deny service. The | Vulnerability | ||
|
2022-05-04 19:38:14 | F5 Warns of a New Critical BIG-IP Remote Code Execution Vulnerability (lien direct) | Cloud security and application delivery network (ADN) provider F5 on Wednesday released patches to contain 43 bugs spanning its products. Of the 43 issues addressed, one is rated Critical, 17 are rated High, 24 are rated Medium, and one is rated low in severity. Chief among the flaws is CVE-2022-1388, which carries a CVSS score of 9.8 out of a maximum of 10 and stems from a lack of | Vulnerability | ||
|
2022-05-04 05:05:34 | Critical RCE Bug Reported in dotCMS Content Management Software (lien direct) | A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an | Vulnerability | ||
|
2022-05-02 21:58:25 | Unpatched DNS Related Vulnerability Affects a Wide Range of IoT Devices (lien direct) | Cybersecurity researchers have disclosed an unpatched security vulnerability that could pose a serious risk to IoT products. The issue, which was originally reported in September 2021, affects the Domain Name System (DNS) implementation of two popular C libraries called uClibc and uClibc-ng that are used for developing embedded Linux systems. uClibc is known to be used by major | Vulnerability | ||
|
2022-05-02 07:00:53 | Which Hole to Plug First? Solving Chronic Vulnerability Patching Overload (lien direct) | According to folklore, witches were able to sail in a sieve, a strainer with holes in the bottom. Unfortunately, witches don't work in cybersecurity – where networks generally have so many vulnerabilities that they resemble sieves. For most of us, keeping the sieve of our networks afloat requires nightmarishly hard work and frequent compromises on which holes to plug first. The reason? In 2010, | Vulnerability Patching | ||
|
2022-04-28 23:26:50 | Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers (lien direct) | Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. "By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass | Vulnerability | ||
|
2022-04-28 04:26:21 | Everything you need to know to create a Vulnerability Assessment Report (lien direct) | You've been asked for a Vulnerability Assessment Report for your organisation and for some of you reading this article, your first thought is likely to be "What is that?" Worry not. This article will answer that very question as well as why you need a Vulnerability Assessment Report and where you can get one from. As it's likely the request for such a report came from an important source such | Vulnerability | ||
|
2022-04-25 23:18:38 | Iranian Hackers Exploiting VMware RCE Bug to Deploy \'Code Impact\' Backdoor (lien direct) | An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and | Tool Vulnerability Threat | ||
|
2022-04-25 13:00:00 | Researchers Report Critical RCE Vulnerability in Google\'s VirusTotal Platform (lien direct) | Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a report | Vulnerability | ||
|
2022-04-25 03:51:30 | Critical Bug in Everscale Wallet Could\'ve Let Attackers Steal Cryptocurrencies (lien direct) | A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim's wallet. "By exploiting the vulnerability, it's possible to decrypt the private keys and seed phrases that are stored in the browser's local storage," Israeli cybersecurity company Check Point said in a report shared | Vulnerability | ★★★★★ | |
|
2022-04-22 22:52:42 | Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability (lien direct) | Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira's authentication framework, Jira Seraph. Khoadha of Viettel Cyber Security has been | Vulnerability | ||
|
2022-04-22 04:43:05 | Researcher Releases PoC for Recent Java Cryptographic Vulnerability (lien direct) | A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2 | Vulnerability | ||
|
2022-04-21 03:50:01 | Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails (lien direct) | An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability [...] can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client," SonarSource security researcher Simon Scannell said in a report published | Vulnerability | ||
|
2022-04-20 03:43:52 | Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System (lien direct) | Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS) condition and render it powerless against malicious traffic. Tracked as CVE-2022-20685, the vulnerability is rated 7.5 for severity and resides in the Modbus preprocessor of the Snort detection engine. It affects all open-source Snort | Vulnerability | ||
|
2022-04-19 20:58:48 | Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild (lien direct) | A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. To that end, the agency has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to address the issues by | Vulnerability | ||
|
2022-04-14 21:05:06 | Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software (lien direct) | Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller (WLC) that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and enables an adversary to bypass authentication controls and log in to the device through the | Vulnerability | ||
|
2022-04-13 21:51:58 | Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild (lien direct) | A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively exploit one of the critical flaws in the wild. Tracked as CVE-2022-22954, the critical issue relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager. The | Vulnerability Threat | ||
|
2022-04-12 06:08:56 | Critical LFI Vulnerability Reported in Hashnode Blogging Platform (lien direct) | Researchers have disclosed a previously undocumented local file inclusion (LFI) vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded ability to download | Vulnerability | ||
|
2022-04-08 22:18:21 | Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware (lien direct) | The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. "The exploitation allows threat actors to download the Mirai sample to the '/tmp' folder and execute them after permission change using 'chmod,'" Trend Micro researchers Deep Patel, Nitesh | Malware Vulnerability Threat | ||
|
2022-04-05 00:31:37 | CISA Warns of Active Exploitation of Critical Spring4Shell Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added the recently disclosed remote code execution (RCE) vulnerability affecting the Spring Framework, to its Known Exploited Vulnerabilities Catalog based on "evidence of active exploitation." The critical severity flaw, assigned the identifier CVE-2022-22965 (CVSS score: 9.8) and dubbed "Spring4Shell", impacts Spring | Vulnerability | ★★★★★ | |
|
2022-04-01 22:49:06 | 15-Year-Old Bug in PEAR PHP Repository Could\'ve Enabled Supply Chain Attacks (lien direct) | A 15-year-old security vulnerability has been disclosed in the PEAR PHP repository that could permit an attacker to carry out a supply chain attack, including obtaining unauthorized access to publish rogue packages and execute arbitrary code. "An attacker exploiting the first one could take over any developer account and publish malicious releases, while the second bug would allow the attacker | Vulnerability | ||
|
2022-04-01 21:03:58 | GitLab Releases Patch for Critical Vulnerability That Could Let Attackers Hijack Accounts (lien direct) | DevOps platform GitLab has released software updates to address a critical security vulnerability that, if potentially exploited, could permit an adversary to seize control of accounts. Tracked as CVE-2022-1162, the issue has a CVSS score of 9.1 and is said to have been discovered internally by the GitLab team. "A hardcoded password was set for accounts registered using an | Vulnerability | ||
|
2022-03-31 23:02:26 | Zyxel Releases Patches for Critical Bug Affecting Business Firewall and VPN Devices (lien direct) | Networking equipment maker Zyxel has pushed security updates for a critical vulnerability affecting some of its business firewall and VPN products that could enable an attacker to take control of the devices. "An authentication bypass vulnerability caused by the lack of a proper access control mechanism has been found in the CGI program of some firewall versions," the company said in an advisory | Vulnerability | ★★★ | |
|
2022-03-30 22:59:46 | Unpatched Java Spring Framework 0-Day RCE Bug Threatens Enterprise Web Apps Security (lien direct) | A zero-day remote code execution (RCE) vulnerability has come to light in the Spring framework shortly after a Chinese security researcher briefly leaked a proof-of-concept (PoC) exploit on GitHub before deleting their account. According to cybersecurity firm Praetorian, the unpatched flaw impacts Spring Core on Java Development Kit (JDK) versions 9 and later and is a bypass for another | Vulnerability | ||
|
2022-03-30 20:30:52 | QNAP Warns of OpenSSL Infinite Loop Vulnerability Affecting NAS Devices (lien direct) | Taiwanese company QNAP this week revealed that a selected number of its network-attached storage (NAS) appliances are affected by a recently-disclosed bug in the open-source OpenSSL cryptographic library. "An infinite loop vulnerability in OpenSSL has been reported to affect certain QNAP NAS," the company said in an advisory published on March 29, 2022. "If exploited, the vulnerability allows | Vulnerability | ||
|
2022-03-30 04:45:53 | Honda\'s Keyless Access Bug Could Let Thieves Remotely Unlock and Start Vehicles (lien direct) | A duo of researchers has released a proof-of-concept (PoC) demonstrating the ability for a malicious actor to remote lock, unlock, and even start Honda and Acura vehicles by means of what's called a replay attack. The attack is made possible, thanks to a vulnerability in its remote keyless system (CVE-2022-27254) that affects Honda Civic LX, EX, EX-L, Touring, Si, and Type R models manufactured | Vulnerability | ||
|
2022-03-29 20:44:22 | (Déjà vu) Critical SonicOS Vulnerability Affects SonicWall Firewall Appliances (lien direct) | SonicWall has released security updates to contain a critical flaw across multiple firewall appliances that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and cause a denial-of-service (DoS) condition. Tracked as CVE-2022-22274 (CVSS score: 9.4), the issue has been described as a stack-based buffer overflow in the web management interface of SonicOS that | Vulnerability | ||
|
2022-03-29 03:32:16 | Critical Sophos Firewall RCE Vulnerability Under Active Exploitation (lien direct) | Cybersecurity firm Sophos on Monday warned that a recently patched critical security vulnerability in its firewall product is being actively exploited in real-world attacks. The flaw, tracked as CVE-2022-1040, is rated 9.8 out of 10 on the CVSS scoring system and impacts Sophos Firewall versions 18.5 MR3 (18.5.3) and older. It relates to an authentication bypass vulnerability in the User Portal | Vulnerability | ||
|
2022-03-27 23:59:18 | Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability (lien direct) | Muhstik, a botnet infamous for propagating via web application exploits, has been observed targeting Redis servers using a recently disclosed vulnerability in the database system. The vulnerability relates to CVE-2022-0543, a Lua sandbox escape flaw in the open-source, in-memory, key-value data store that could be abused to achieve remote code execution on the underlying machine. The | Vulnerability | ||
|
2022-03-25 19:11:38 | Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability (lien direct) | Google on Friday shipped an out-of-band security update to address a high severity vulnerability in its Chrome browser that it said is being actively exploited in the wild. Tracked as CVE-2022-1096, the zero-day flaw relates to a type confusion vulnerability in the V8 JavaScript engine. An anonymous researcher has been credited with reporting the bug on March 23, 2022. Type confusion errors, | Vulnerability | ★★ | |
|
2022-03-23 20:38:05 | VMware Issues Patches for Critical Flaws Affecting Carbon Black App Control (lien direct) | VMware on Wednesday released software updates to plug two critical security vulnerabilities affecting its Carbon Black App Control platform that could be abused by a malicious actor to execute arbitrary code on affected installations in Windows systems. Tracked as CVE-2022-22951 and CVE-2022-22952, both the flaws are rated 9.1 out of a maximum of 10 on the CVSS vulnerability scoring system. | Vulnerability | ||
|
2022-03-17 00:37:22 | New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers (lien direct) | A newly disclosed security vulnerability in the Kubernetes container engine CRI-O called cr8escape could be exploited by an attacker to break out of containers and obtain root access to the host. "Invocation of CVE-2022-0811 can allow an attacker to perform a variety of actions on objectives, including execution of malware, exfiltration of data, and lateral movement across pods," CrowdStrike | Vulnerability | Uber | |
|
2022-03-16 06:14:32 | Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters (lien direct) | Researchers have disclosed an unpatched security vulnerability in "dompdf," a PHP-based HTML to PDF converter, that, if successfully exploited, could lead to remote code execution in certain configurations. "By injecting CSS into the data processed by dompdf, it can be tricked into storing a malicious font with a .php file extension in its font cache, which can later be executed by accessing it | Vulnerability Guideline | ||
|
2022-03-14 20:44:11 | \'Dirty Pipe\' Linux Flaw Affects a Wide Range of QNAP NAS Devices (lien direct) | Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems. "A local privilege escalation vulnerability, also known as 'Dirty Pipe,' has been reported to affect the Linux kernel on QNAP NAS running QTS 5.0.x and QuTS hero h5.0.x," the company | Vulnerability | ||
|
2022-03-14 04:05:29 | New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access (lien direct) | A newly disclosed security flaw in the Linux kernel could be leveraged by a local adversary to gain elevated privileges on vulnerable systems to execute arbitrary code, escape containers, or induce a kernel panic. Tracked as CVE-2022-25636 (CVSS score: 7.8), the vulnerability impacts Linux kernel versions 5.4 through 5.6.10 and is a result of a heap out-of-bounds write in the netfilter | Vulnerability | ||
|
2022-03-09 02:04:37 | Chinese APT41 Hackers Broke into at Least 6 U.S. State Governments: Mandiant (lien direct) | APT41, the state-sponsored threat actor affiliated with China, breached at least six U.S. state government networks between May 2021 and February 2022 by retooling its attack vectors to take advantage of vulnerable internet-facing web applications. The exploited vulnerabilities included "a zero-day vulnerability in the USAHERDS application (CVE-2021-44207) as well as the now infamous zero-day in | Vulnerability Threat Guideline | APT 41 | |
|
2022-03-07 23:43:22 | Researchers Warn of Linux Kernel \'Dirty Pipe\' Arbitrary File Overwrite Vulnerability (lien direct) | Linux distributions are in the process of issuing patches to address a newly disclosed security vulnerability in the kernel that could allow an attacker to overwrite arbitrary data into any read-only files and allow for a complete takeover of affected systems. Dubbed "Dirty Pipe" (CVE-2022-0847, CVSS score: 7.8) by IONOS software developer Max Kellermann, the flaw "leads to privilege escalation | Vulnerability Guideline | ||
|
2022-03-07 22:44:24 | Microsoft Azure \'AutoWarp\' Bug Could Have Let Attackers Access Customers\' Accounts (lien direct) | Details have been disclosed about a now-addressed critical vulnerability in Microsoft's Azure Automation service that could have permitted unauthorized access to other Azure customer accounts and take over control. "This attack could mean full control over resources and data belonging to the targeted account, depending on the permissions assigned by the customer," Orca Security researcher Yanir | Vulnerability | ||
|
2022-03-05 00:43:21 | New Linux Kernel Cgroups Vulnerability Could Let Attackers Escape Container (lien direct) | Details have emerged about a now-patched high-severity vulnerability in the Linux kernel that could potentially be abused to escape a container in order to execute arbitrary commands on the container host. The shortcoming resides in a Linux kernel feature called control groups, also referred to as cgroups version 1 (v1), which allows processes to be organized into hierarchical groups, | Vulnerability | ||
|
2022-03-03 22:31:31 | New Security Vulnerability Affects Thousands of GitLab Instances (lien direct) | Researchers have disclosed details of a now-patched security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information. Tracked as CVE-2021-4191 (CVSS score: 5.3), the medium-severity flaw affects all versions of GitLab Community Edition and Enterprise Edition starting from 13.0 and all versions | Vulnerability | ||
|
2022-03-01 22:41:59 | Critical Security Bugs Uncovered in VoIPmonitor Monitoring Software (lien direct) | Critical security vulnerabilities have been uncovered in VoIPmonitor software that, if successfully exploited, could allow unauthenticated attackers to escalate privileges to the administrator level and execute arbitrary commands. Following responsible disclosure by researchers from Kerbit, an Ethiopia-based penetration-testing and vulnerability research firm, on December 15, 2021, the issues | Vulnerability | ||
|
2022-02-28 20:37:57 | CISA adds recently disclosed Zimbra bug to its Exploited Vulnerabilities Catalog (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) expanded its Known Exploited Vulnerabilities Catalog to include a recently disclosed zero-day flaw in the Zimbra email platform citing evidence of active exploitation in the wild. Tracked as CVE-2022-24682 (CVSS score: 6.1), the issue concerns a cross-site scripting (XSS) vulnerability in the Calendar feature in Zimbra | Vulnerability | ||
|
2022-02-22 23:06:23 | 9-Year-Old Unpatched Email Hacking Bug Uncovered in Horde Webmail Software (lien direct) | Users of Horde Webmail are being urged to disable a feature to contain a nine-year-old unpatched security vulnerability in the software that could be abused to gain complete access to email accounts simply by previewing an attachment. "This gives the attacker access to all sensitive and perhaps secret information a victim has stored in their email account and could allow them to gain further | Vulnerability | ||
|
2022-02-21 23:22:21 | Hackers Backdoor Unpatched Microsoft SQL Database Servers with Cobalt Strike (lien direct) | Vulnerable internet-facing Microsoft SQL (MS SQL) Servers are being targeted by threat actors as part of a new campaign to deploy the Cobalt Strike adversary simulation tool on compromised hosts. "Attacks that target MS SQL servers include attacks to the environment where its vulnerability has not been patched, brute forcing, and dictionary attack against poorly managed servers," South Korean | Tool Vulnerability Threat | ||
|
2022-02-19 22:12:01 | Master Key for Hive Ransomware Retrieved Using a Flaw in its Encryption Algorithm (lien direct) | Researchers have detailed what they call the "first successful attempt" at decrypting data infected with Hive ransomware without relying on the private key used to lock access to the content. "We were able to recover the master key for generating the file encryption key without the attacker's private key, by using a cryptographic vulnerability identified through analysis," a group of academics | Ransomware Vulnerability | ||
|
2022-02-18 22:25:08 | Critical Flaw Uncovered in WordPress Backup Plugin Used by Over 3 Million Sites (lien direct) | Patches have been issued to contain a "severe" security vulnerability in UpdraftPlus, a WordPress plugin with over three million installations, that can be weaponized to download the site's private data using an account on the vulnerable sites. "All versions of UpdraftPlus from March 2019 onwards have contained a vulnerability caused by a missing permissions-level check, allowing untrusted users | Vulnerability | ★★ |
To see everything:
Our RSS (filtrered)
