What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2021-11-16 22:23:37 | GitHub addressed two major vulnerabilities in the NPM package manager (lien direct) | Maintainers of the npm package manager for the JavaScript programming language disclosed multiple flaws that were recently addressed. GitHub disclosed two major vulnerabilities in the npm that have been already addressed. The first vulnerability can be exploited by an attacker to publish new versions of any npm package using an account without proper authorization. The flaw was reported by […] | Vulnerability | ||
|
2021-11-12 15:57:25 | macOS Zero-Day exploited in watering hole attacks on users in Hong Kong (lien direct) | Google revealed that threat actors recently exploited a zero-day vulnerability in macOS to deliver malware to users in Hong Kong. Google TAG researchers discovered that threat actors leveraged a zero-day vulnerability in macOS in a watering hole campaign aimed at delivering malware to users in Hong Kong. The attackers exploited a XNU privilege escalation vulnerability […] | Malware Vulnerability Threat | ||
|
2021-11-12 10:11:29 | How we broke the cloud with two lines of code: the full story of ChaosDB (lien direct) | Wiz Research Team disclosed technical details about the discovery of the ChaosDB vulnerability in Azure Cosmos DB database solution. In August, 2021 the Wiz Research Team disclosed ChaosDB – a severe vulnerability in the popular Azure Cosmos DB database solution that allowed for complete, unrestricted access to the accounts and databases of several thousand Microsoft […] | Vulnerability | ||
|
2021-11-12 07:16:27 | BotenaGo botnet targets millions of IoT devices using 33 exploits (lien direct) | Researchers at AT&T discovered a new BotenaGo botnet that is using thirty three exploits to target millions of routers and IoT devices. BotenaGo is a new botnet discovered by researchers at AT&T that leverages thirty three exploits to target millions of routers and IoT devices. Below is the list of exploits used by the bot: Vulnerability Affected devices […] | Vulnerability | ||
|
2021-11-11 09:30:09 | CVE-2021-3064: Easily exploitable RCE flaw in Palo Alto Networks in GlobalProtect VPN (lien direct) | Palo Alto Networks warns of an easy exploitable Remote Code Execution vulnerability in its GlobalProtect VPN product. Palo Alto Networks disclosed a critical remote code execution vulnerability, tracked as CVE-2021-3064, in its GlobalProtect portal and gateway interfaces. The cybersecurity vendor warns that the vulnerability is easily exploitable by an unauthenticated network-based attacker. Successful exploitation can […] | Vulnerability | ||
|
2021-11-10 22:45:20 | VMware discloses a severe flaw in vCenter Server that has yet to fix (lien direct) | VMware announced it is working on patches for an important severity privilege escalation vulnerability affecting vCenter Server. VMware announced it's working on security patches to address an important severity privilege escalation vulnerability, tracked as CVE-2021-22048, in its vCenter Server. vCenter Server is the centralized management utility for VMware and is used to manage virtual machines, multiple […] | Vulnerability | ||
|
2021-11-10 21:18:57 | A flaw in WP Reset PRO WordPress plugin allows wiping the installation DB (lien direct) | A critical vulnerability in the WP Reset PRO WordPress plugin can allow an authenticated user to wipe the entire database of WordPress sites. Researchers from cybersecurity form Packstack have discovered a critical vulnerability in the WP Reset PRO WordPress plugin that could be exploited by an authenticated user to completely wipe the database of a […] | Vulnerability | ||
|
2021-11-09 18:35:29 | Clop gang exploiting CVE-2021-35211 RCE in SolarWinds Serv-U in recent attack (lien direct) | The Clop ransomware gang is exploiting CVE-2021-35211 vulnerability in SolarWinds Serv-U to compromise corporate networks. Threat actors always look for new ways to compromise target networks, Clop ransomware gang (aka TA505, FIN11) is exploiting CVE-2021-35211 SolarWinds Serv-U vulnerability to breach businesses’ infrastructures and deploy its ransomware. The flaw is a remote code execution vulnerability that […] | Ransomware Vulnerability Threat | ||
|
2021-11-03 06:31:36 | Google fixes actively exploited Zero-Day Kernel flaw in Android (lien direct) | Google's Android November 2021 security updates address a zero-day vulnerability in the Kernel that is actively exploited in the wild. Google's Android November 2021 security updates addressed 18 vulnerabilities in the framework and system components and 18 issues in the kernel and vendor components. One of these issues, tracked as CVE-2021-1048, is a use-after-free (UAF) vulnerability […] | Vulnerability | ||
|
2021-11-02 15:47:22 | Google triples bounty for new Linux Kernel exploitation techniques (lien direct) | Google is going to increase the bounty for finding and exploiting privilege escalation vulnerabilities in the Linux kernel. Good news for white hat hackers, Google is going to increase the bounty for demonstrating privilege escalation vulnerabilities in the Linux kernel. The payouts for privilege escalation exploits using a known vulnerability will be up to US$31,337, […] | Vulnerability | ||
|
2021-11-02 14:45:23 | (Déjà vu) 50% of internet-facing GitLab installations are still affected by a RCE flaw (lien direct) | Researchers warn of a now-fixed critical remote code execution (RCE) vulnerability in GitLab ‘s web interface actively exploited in the wild. Cybersecurity researchers warn of a now-patched critical remote code execution (RCE) vulnerability, tracked as CVE-2021-22205, in GitLab’s web interface that has been actively exploited in the wild. The vulnerability is an improper validation issue of […] | Vulnerability | ||
|
2021-10-28 22:44:45 | Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection (lien direct) | Microsoft finds a flaw in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP). Microsoft discovered a vulnerability in macOS, dubbed Shrootless (CVE-2021-30892), that can allow attackers to bypass System Integrity Protection (SIP) and perform malicious activities, such as gaining root privileges and installing rootkits on vulnerable devices. System Integrity Protection (also referred to […] | Vulnerability | ||
|
2021-10-28 21:00:12 | (Déjà vu) Over 1 million WordPress sites affected by OptinMonster plugin flaws (lien direct) | A vulnerability in the popular the OptinMonster plugin allows unauthorized API access and sensitive information disclosure. A high-severity vulnerability (CVE-2021-39341) in The OptinMonster plugin can allow unauthorized API access and sensitive information disclosure on roughly a million WordPress sites. The flaw was discovered by Wordfence researcher Chloe Chamberland on September 28, 2021, and the development […] | Vulnerability | ||
|
2021-10-26 19:57:25 | Expert managed to crack 70% of a 5,000 WiFi network sample in Tel Aviv (lien direct) | A researcher from the security firm CyberArk has managed to crack 70% of Tel Aviv's Wifi Networks starting from a sample of 5,000 gathered WiFi. CyberArk security researcher Ido Hoorvitch demonstrated how it is possible to crack WiFi at scale by exploiting a vulnerability that allows retrieving a PMKID hash. Hoorvitch has managed to crack […] | Vulnerability | ||
|
2021-10-25 05:49:34 | Emsisoft created a free decryptor for past victims of the BlackMatter ransomware (lien direct) | Experts from cybersecurity firm Emsisoft announced the availability of a free decryptor for past victims of the BlackMatter ransomware. Cybersecurity firm Emsisoft has released a free decryption tool for past victims of the BlackMatter ransomware. The researchers found a vulnerability in the encryption process implemented in the BlackMatter ransomware that allowed them to recover encrypted […] | Ransomware Tool Vulnerability | ||
|
2021-10-22 22:05:14 | Facebook SSRF Dashboard allows hunting SSRF vulnerabilities (lien direct) | Facebook developed a new tool that allows security experts to look for Server-Side Request Forgery (SSRF) vulnerabilities in their software. Facebook announced to have designed a new tool, named SSRF Dashboard, that allows security researchers to search for Server-Side Request Forgery (SSRF) vulnerabilities. Server-side request forgery is a web security vulnerability that allows an attacker […] | Tool Vulnerability | ||
|
2021-10-21 20:10:31 | A flaw in WinRAR could lead to remote code execution (lien direct) | A vulnerability in the WinRAR is a trialware file archiver utility for Windows could be exploited by a remote attacker to hack a system. Positive Technologies researcher Igor Sak-Sakovskiy discovered a remote code execution vulnerability, tracked as CVE-2021-35052, in the popular WinRAR trialware file archiver utility for Windows. The vulnerability affects the trial version of […] | Hack Vulnerability | ||
|
2021-10-13 23:12:15 | Apple silently fixed iOS zero-day without crediting the expet who reported it (lien direct) | Apple has silently addressed a zero-day vulnerability that could allow attackers to gain access to sensitive user data. Apple has silently addressed zero-day vulnerability with the release of iOS 15.0.2, the vulnerability could allow attackers gain access to sensitive user information. The flaw was reported to the IT giant by software developers Denis Tokarev seven […] | Vulnerability | ||
|
2021-10-13 07:26:48 | (Déjà vu) Chinese APT IronHusky use Win zero-day in recent wave of attacks (lien direct) | A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. The attacks were conducted between late August and early September 2021 […] | Vulnerability | ||
|
2021-10-12 22:48:52 | Necro botnet now targets Visual Tools DVRs (lien direct) | The FreakOut (aka Necro, N3Cr0m0rPh) Python botnet evolves, it now includes a recently published PoC exploit for Visual Tools DVR. Operators behind the FreakOut (aka Necro, N3Cr0m0rPh) Python botnet have added a PoC exploit for Visual Tools DVR, a professional digital video recorder used in surveillance video systems. The POC exploit code for this vulnerability is publicly […] | Vulnerability | ||
|
2021-10-12 14:17:43 | GitKraken flaw lead to the generation of weak SSH keys (lien direct) | Git GUI client GitKraken team fixed a flaw that lead to the generation of weak SSH keys, users are recommended to revoke and renew their keys. The development team behind the Git GUI client GitKraken has fixed a vulnerability that was leading to the generation of weak SSH keys. The developers addressed the flaw with […] | Vulnerability Guideline | ||
|
2021-10-11 18:18:51 | (Déjà vu) Improper Certificate Validation issue in LibreOffice and OpenOffice allows signed docs spoofing (lien direct) | LibreOffice and OpenOffice released security updates to address a vulnerability that can be exploited by an attacker to spoof signed documents. LibreOffice and OpenOffice released security updates to address a moderate-severity flaw that can allow attackers to manipulate documents to appear as signed by a trusted source. “It is possible for an attacker to manipulate documents […] | Vulnerability | ||
|
2021-10-09 12:03:07 | Security expert published NMAP script for Apache CVE-2021-41773 vulnerability (lien direct) | Security expert Dhiraj Mishra published an NMAP script for the CVE-2021-41773 Path Traversal vulnerability affecting Apache Web Server version 2.4.49. Security researcher Dhiraj Mishra released an NMAP script for the CVE-2021-41773 path traversal vulnerability affecting Apache Web Server version 2.4.49. This week Apache Software Foundation has released HTTP Web Server 2.4.51 to address an actively exploited path […] | Vulnerability | ||
|
2021-10-08 07:38:40 | Apache rolled out a new update in a few days to fix incomplete patch for an actively exploited flaw (lien direct) | Apache Software Foundation has released HTTP Web Server 2.4.51 to completely address a vulnerability that has been actively exploited in the wild. Apache Software Foundation has released HTTP Web Server 2.4.51 to address an actively exploited path traversal vulnerability (CVE-2021-41773) that was only partially addressed with a previous release. An attacker can trigger the flaw […] | Vulnerability | ||
|
2021-10-03 15:16:17 | CVE-2021-38647 OMIGOD flaw impacts IBM QRadar Azure (lien direct) | Experts warn that CVE-2021-38647 OMIGOD flaws affect IBM QRadar Azure and can be exploited by remote attackers to execute arbitrary code. The Open Management Infrastructure RPM package in the IBM QRadar Azure marketplace images is affected by a remote code execution vulnerability tracked as CVE-2021-38647. CVE-2021-38647 is one of the four vulnerabilities in the Open […] | Vulnerability | ||
|
2021-10-02 16:30:10 | Threat actors exploit a flaw in Coinbase 2FA to steal user funds (lien direct) | Threat actors stole funds from the accounts of more than 6,000 users of the crypto exchange Coinbase exploiting a flaw to bypass 2FA authentication. Threat actors have exploited a vulnerability in the SMS-based two-factor authentication (2FA) system implemented by the crypto exchange Coinbase to steal funds from more than 6,000 users. According to a data […] | Vulnerability Threat | ||
|
2021-10-01 07:27:33 | Weaponizing Apple AirTag to lure users to malicious sites (lien direct) | Threat actors could exploit a stored cross-site scripting (XSS) vulnerability in Apple AirTag product to lure users to malicious websites. Security researcher Bobby Rauch discovered a stored cross-site scripting (XSS) vulnerability in the Apple AirTag product that can be exploited by attackers to lure users to malicious websites. Apple AirTag is a tracking device designed […] | Vulnerability | ||
|
2021-09-30 09:17:50 | Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence (lien direct) | Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. Trend Micro researchers have spotted crypto-mining campaigns that are actively exploiting a recently disclosed critical remote code execution vulnerability in Atlassian Confluence deployments across Windows and Linux. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects […] | Vulnerability | ||
|
2021-09-29 18:50:32 | Expert discloses new iPhone lock screen vulnerability in iOS 15 (lien direct) | The security researcher Jose Rodriguez discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be fixed. The security researcher Jose Rodriguez (@VBarraquito) discovered a new lock screen vulnerability for iOS 15 (& iOS 14.8) that has yet to be addressed by Apple. A threat actor with physical access […] | Vulnerability Threat | ||
|
2021-09-28 13:06:31 | A complete PoC exploit for CVE-2021-22005 in VMware vCenter is available online (lien direct) | An exploit for the recently disclosed CVE-2021-22005 vulnerability in VMware vCenter was publicly released, threat actors are already using it. A working exploit for the CVE-2021-22005 vulnerability in VMware vCenter is publicly available, and attackers are already attempting to use it in the wild. VMware recently addressed the critical arbitrary file upload vulnerability CVE-2021-22005, it […] | Vulnerability Threat | ||
|
2021-09-27 18:39:54 | Expert found RCE flaw in Visual Studio Code Remote Development Extension (lien direct) | Researchers from the Italian cybersecurity firm Shielder found a remote code execution vulnerability in Visual Studio Code Remote Development Extension. Visual Studio Code Remote Development allows users to adopt a container, remote machine, or the Windows Subsystem for Linux (WSL) as a full-featured development environment. Users can: Develop on the same operating system you deploy to or use […] | Vulnerability | ||
|
2021-09-25 12:09:20 | Threat actors are attempting to exploit VMware vCenter CVE-2021-22005 flaw (lien direct) | Immediately after the public release of the exploit code for the VMware vCenter CVE-2021-22005 flaw threat actors started using it. Researchers warn that immediately after the release of the exploit code for the recently addressed CVE-2021-22005 flaw in VMware vCenter threat actors started using it. The CVE-2021-22005 issue is a critical arbitrary file upload vulnerability […] | Vulnerability Threat | ||
|
2021-09-25 11:04:44 | (Déjà vu) Google addressed the eleventh Chrome zero-day flaw this year (lien direct) | Google released a Chrome emergency update for Windows, Mac, and Linux that addresses a high-severity zero-day flaw exploited in the wild. Google has released Chrome 94.0.4606.61 for Windows, Mac, and Linux that addresses a high-severity zero-day vulnerability (CVE-2021-37973) exploited in the wild. An attacker can exploit this flaw to execute arbitrary code on systems running vulnerable Chrome versions. This vulnerability […] | Vulnerability | ||
|
2021-09-24 20:32:56 | CVE-2021-20034 flaw can allow SMA 100 device takeover, patch it now! (lien direct) | SonicWall fixed a critical security flaw, tracked as CVE-2021-20034, that impacts some Secure Mobile Access (SMA) 100 series products that can allow device takeover. SonicWall has addressed a critical security vulnerability, tracked as CVE-2021-20034, that impacting several Secure Mobile Access (SMA) 100 series products. The vulnerability is an improper access control vulnerability that can be […] | Vulnerability | ||
|
2021-09-23 06:35:44 | (Déjà vu) CVE-2021-40847 flaw in Netgear SOHO routers could allow remote code execution (lien direct) | CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security experts from consulting firm GRIMM have discovered a vulnerability in Small Offices/Home Offices (SOHO) Netgear routers that could be exploited by a remote attacker to execute arbitrary code as root The flaw, tracked as CVE-2021-40847, […] | Vulnerability | ||
|
2021-09-22 17:31:10 | Hikvision cameras could be remotely hacked due to critical flaw (lien direct) | A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over them. A critical vulnerability, tracked as CVE-2021-36260, affects more than 70 Hikvision camera and NVR models and can allow attackers to take over the devices. The vulnerability is an unauthenticated Remote Code Execution (RCE) vulnerability […] | Vulnerability | ★★★ | |
|
2021-09-22 09:16:11 | VMware addressed a critical flaw in vCenter Server. Patch it now! (lien direct) | VMware addressed a critical arbitrary file upload vulnerability that affects the default configuration of vCenter Server 6.7 and 7.0 deployments. VMware addressed a critical arbitrary file upload vulnerability, tracked as CVE-2021-22005, that impacts appliances running default vCenter Server 6.7 and 7.0 deployments. vCenter Server is the centralized management utility for VMware, and is used to manage […] | Vulnerability | ||
|
2021-09-21 22:46:57 | A zero-day flaw allows to run arbitrary commands on macOS systems (lien direct) | Security researchers disclosed a new zero-day flaw in Apple’s macOS Finder that can allow attackers to run arbitrary commands on Macs. Independent security researcher Park Minchan disclosed a zero-day vulnerability in Apple’s macOS Finder that can be exploited by attackers to run arbitrary commands on Mac systems running any macOS version. The flaw is due […] | Vulnerability | ||
|
2021-09-18 12:21:49 | Expert discloses details and PoC code for Netgear Seventh Inferno bug (lien direct) | A new critical vulnerability in Netgear smart switches can be exploited by an attacker to potentially execute malicious code and take over impacted devices. Researchers provided technical details about a recently addressed critical vulnerability, dubbed Seventh Inferno, in Netgear smart switches that could be exploited by an attacker to potentially execute malicious code and take […] | Vulnerability | ||
|
2021-09-17 22:17:31 | (Déjà vu) CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data (lien direct) | Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system. Chipmaker AMD has addressed a medium severity issue in Platform Security Processor (PSP) chipset driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system. […] | Vulnerability | ||
|
2021-09-17 20:22:21 | Experts warn that Mirai Botnet starts exploiting OMIGOD flaw (lien direct) | The Mirai botnet starts exploiting the recently disclosed OMIGOD vulnerability to compromise vulnerable systems exposed online. Threat actors behind a Mirai botnet starts exploiting a critical Azure OMIGOD vulnerability, tracked as CVE-2021-38647, a few days after Microsoft disclosed them. Recently released September 2021 Patch Tuesday security updates have addressed four severe vulnerabilities, collectively tracked as OMIGOD, in the Open Management […] | Vulnerability Threat | ||
|
2021-09-14 16:22:38 | Millions of HP OMEN gaming PCs impacted by CVE-2021-3437 driver flaw (lien direct) | A high severity vulnerability, tracked as CVE-2021-3437, in HP OMEN laptop and desktop gaming computers exposes millions of systems to DoS and privilege escalation attacks. Millions of HP OMEN laptop and desktop gaming computers are exposed to multiple attacks by a high severity vulnerability tracked as CVE-2021-3437 that was discovered by SentinelLabs researchers. “Potential security vulnerabilities […] | Vulnerability | ||
|
2021-09-14 06:24:15 | Google addresses a new Chrome zero-day flaw actively exploited in the wild (lien direct) | Google Chrome 93.0.4577.82 for Windows, Mac, and Linux that addressed eleven security issues, including two zero-days actively exploited. Google released Chrome 93.0.4577.82 for Windows, Mac, and Linux that fixed eleven security issues, including two zero-days vulnerabilities actively exploited in the wild. This is the tenth zero-day vulnerability in Chrome fixed by Google that was exploited […] | Vulnerability | ||
|
2021-09-14 04:33:13 | Popular NPM package Pac-Resolver affected by a critical flaw (lien direct) | Experts found a critical flaw, tracked as CVE-2021-23406, in the popular NPM package ‘Pac-Resolver‘ that has millions of downloads every week. The development team behind a popular NPM package called ‘Pac-Resolver‘ for the JavaScript programming language fixed a high-severity remote code execution vulnerability tracked as CVE-2021-23406. The vulnerability can be exploited by remote attackers to run […] | Vulnerability | ||
|
2021-09-10 21:47:16 | (Déjà vu) Microsoft fixes Azurescape flaw in Azure Container Instances (lien direct) | Microsoft has fixed the Azurescape issue, a flaw in Azure Container Instances that allows to take over containers of other platform users. Microsoft has addressed a vulnerability in Azure Container Instances (ACI) called Azurescape that could have allowed a malicious container to take over containers belonging to other users. An attacker could exploit the vulnerability […] | Vulnerability | ||
|
2021-09-09 06:47:40 | Zoho warns of zero-day authentication bypass flaw actively exploited (lien direct) | Zoho urges customers to address an authentication bypass vulnerability in its ManageEngine ADSelfService Plus that is actively exploited in the wild. Zoho has released a security patch to address an authentication bypass vulnerability, tracked as CVE-2021-40539, in its ManageEngine ADSelfService Plus. The company also warns the vulnerability is already exploited in attacks in the wild. […] | Vulnerability | ||
|
2021-09-08 12:07:04 | Microsoft warns of a zero-day in Internet Explorer that is actively exploited (lien direct) | Microsoft warns of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors using weaponized Office docs. Microsoft warns of a zero-day vulnerability (CVE-2021-40444) in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Microsoft did not share info about the attacks either the nature of the […] | Vulnerability Threat | ||
|
2021-09-07 18:01:36 | Researcher published PoC exploit for Ghostscript zero-day (lien direct) | A researcher published the PoC exploit code for a Ghostscript zero-day vulnerability that could allow completely compromise a server. Security researcher Nguyen The Duc published on GitHub the proof-of-concept exploit code for a Ghostscript zero-day vulnerability. The vulnerability is a remote code execution (RCE) issue that could allow an attacker to completely compromise a server. Ghostscript […] | Vulnerability | ||
|
2021-09-03 21:48:31 | USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw (lien direct) | USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend. Government experts are aware of the ongoing […] | Vulnerability | ||
|
2021-09-02 21:20:19 | WhatsApp CVE-2020-1910 bug could have led to user data exposure (lien direct) | The now-fixed CVE-2020-1910 vulnerability in WhatApp ‘s image filter feature could have exposed user data to remote attackers. A high-severity security vulnerability in WhatApp’s image filter feature, tracked as CVE-2020-1910, could have been exploited by attackers to read sensitive information from the app’s memory by simply sending a specially crafted image over the messaging app […] | Vulnerability |
To see everything:
Our RSS (filtrered)
