What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-12-28 21:00:00 | New Apache Log4j Update Released to Patch Newly Discovered Vulnerability (lien direct) | The Apache Software Foundation (ASF) on Tuesday rolled out fresh patches to contain an arbitrary code execution flaw in Log4j that could be abused by threat actors to run malicious code on affected systems, making it the fifth security shortcoming to be discovered in the tool in the span of a month. Tracked as CVE-2021-44832, the vulnerability is rated 6.6 in severity on a scale of 10 and | Tool Vulnerability Threat | ||
|
2021-12-24 05:07:16 | Expert Details macOS Bug That Could Let Malware Bypass Gatekeeper Security (lien direct) | Apple recently fixed a security vulnerability in the macOS operating system that could be potentially exploited by a threat actor to "trivially and reliably" bypass a "myriad of foundational macOS security mechanisms" and run arbitrary code. Security researcher Patrick Wardle detailed the discovery in a series of tweets on Thursday. Tracked as CVE-2021-30853 (CVSS score: 5.5), the issue relates | Malware Vulnerability Threat | ||
|
2021-12-22 04:00:13 | China suspends deal with Alibaba for not sharing Log4j 0-day first with the government (lien direct) | China's internet regulator, the Ministry of Industry and Information Technology (MIIT), has suspended a partnership with Alibaba Cloud, the cloud computing subsidiary of e-commerce giant Alibaba Group, for six months for failing to promptly report a critical security vulnerability affecting the broadly used Log4j logging library. The development was reported by Reuters and South China Morning | Vulnerability | ||
|
2021-12-21 23:45:57 | New Exploit Lets Malware Attackers Bypass Patch for Critical Microsoft MSHTML Flaw (lien direct) | A short-lived phishing campaign has been observed taking advantage of a novel exploit that bypassed a patch put in place by Microsoft to fix a remote code execution vulnerability affecting the MSHTML component with the goal of delivering Formbook malware. "The attachments represent an escalation of the attacker's abuse of the CVE-2021-40444 bug and demonstrate that even a patch can't always | Malware Vulnerability | ||
|
2021-12-18 04:26:36 | New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability (lien direct) | Cybersecurity researchers have discovered an entirely new attack vector that enables adversaries to exploit the Log4Shell vulnerability on servers locally by using a JavaScript WebSocket connection. "This newly-discovered attack vector means that anyone with a vulnerable Log4j version on their machine or local private network can browse a website and potentially trigger the vulnerability," | Vulnerability | ||
|
2021-12-18 02:24:47 | Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability (lien direct) | The issues with Log4j continued to stack up as the Apache Software Foundation (ASF) on Friday rolled out yet another patch - version 2.17.0 - for the widely used logging library that could be exploited by malicious actors to stage a denial-of-service (DoS) attack. Tracked as CVE-2021-45105 (CVSS score: 7.5), the new vulnerability affects all versions of the tool from 2.0-beta9 to 2.16.0, which | Tool Vulnerability | ||
|
2021-12-15 22:24:49 | Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges (lien direct) | Web infrastructure company Cloudflare on Wednesday revealed that threat actors are actively attempting to exploit a second bug disclosed in the widely used Log4j logging utility, making it imperative that customers move quickly to install the latest version as a barrage of attacks continues to pummel unpatched systems with a variety of malware. "This vulnerability is actively being exploited and | Vulnerability Threat | ||
|
2021-12-14 21:53:07 | Second Log4j Vulnerability (CVE-2021-45046) Discovered - New Patch Released (lien direct) | The Apache Software Foundation (ASF) has pushed out a new fix for the Log4j logging utility after the previous patch for the recently disclosed Log4Shell exploit was deemed as "incomplete in certain non-default configurations." The second vulnerability - tracked as CVE-2021-45046 - is rated 3.7 out of a maximum of 10 on the CVSS rating system and affects all versions of Log4j from 2.0-beta9 | Vulnerability | ||
|
2021-12-14 03:09:49 | Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware (lien direct) | Romanian cybersecurity technology company Bitdefender on Monday revealed that attempts are being made to target Windows machines with a novel ransomware family called Khonsari as well as a remote access Trojan named Orcus by exploiting the recently disclosed critical Log4j vulnerability. The attack leverages the remote code execution flaw to download an additional payload, a .NET binary, from a | Ransomware Vulnerability | ||
|
2021-12-12 21:43:38 | Apache Log4j Vulnerability - Log4Shell - Widely Under Active Attack (lien direct) | Threat actors are actively weaponizing unpatched servers affected by the newly identified "Log4Shell" vulnerability in Log4j to install cryptocurrency miners, Cobalt Strike, and recruit the devices into a botnet, even as telemetry signs point to exploitation of the flaw nine days before it even came to light. Netlab, the networking security division of Chinese tech giant Qihoo 360, disclosed | Vulnerability | ||
|
2021-12-10 20:18:19 | Extremely Critical Log4J Vulnerability Leaves Much of the Internet at Risk (lien direct) | The Apache Software Foundation has released fixes to contain an actively exploited zero-day vulnerability affecting the widely-used Apache Log4j Java-based logging library that could be weaponized to execute malicious code and allow a complete takeover of vulnerable systems. Tracked as CVE-2021-44228 and by the monikers Log4Shell or LogJam, the issue concerns a case of unauthenticated, remote | Vulnerability | ||
|
2021-12-06 04:22:29 | Vulnerability Scanning Frequency Best Practices (lien direct) | So you've decided to set up a vulnerability scanning programme, great. That's one of the best ways to avoid data breaches. How often you should run your scans, though, isn't such a simple question. The answers aren't the same for every type of organization or every type of system you're scanning. This guide will help you understand the questions you should be asking and help you come up with the | Vulnerability | ||
|
2021-12-03 21:09:04 | Warning: Yet Another Zoho ManageEngine Product Found Under Active Attacks (lien direct) | Enterprise software provider Zoho on Friday warned that a newly patched critical flaw in its Desktop Central and Desktop Central MSP is being actively exploited by malicious actors, marking the third security vulnerability in its products to be abused in the wild in a span of four months. The issue, assigned the identifier CVE-2021-44515, is an authentication bypass vulnerability | Vulnerability | ||
|
2021-12-02 21:50:14 | CISA Warns of Actively Exploited Critical Zoho ManageEngine ServiceDesk Vulnerability (lien direct) | The U.S. Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are warning of active exploitation of a newly patched flaw in Zoho's ManageEngine ServiceDesk Plus product to deploy web shells and carry out an array of malicious activities. Tracked as CVE-2021-44077 (CVSS score: 9.8), the issue relates to an unauthenticated, remote code execution | Vulnerability | ||
|
2021-11-30 01:11:45 | Unpatched Unauthorized File Read Vulnerability Affects Microsoft Windows OS (lien direct) | Unofficial patches have been issued to remediate an improperly patched Windows security vulnerability that could allow information disclosure and local privilege escalation (LPE) on vulnerable systems. Tracked as CVE-2021-24084 (CVSS score: 5.5), the flaw concerns an information disclosure vulnerability in the Windows Mobile Device Management component that could enable an attacker to gain | Vulnerability | ||
|
2021-11-25 00:10:45 | Warning - Hackers Exploiting New Windows Installer Zero-Day Exploit in the Wild (lien direct) | Attackers are actively making efforts to exploit a new variant of a recently disclosed privilege escalation vulnerability to potentially execute arbitrary code on fully-patched systems, once again demonstrating how adversaries move quickly to weaponize a publicly available exploit. Cisco Talos disclosed that it "detected malware samples in the wild that are attempting to take advantage of this | Malware Vulnerability | ||
|
2021-11-24 21:09:55 | VMware Warns of Newly Discovered Vulnerabilities in vSphere Web Client (lien direct) | VMware has shipped updates to address two security vulnerabilities in vCenter Server and Cloud Foundation that could be abused by a remote attacker to gain access to sensitive information. The more severe of the issues concerns an arbitrary file read vulnerability in the vSphere Web Client. Tracked as CVE-2021-21980, the bug has been rated 7.5 out of a maximum of 10 on the CVSS scoring system, | Vulnerability | ||
|
2021-11-23 04:06:22 | Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox (lien direct) | A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition. "Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox," the advisory reads. "Successful attacks of | Vulnerability | ||
|
2021-11-18 04:59:17 | Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models (lien direct) | Networking equipment company Netgear has released yet another round of patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system. Tracked as CVE-2021-34991 (CVSS score: 8.8), the pre-authentication buffer overflow flaw in small office and home office (SOHO) routers can lead | Vulnerability Guideline | ||
|
2021-11-10 22:35:59 | Palo Alto Warns of Zero-Day Bug in Firewalls Using GlobalProtect Portal VPN (lien direct) | A new zero-day vulnerability has been disclosed in Palo Alto Networks GlobalProtect VPN that could be abused by an unauthenticated network-based attacker to execute arbitrary code on affected devices with root user privileges. Tracked as CVE-2021-3064 (CVSS score: 9.8), the security weakness impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.17. Massachusetts-based cybersecurity firm Randori | Vulnerability | ||
|
2021-11-04 23:15:46 | Hardcoded SSH Key in Cisco Policy Suite Lets Remote Hackers Gain Root Access (lien direct) | Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems.
Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system and stems from a weakness in the SSH authentication mechanism of Cisco |
Vulnerability | ||
|
2021-11-04 05:09:12 | Critical RCE Vulnerability Reported in Linux Kernel\'s TIPC Module (lien direct) | Cybersecurity researchers have disclosed a security flaw in the Linux Kernel's Transparent Inter Process Communication (TIPC) module that could potentially be leveraged both locally as well as remotely to execute arbitrary code within the kernel and take control of vulnerable machines.
The heap overflow vulnerability "can be exploited locally or remotely within a network to gain kernel |
Vulnerability | ||
|
2021-11-02 22:20:12 | Google Warns of New Android 0-Day Vulnerability Under Active Targeted Attacks (lien direct) | Google has rolled out its monthly security patches for Android with fixes for 39 flaws, including a zero-day vulnerability that it said is being actively exploited in the wild in limited, targeted attacks.
Tracked as CVE-2021-1048, the zero-day bug is described as a use-after-free vulnerability in the kernel that can be exploited for local privilege escalation. Use-after-free issues are |
Vulnerability | ★★ | |
|
2021-11-02 03:03:31 | Alert! Hackers Exploiting GitLab Unauthenticated RCE Flaw in the Wild (lien direct) | A now-patched critical remote code execution (RCE) vulnerability in GitLab's web interface has been detected as actively exploited in the wild, cybersecurity researchers warn, rendering a large number of internet-facing GitLab instances susceptible to attacks.
Tracked as CVE-2021-22205, the issue relates to an improper validation of user-provided images that results in arbitrary code execution. |
Vulnerability | ||
|
2021-10-29 04:03:00 | New \'Shrootless\' Bug Could Let Attackers Install Rootkit on macOS Systems (lien direct) | Microsoft on Thursday disclosed details of a new vulnerability that could allow an attacker to bypass security restrictions in macOS and take complete control of the device to perform arbitrary operations on the device without getting flagged by traditional security solutions.
Dubbed "Shrootless" and tracked as CVE-2021-30892, the "vulnerability lies in how Apple-signed packages with |
Vulnerability | ||
|
2021-10-25 01:19:44 | Hackers Exploited Popular BillQuick Billing Software to Deploy Ransomware (lien direct) | Cybersecurity researchers on Friday disclosed a now-patched critical vulnerability in multiple versions of a time and billing system called BillQuick that's being actively exploited by threat actors to deploy ransomware on vulnerable systems.
CVE-2021-42258, as the flaw is being tracked as, concerns an SQL-based injection attack that allows for remote code execution and was successfully |
Ransomware Vulnerability Threat | ||
|
2021-10-20 06:27:34 | Researchers Break Intel SGX With New \'SmashEx\' CPU Attack Technique (lien direct) | A newly disclosed vulnerability affecting Intel processors could be abused by an adversary to gain access to sensitive information stored within enclaves and even run arbitrary code on vulnerable systems.
The vulnerability (CVE-2021-0186, CVSS score: 8.2) was discovered by a group of academics from ETH Zurich, the National University of Singapore, and the Chinese National University of Defense |
Vulnerability | ||
|
2021-10-20 00:20:33 | Microsoft Warns of New Security Flaw Affecting Surface Pro 3 Devices (lien direct) | Microsoft has published a new advisory warning of a security bypass vulnerability affecting Surface Pro 3 convertible laptops that could be exploited by an adversary to introduce malicious devices within enterprise networks and defeat the device attestation mechanism.
Tracked as CVE-2021-42299 (CVSS score: 5.6), the issue has been codenamed "TPM Carte Blanche" by Google software engineer Chris |
Vulnerability | ||
|
2021-10-19 08:07:56 | Squirrel Engine Bug Could Let Attackers Hack Games and Cloud Services (lien direct) | Researchers have disclosed an out-of-bounds read vulnerability in the Squirrel programming language that can be abused by attackers to break out of the sandbox restrictions and execute arbitrary code within a SquirrelVM, thus giving a malicious actor complete access to the underlying machine.
Tracked as CVE-2021-41556, the issue occurs when a game library referred to as Squirrel Engine is used |
Hack Vulnerability | ||
|
2021-10-13 06:06:30 | Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets (lien direct) | A now-patched critical vulnerability in OpenSea, the world's largest non-fungible token (NFT) marketplace, could've been abused by malicious actors to drain cryptocurrency funds from a victim by sending a specially-crafted token, opening a new attack vector for exploitation.
The findings come from cybersecurity firm Check Point Research, which began an investigation into the platform following |
Vulnerability | ★★★★ | |
|
2021-10-12 22:49:10 | Update Your Windows PCs Immediately to Patch 4 New 0-Days Under Active Attack (lien direct) | Microsoft on Tuesday rolled out security patches to contain a total of 71 vulnerabilities in Microsoft Windows and other software, including a fix for an actively exploited privilege escalation vulnerability that could be exploited in conjunction with remote code execution bugs to take control over vulnerable systems.
Two of the addressed security flaws are rated Critical, 68 are rated Important |
Vulnerability | ||
|
2021-10-12 00:57:12 | GitHub Revoked Insecure SSH Keys Generated by a Popular git Client (lien direct) | Code hosting platform GitHub has revoked weak SSH authentication keys that were generated via the GitKraken git GUI client due to a vulnerability in a third-party library that increased the likelihood of duplicated SSH keys.
As an added precautionary measure, the Microsoft-owned company also said it's building safeguards to prevent vulnerable versions of GitKraken from adding newly generated |
Vulnerability | ||
|
2021-10-11 19:41:34 | Apple Releases Urgent iPhone and iPad Updates to Patch New Zero-Day Vulnerability (lien direct) | Apple on Monday released a security update for iOS and iPad to address a critical vulnerability that it says is being exploited in the wild, making it the 17th zero-day flaw the company has addressed in its products since the start of the year.'
The weakness, assigned the identifier CVE-2021-30883, concerns a memory corruption issue in the "IOMobileFrameBuffer" component that could allow an |
Vulnerability | ||
|
2021-10-07 21:47:57 | New Patch Released for Actively Exploited 0-Day Apache Path Traversal to RCE Attacks (lien direct) | The Apache Software Foundation on Thursday released additional security updates for its HTTP Server product to remediate what it says is an "incomplete fix" for an actively exploited path traversal and remote code execution flaw that it patched earlier this week.
CVE-2021-42013, as the new vulnerability is identified as, builds upon CVE-2021-41773, a flaw that impacted Apache web servers running |
Vulnerability | ||
|
2021-10-07 04:50:04 | Code Execution Bug Affects Yamale Python Package - Used by Over 200 Projects (lien direct) | A high-severity code injection vulnerability has been disclosed in 23andMe's Yamale, a schema and validator for YAML, that could be trivially exploited by adversaries to execute arbitrary Python code.
The flaw, tracked as CVE-2021-38305 (CVSS score: 7.8), involves manipulating the schema file provided as input to the tool to circumvent protections and achieve code execution. Particularly, the |
Tool Vulnerability | ||
|
2021-10-04 07:29:11 | Creating Wireless Signals with Ethernet Cable to Steal Data from Air-Gapped Systems (lien direct) | A newly discovered data exfiltration mechanism employs Ethernet cables as a "transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research.
"It's interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack," Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Center |
Vulnerability | ||
|
2021-09-30 06:49:19 | New Azure AD Bug Lets Hackers Brute-Force Passwords Without Getting Caught (lien direct) | Cybersecurity researchers have disclosed an unpatched security vulnerability in the protocol used by Microsoft Azure Active Directory that potential adversaries could abuse to stage undetected brute-force attacks.
"This flaw allows threat actors to perform single-factor brute-force attacks against Azure Active Directory (Azure AD) without generating sign-in events in the targeted organization's |
Vulnerability Threat | ||
|
2021-09-28 08:31:06 | Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns (lien direct) | Opportunistic threat actors have been found actively exploiting a recently disclosed critical security flaw in Atlassian Confluence deployments across Windows and Linux to deploy web shells that result in the execution of crypto miners on compromised systems.
Tracked as CVE-2021-26084 (CVSS score: 9.8), the vulnerability concerns an OGNL (Object-Graph Navigation Language) injection flaw that |
Vulnerability Threat | ||
|
2021-09-24 23:39:22 | Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability (lien direct) | Google on Friday rolled out an emergency security patch to its Chrome web browser to address a security flaw that's known to have an exploit in the wild.
Tracked as CVE-2021-37973, the vulnerability has been described as use after free in Portals API, a web page navigation system that enables a page to show another page as an inset and "perform a seamless transition to a new state, where the |
Vulnerability | ||
|
2021-09-24 22:41:08 | SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices (lien direct) | Network security company SonicWall has addressed a critical security vulnerability affecting its Secure Mobile Access (SMA) 100 series appliances that can permit remote, unauthenticated attackers to gain administrator access on targeted devices remotely.
Tracked as CVE-2021-20034, the arbitrary file deletion flaw is rated 9.1 out of a maximum of 10 on the CVSS scoring system, and could allow an |
Vulnerability | ||
|
2021-09-21 20:34:56 | High-Severity RCE Flaw Disclosed in Several Netgear Router Models (lien direct) | Networking equipment company Netgear has released patches to remediate a high-severity remote code execution vulnerability affecting multiple routers that could be exploited by remote attackers to take control of an affected system.
Traced as CVE-2021-40847 (CVSS score: 8.1), the security weakness impacts the following models -
R6400v2 (fixed in firmware version 1.0.4.120)
R6700 |
Vulnerability | ||
|
2021-09-21 20:22:09 | VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server (lien direct) | VMware on Tuesday published a new bulletin warning of as many as 19 vulnerabilities in vCenter Server and Cloud Foundation appliances that a remote attacker could exploit to take control of an affected system.
The most urgent among them is an arbitrary file upload vulnerability in the Analytics service (CVE-2021-22005) that impacts vCenter Server 6.7 and 7.0 deployments. "A malicious actor with |
Vulnerability | ||
|
2021-09-21 09:48:15 | Unpatched High-Severity Vulnerability Affects Apple macOS Computers (lien direct) | Cybersecurity researchers on Tuesday disclosed details of an unpatched vulnerability in macOS Finder that could be abused by remote adversaries to trick users into running arbitrary commands on the machines.
"A vulnerability in macOS Finder allows files whose extension is inetloc to execute arbitrary commands, these files can be embedded inside emails which if the user clicks on them will |
Vulnerability | ||
|
2021-09-16 02:48:22 | Third Critical Bug Affects Netgear Smart Switches - Details and PoC Released (lien direct) | New details have been revealed about a recently remediated critical vulnerability in Netgear smart switches that could be leveraged by an attacker to potentially execute malicious code and take control of vulnerable devices.
The flaw - dubbed "Seventh Inferno" (CVSS score: 9.8) - is part of a trio of security weaknesses, called Demon's Cries (CVSS score: 9.8) and Draconian Fear (CVSS score: 7.8) |
Vulnerability | ||
|
2021-09-14 22:00:22 | Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability (lien direct) | A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively exploited zero-day in its MSHTML Platform that came to light last week.
Of the 66 flaws, three are rated |
Vulnerability | ||
|
2021-09-13 06:48:50 | Critical Bug Reported in NPM Package With Millions of Downloads Weekly (lien direct) | A widely used NPM package called 'Pac-Resolver' for the JavaScript programming language has been remediated with a fix for a high-severity remote code execution vulnerability that could be abused to run malicious code inside Node.js applications whenever HTTP requests are sent.
The flaw, tracked as CVE-2021-23406, has a severity rating of 8.1 on the CVSS vulnerability scoring system and affects |
Vulnerability | ||
|
2021-09-09 22:07:33 | Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances (lien direct) | Microsoft on Wednesday said it remediated a vulnerability in its Azure Container Instances (ACI) services that could have been exploited by a malicious actor "to access other customers' information" in what the researcher described as the "first cross-account container takeover in the public cloud."
An attacker exploiting the weakness could execute malicious commands on other users' containers, |
Vulnerability | ||
|
2021-09-08 22:45:14 | CISA Warns of Actively Exploited Zoho ManageEngine ADSelfService Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday issued a bulletin warning of a zero-day flaw affecting Zoho ManageEngine ADSelfService Plus deployments that is currently being actively exploited in the wild.
The flaw, tracked as CVE-2021-40539, concerns a REST API authentication bypass that could lead to arbitrary remote code execution (RCE). ADSelfService Plus |
Vulnerability Guideline | ||
|
2021-09-08 05:33:28 | HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack (lien direct) | A critical security vulnerability has been disclosed in HAProxy, a widely used open-source load balancer and proxy server, that could be abused by an adversary to possibly smuggle HTTP requests, resulting in unauthorized access to sensitive data and execution of arbitrary commands, effectively opening the door to an array of attacks.
Tracked as CVE-2021-40346, the Integer Overflow vulnerability |
Vulnerability | ||
|
2021-09-07 03:05:28 | Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server (lien direct) | The maintainers of Jenkins-a popular open-source automation server software-have disclosed a security breach after unidentified threat actors gained access to one of their servers by exploiting a recently disclosed vulnerability in Atlassian Confluence service to install a cryptocurrency miner.
The "successful attack," which is believed to have occurred last week, was mounted against its |
Vulnerability Threat |
To see everything:
Our RSS (filtrered)
