What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-04-15 09:28:00 | Google publie une mise à jour d'urgence chromée pour corriger la vulnérabilité zéro-jour exploitée activement Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability (lien direct) |
Vendredi, Google a publié des mises à jour hors bande pour résoudre un défaut zéro-jour exploité activement dans son navigateur Web Chrome, ce qui en fait le premier bug de ce type depuis le début de l'année.
Suivi en CVE-2023-2033, la vulnérabilité de haute sévérité a été décrite comme un problème de confusion de type dans le moteur JavaScript V8.Clement Lecigne du groupe d'analyse des menaces de Google (TAG) a été
Google on Friday released out-of-band updates to resolve an actively exploited zero-day flaw in its Chrome web browser, making it the first such bug to be addressed since the start of the year. Tracked as CVE-2023-2033, the high-severity vulnerability has been described as a type confusion issue in the V8 JavaScript engine. Clement Lecigne of Google\'s Threat Analysis Group (TAG) has been |
Threat Vulnerability | ★★ | |
|
2023-04-14 12:45:00 | Vulnérabilités sévères de l'enquête Android et Novi sous exploitation active Severe Android and Novi Survey Vulnerabilities Under Active Exploitation (lien direct) |
L'Agence américaine de sécurité de la cybersécurité et de l'infrastructure (CISA) a ajouté deux vulnérabilités à son catalogue connu sur les vulnérabilités exploitées (KEV), sur la base des preuves d'une exploitation active.
Les deux défauts arE répertorié ci-dessous -
CVE-2023-20963 (score CVSS: 7.8) - Vulnérabilité d'escalade du privilège Android Framework
CVE-2023-29492 (score CVSS: TBD) - Vulnérabilité de désérialisation incertaine d'enquête Novi
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability |
Vulnerability | ★★ | |
|
2023-04-14 01:30:00 | Google lance de nouvelles initiatives de cybersécurité pour renforcer la gestion de la vulnérabilité Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management (lien direct) |
Google a décrit jeudi un ensemble d'initiatives visant à améliorer l'écosystème de la gestion de la vulnérabilité et à établir de plus grandes mesures de transparence autour de l'exploitation.
"Bien que la notoriété des vulnérabilités zéro-jour fasse généralement la une des journaux, les risques restent même après leur connu et corrigé, ce qui est la véritable histoire", a déclaré la société dans une annonce."Ces risques couvrent tout de
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they\'re known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from |
Vulnerability | ★★ | |
|
2023-04-01 14:03:00 | Microsoft corrige la nouvelle vulnérabilité Azure AD impactant la recherche Bing et les principales applications [Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps] (lien direct) | Microsoft a corrigé un problème de mauvaise configuration ayant un impact sur le service d'identité et de gestion d'accès Azure Active Directory (AAD) qui a exposé plusieurs applications "à fort impact" à un accès non autorisé.
"L'une de ces applications est un système de gestion de contenu (CMS) qui alimente Bing.com et nous a permis non seulement de modifier les résultats de la recherche, mais également de lancer des attaques XSS à fort impact contre les utilisateurs de Bing"
Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that exposed several "high-impact" applications to unauthorized access. "One of these apps is a content management system (CMS) that powers Bing.com and allowed us to not only modify search results, but also launch high-impact XSS attacks on Bing users," cloud security |
Cloud Vulnerability | ★★ | |
|
2023-04-01 10:06:00 | Les pirates exploitent la vulnérabilité WordPress Elementor Pro: des millions de sites en danger! [Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!] (lien direct) | Les acteurs de menace inconnus exploitent activement une vulnérabilité de sécurité récemment corrigée dans le plugin Builder de site Web Elementor Pro pour WordPress.
La faille, décrite comme un cas de contrôle d'accès cassé, a un impact sur les versions 3.11.6 et plus tôt.Il a été abordé par les mainteneurs de plugin dans la version 3.11.7 publiés le 22 mars.
"Amélioration de l'application de sécurité du code dans les composants WooCommerce"
Unknown threat actors are actively exploiting a recently patched security vulnerability in the Elementor Pro website builder plugin for WordPress. The flaw, described as a case of broken access control, impacts versions 3.11.6 and earlier. It was addressed by the plugin maintainers in version 3.11.7 released on March 22. "Improved code security enforcement in WooCommerce components," the |
Threat Vulnerability | ★★ | |
|
2023-03-31 19:37:00 | Winter Vivern APT cible les entités gouvernementales européennes avec une vulnérabilité de Zimbra [Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability] (lien direct) | L'acteur avancé de menace persistante (APT) connue sous le nom de Winter Vivern cible désormais des responsables en Europe et aux États-Unis dans le cadre d'une campagne de cyber-espionnage en cours.
"TA473 Depuis au moins février 2023, a continué à exploiter une vulnérabilité de Zimbra non corrigée dans les portails de la messagerie Web qui leur permet d'accéder aux boîtes aux lettres d'e-mail des entités gouvernementales en Europe", ProofPoint
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals that allows them to gain access to the email mailboxes of government entities in Europe," Proofpoint |
Threat Vulnerability | ★★ | |
|
2023-03-30 22:32:00 | Les chercheurs détaillent la vulnérabilité sévère "Super Fabrixs" dans Microsoft Azure SFX [Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX] (lien direct) | Des détails ont émergé sur une vulnérabilité désormais réglée dans Azure Service Fabric Explorer (SFX) qui pourrait conduire à une exécution de code distante non authentifiée.
Suivi sous le nom de CVE-2023-23383 (score CVSS: 8.2), le problème a été surnommé "Super Fabrixs" par Orca Security, un clin d'œil au Fabrixss Flaw (CVE-2022-35829, CVSS Score: 6.2) qui a été fixé par Microsoften octobre 2022.
"La vulnérabilité Super Fabrixss
Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Tracked as CVE-2023-23383 (CVSS score: 8.2), the issue has been dubbed "Super FabriXss" by Orca Security, a nod to the FabriXss flaw (CVE-2022-35829, CVSS score: 6.2) that was fixed by Microsoft in October 2022. "The Super FabriXss vulnerability |
Vulnerability | ★★★ | |
|
2023-03-30 17:51:00 | Nouveau défaut de sécurité du protocole Wi-Fi affectant les appareils Linux, Android et iOS [New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices] (lien direct) | Un groupe d'universitaires de la Northeastern University et Ku Leuven a révélé une faille de conception fondamentale dans la norme du protocole Wi-Fi IEEE 802.11, ce qui a un impact sur un large éventail d'appareils exécutant Linux, FreeBSD, Android et iOS.
L'exploitation réussie de la lacune pourrait être abusée pour détourner les connexions TCP ou intercepter le trafic client et Web, les chercheurs Domien Schepers, Aanjhan Ranganathan,
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11 Wi-Fi protocol standard, impacting a wide range of devices running Linux, FreeBSD, Android, and iOS. Successful exploitation of the shortcoming could be abused to hijack TCP connections or intercept client and web traffic, researchers Domien Schepers, Aanjhan Ranganathan, |
Threat Data Breach Vulnerability | ★★★ | |
|
2023-03-30 12:01:00 | Application de bureau 3CX ciblée dans la cyberattaque de la chaîne d'approvisionnement, affectant des millions d'utilisateurs [3CX Desktop App Targeted in Supply Chain Cyber Attack, Affecting Millions of Users] (lien direct) | 3CX a déclaré qu'il travaillait sur une mise à jour logicielle pour son application de bureau après que plusieurs fournisseurs de cybersécurité ont sonné l'alarme sur ce qui semble être une attaque de chaîne d'approvisionnement active qui a utilisé des installateurs signés et truqués numériquement de la voix et de la vidéo populairesConférence de conférences pour cibler les clients en aval.
"L'application de bureau Trojanisée 3CX est la première étape d'une chaîne d'attaque à plusieurs étapes qui tire
3CX said it\'s working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on what appears to be an active supply chain attack that\'s using digitally signed and rigged installers of the popular voice and video conferencing software to target downstream customers. "The trojanized 3CX desktop app is the first stage in a multi-stage attack chain that pulls |
Threat Vulnerability | ★★★ | |
|
2023-03-27 15:18:00 | Microsoft émet un patch pour le défaut de confidentialité d'Acropalypse dans les outils de capture d'écran Windows [Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools] (lien direct) | Microsoft a publié une mise à jour hors bande pour aborder un défaut de déficience de confidentialité dans son outil d'édition de capture d'écran pour Windows 10 et Windows 11.
Le problème, surnommé Acropalypse, pourrait permettre aux acteurs malveillants de récupérer des parties éditées de captures d'écran, potentiellement révélant des informations sensibles qui peuvent avoir été résolues.
Suivi comme CVE-2023-28303, la vulnérabilité est notée de 3,3 sur le CVSS
Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. The issue, dubbed aCropalypse, could enable malicious actors to recover edited portions of screenshots, potentially revealing sensitive information that may have been cropped out. Tracked as CVE-2023-28303, the vulnerability is rated 3.3 on the CVSS |
Tool Vulnerability | ★★ | |
|
2023-03-25 11:43:00 | Microsoft met en garde contre la vulnérabilité des perspectives furtives exploitées par des pirates russes [Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers] (lien direct) | Vendredi, Microsoft a partagé les conseils pour aider les clients à découvrir des indicateurs de compromis (IOC) associés à une vulnérabilité Outlook récemment corrigée.
Suivi sous le nom de CVE-2023-23397 (score CVSS: 9.8), la faille critique se rapporte à un cas d'escalade de privilèges qui pourrait être exploité pour voler des hachages NT LAN Manager (NTLM) et mettre en scène une attaque de relais sans nécessiter aucune interaction utilisateur.
"Externe
Microsoft on Friday shared guidance to help customers discover indicators of compromise (IoCs) associated with a recently patched Outlook vulnerability. Tracked as CVE-2023-23397 (CVSS score: 9.8), the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager (NTLM) hashes and stage a relay attack without requiring any user interaction. "External |
Vulnerability | ★★ | |
|
2023-03-24 13:21:00 | Plugin WooCommerce Critical Plugin Poffé pour plus de 500 000 sites WordPress [Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites] (lien direct) | Des correctifs ont été publiés pour un défaut de sécurité critique impactant le plugin WooCommerce Payments pour WordPress, qui est installé sur plus de 500 000 sites Web.
La faille, si elle n'est pas résolue, pourrait permettre à un mauvais acteur d'obtenir un accès administrateur non autorisé aux magasins impactés, a déclaré la société dans un avis le 23 mars 2023. Il a un impact sur les versions 4.8.0 à 5.6.1.
Mettez différemment, le problème pourrait permettre
Patches have been released for a critical security flaw impacting the WooCommerce Payments plugin for WordPress, which is installed on over 500,000 websites. The flaw, if left unresolved, could enable a bad actor to gain unauthorized admin access to impacted stores, the company said in an advisory on March 23, 2023. It impacts versions 4.8.0 through 5.6.1. Put differently, the issue could permit |
Threat Vulnerability | ★★★ | |
|
2023-03-16 12:04:00 | Multiple Hacker Groups Exploit 3-Year-Old Vulnerability to Breach U.S. Federal Agency (lien direct) | Multiple threat actors, including a nation-state group, exploited a critical three-year-old security flaw in Progress Telerik to break into an unnamed federal entity in the U.S. The disclosure comes from a joint advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC). | Threat Vulnerability | ★★ | |
|
2023-03-16 10:17:00 | CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 (CVSS score: 8.6), which could be exploited by a threat actor to achieve arbitrary code execution. "Adobe ColdFusion | Threat Vulnerability | ★★ | |
|
2023-03-09 19:31:00 | IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks (lien direct) | A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to several media and entertainment sector organizations across the world. The intrusions entail the exploitation of a recently disclosed deserialization vulnerability in IBM Aspera Faspex file-sharing software (CVE-2022-47986, CVSS score: 9.8), according to | Ransomware Vulnerability | ★★★ | |
|
2023-03-09 10:53:00 | New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access (lien direct) | Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable a threat actor to take control of affected systems. The issue, tracked as CVE-2023-25610, is rated 9.3 out of 10 for severity and was internally discovered and reported by its security teams. "A buffer underwrite ('buffer underflow') vulnerability in | Threat Vulnerability | ★★★ | |
|
2023-03-08 16:04:00 | Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity (lien direct) | The North Korea-linked Lazarus Group has been observed weaponizing flaws in an undisclosed software to breach a financial business entity in South Korea twice within a span of a year. While the first attack in May 2022 entailed the use of a vulnerable version of a certificate software that's widely used by public institutions and universities, the re-infiltration in October 2022 involved the | Hack Vulnerability Medical | APT 38 | ★★★ |
|
2023-03-08 12:00:00 | CISA\'s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is below - CVE-2022-35914 (CVSS score: 9.8) - Teclib GLPI Remote Code Execution Vulnerability CVE-2022-33891 (CVSS score: 8.8) - Apache Spark Command Injection Vulnerability | Vulnerability | ★★ | |
|
2023-03-06 14:00:00 | Experts Discover Flaw in U.S. Govt\'s Chosen Quantum-Resistant Encryption Algorithm (lien direct) | A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH | Vulnerability | ★ | |
|
2023-02-28 12:12:00 | CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 (CVSS score: 7.5), the issue impacts ZK Framework versions 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2, and 8.6.4.1, and allows threat actors to retrieve sensitive | Threat Vulnerability | ★★★ | |
|
2023-02-24 18:52:00 | How to Use AI in Cybersecurity and Avoid Being Trapped (lien direct) | The use of AI in cybersecurity is growing rapidly and is having a significant impact on threat detection, incident response, fraud detection, and vulnerability management. According to a report by Juniper Research, the use of AI for fraud detection and prevention is expected to save businesses $11 billion annually by 2023. But how to integrate AI into business cybersecurity infrastructure | Threat Vulnerability | ★★★ | |
|
2023-02-23 20:32:00 | Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products (lien direct) | Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January 20, 2023. Tracked as CVE-2022-47966 (CVSS score: 9.8), the remote code execution flaw allows a complete takeover of the susceptible systems by unauthenticated attackers. As many as 24 different products, including Access | Threat Vulnerability | ★★ | |
|
2023-02-23 18:02:00 | The Secret Vulnerability Finance Execs are Missing (lien direct) | The (Other) Risk in Finance A few years ago, a Washington-based real estate developer received a document link from First American – a financial services company in the real estate industry – relating to a deal he was working on. Everything about the document was perfectly fine and normal. The odd part, he told a reporter, was that if he changed a single digit in the URL, suddenly, he could see | Vulnerability | ★★ | |
|
2023-02-22 10:25:00 | VMware Patches Critical Vulnerability in Carbon Black App Control Product (lien direct) | VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product. Tracked as CVE-2023-20858, the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x. The virtualization services provider describes the issue as an injection vulnerability. Security researcher Jari | Vulnerability | ★★★ | |
|
2023-02-17 11:16:00 | Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software (lien direct) | Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, and | Guideline Vulnerability | ★★★★ | |
|
2023-02-06 15:25:00 | OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability (lien direct) | The maintainers of OpenSSH have released OpenSSH 9.2 to address a number of security bugs, including a memory safety vulnerability in the OpenSSH server (sshd). Tracked as CVE-2023-25136, the shortcoming has been classified as a pre-authentication double free vulnerability that was introduced in version 9.1. "This is not believed to be exploitable, and it occurs in the unprivileged pre-auth | Vulnerability | ★★ | |
|
2023-02-04 10:11:00 | Warning: Hackers Actively Exploiting Zero-Day in Fortra\'s GoAnywhere MFT (lien direct) | A zero-day vulnerability affecting Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra. The vulnerability is a case of remote code injection that requires access to the administrative console of the application | Vulnerability | ★★★ | |
|
2023-02-03 13:25:00 | Atlassian\'s Jira Software Found Vulnerable to Critical Authentication Vulnerability (lien direct) | Atlassian has released fixes to resolve a critical security flaw in Jira Service Management Server and Data Center that could be abused by an attacker to pass off as another user and gain unauthorized access to susceptible instances. The vulnerability is tracked as CVE-2023-22501 (CVSS score: 9.4) and has been described as a case of broken authentication with low attack complexity. "An | Vulnerability | ★★★ | |
|
2023-02-03 12:56:00 | New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products (lien direct) | F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution. The issue is rooted in the iControl Simple Object Access Protocol (SOAP) interface and affects the following versions of BIG-IP - 13.1.5 14.1.4.6 - 14.1.5 15.1.5.1 - 15.1.8 16.1.2.2 - 16.1.3, and 17.0.0 "A format string vulnerability exists in iControl SOAP | Guideline Vulnerability | ★★ | |
|
2023-01-31 09:36:00 | QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates (lien direct) | Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage (NAS) devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale. It affects QTS 5.0.1 and QuTS hero h5.0.1. "If exploited, this vulnerability allows remote attackers to inject | Guideline Vulnerability | ★★ | |
|
2023-01-30 15:00:00 | Realtek Vulnerability Under Attack: 134 Million Attempts in 2 Months to Hack IoT Devices (lien direct) | Researchers are warning about a spike in exploitation attempts weaponizing a critical remote code execution flaw in Realtek Jungle SDK since the start of August 2022. According to Palo Alto Networks Unit 42, the ongoing campaign is said to have recorded 134 million exploit attempts as of December 2022, with 97% of the attacks occurring in the past four months. Close to 50% of the attacks | Hack Vulnerability | ★★★ | |
|
2023-01-26 20:22:00 | Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA (lien direct) | Proof-of-concept (Poc) code has been released for a now-patched high-severity security flaw in the Windows CryptoAPI that the U.S. National Security Agency (NSA) and the U.K. National Cyber Security Centre (NCSC) reported to Microsoft last year. Tracked as CVE-2022-34689 (CVSS score: 7.5), the spoofing vulnerability was addressed by the tech giant as part of Patch Tuesday updates released in | Vulnerability | ★★ | |
|
2023-01-24 17:03:00 | Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium (lien direct) | Vulnerability analysis results in Orange Cyberdefenses' Security Navigator show that some vulnerabilities first discovered in 1999 are still found in networks today. This is concerning. Age of VOC findings Our Vulnerability Scans are performed on a recurring basis, which provides us the opportunity to examine the difference between when a scan was performed on an Asset, and when a given finding | Vulnerability | ★★ | |
|
2023-01-24 14:51:00 | Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability (lien direct) | Apple has backported fixes for a recently disclosed critical security flaw affecting older devices, citing evidence of active exploitation. The issue, tracked as CVE-2022-42856, is a type confusion vulnerability in the WebKit browser engine that could result in arbitrary code execution when processing maliciously crafted web content. While it was originally addressed by the company on November | Vulnerability | ★★★★ | |
|
2023-01-20 12:29:00 | New Chinese Malware Spotted Exploiting Recent Fortinet Firewall Vulnerability (lien direct) | A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa. Telemetry evidence gathered by Google-owned Mandiant indicates that the exploitation occurred as early as October 2022, at least nearly two months before fixes were | Threat Malware Vulnerability | ★★ | |
|
2023-01-19 19:50:00 | New Microsoft Azure Vulnerability Uncovered - Experts Warn of RCE Attacks (lien direct) | A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. "The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu," Ermetic researcher Liv Matan said in a report shared with The Hacker News. "By | Vulnerability | ★★★★★ | |
|
2023-01-17 16:08:00 | Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It\'s Too Late! (lien direct) | Users of Zoho ManageEngine are being urged to patch their instances against a critical security vulnerability ahead of the release of a proof-of-concept (PoC) exploit code. The issue in question is CVE-2022-47966, an unauthenticated remote code execution vulnerability affecting several products due to the use of an outdated third-party dependency, Apache Santuario. "This vulnerability allows an | Vulnerability | ★★ | |
|
2023-01-14 13:41:00 | Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability (lien direct) | A majority of internet-exposed Cacti servers have not been patched against a recently patched critical security vulnerability that has come under active exploitation in the wild. That's according to attack surface management platform Censys, which found only 26 out of a total of 6,427 servers to be running a patched version of Cacti (1.2.23 and 1.3.0). The issue in question relates to | Vulnerability | ★★★ | |
|
2023-01-13 15:11:00 | FortiOS Flaw Exploited as Zero-Day in Attacks on Government and Organizations (lien direct) | A zero-day vulnerability in FortiOS SSL-VPN that Fortinet addressed last month was exploited by unknown actors in attacks targeting the government and other large organizations. "The complexity of the exploit suggests an advanced actor and that it is highly targeted at governmental or government-related targets," Fortinet researchers said in a post-mortem analysis published this week. The | Vulnerability | ★★★ | |
|
2023-01-12 15:12:00 | Experts Detail Chromium Browser Security Flaw Putting Confidential Data at Risk (lien direct) | Details have emerged about a now-patched vulnerability in Google Chrome and Chromium-based browsers that, if successfully exploited, could have made it possible to siphon files containing confidential data. "The issue arose from the way the browser interacted with symlinks when processing files and directories," Imperva researcher Ron Masas said. "Specifically, the browser did not properly check | Vulnerability | ★★ | |
|
2023-01-12 15:10:00 | Patch where it Hurts: Effective Vulnerability Management in 2023 (lien direct) | A recently published Security Navigator report data shows that businesses are still taking 215 days to patch a reported vulnerability. Even for critical vulnerabilities, it generally takes more than 6 months to patch. Good vulnerability management is not about being fast enough in patching all potential breaches. It's about focusing on the real risk using vulnerability prioritization to correct | Patching Vulnerability | ★★★ | |
|
2023-01-12 12:51:00 | Twitter Denies Hacking Claims, Assures Leaked User Data Not from its System (lien direct) | Twitter on Wednesday said that its investigation found "no evidence" that users' data sold online was obtained by exploiting any security vulnerabilities in its systems. "Based on information and intel analyzed to investigate the issue, there is no evidence that the data being sold online was obtained by exploiting a vulnerability of Twitter systems," the company said in a statement. "The data | Vulnerability | ★★★ | |
|
2023-01-12 12:18:00 | Alert: Hackers Actively Exploiting Critical "Control Web Panel" RCE Vulnerability (lien direct) | Malicious actors are actively attempting to exploit a recently patched critical vulnerability in Control Web Panel (CWP) that enables elevated privileges and unauthenticated remote code execution (RCE) on susceptible servers. Tracked as CVE-2022-44877 (CVSS score: 9.8), the bug impacts all versions of the software before 0.9.8.1147 and was patched by its maintainers on October 25, 2022. Control | Vulnerability | ★★★ | |
|
2023-01-05 13:22:00 | Fortinet and Zoho Urge Customers to Patch Enterprise Software Vulnerabilities (lien direct) | Fortinet has warned of a high-severity flaw affecting multiple versions of FortiADC application delivery controller that could lead to the execution of arbitrary code. "An improper neutralization of special elements used in an OS command vulnerability in FortiADC may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP | Guideline Vulnerability | ★★★ | |
|
2023-01-04 09:58:00 | Synology Releases Patch for Critical RCE Vulnerability Affecting VPN Plus Servers (lien direct) | Synology has released security updates to address a critical flaw impacting VPN Plus Server that could be exploited to take over affected systems. Tracked as CVE-2022-43931, the vulnerability carries a maximum severity rating of 10 on the CVSS scale and has been described as an out-of-bounds write bug in the remote desktop functionality in Synology VPN Plus Server. Successful exploitation of the | Vulnerability | ★★★ | |
|
2022-12-22 15:39:00 | Two New Security Flaws Reported in Ghost CMS Blogging Software (lien direct) | Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Tracked as CVE-2022-41654 (CVSS score: 8.5), the authentication bypass vulnerability that allows unprivileged users (i.e., members) to make unauthorized modifications to newsletter settings. | Vulnerability | ★★★ | |
|
2022-12-20 11:22:00 | Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems (lien direct) | Microsoft has disclosed details of a now-patched security flaw in Apple macOS that could be exploited by an attacker to get around security protections imposed to prevent the execution of malicious applications. The shortcoming, dubbed Achilles (CVE-2022-42821, CVSS score: 5.5), was addressed by the iPhone maker in macOS Ventura 13, Monterey 12.6.2, and Big Sur 11.7.2, describing it as a logic | Vulnerability | ★★ | |
|
2022-12-15 19:12:00 | Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as \'Critical\' (lien direct) | Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 (CVSS score: 8.1), the flaw was previously described as an information disclosure vulnerability in SPNEGO Extended Negotiation (NEGOEX) Security Mechanism. SPNEGO, | Vulnerability | ★★★ | |
|
2022-12-14 10:10:00 | Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability (lien direct) | The U.S. National Security Agency (NSA) on Tuesday said a threat actor tracked as APT5 has been actively exploiting a zero-day flaw in Citrix Application Delivery Controller (ADC) and Gateway to take over affected systems. The critical remote code execution vulnerability, identified as CVE-2022-27518, could allow an unauthenticated attacker to execute commands remotely on vulnerable devices and | Threat Vulnerability | APT 5 | ★★★ |
|
2022-12-14 09:14:00 | New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products (lien direct) | Apple on Tuesday rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari web browser to address a new zero-day vulnerability that could result in the execution of malicious code. Tracked as CVE-2022-42856, the issue has been described by the tech giant as a type confusion issue in the WebKit browser engine that could be triggered when processing specially crafted content, leading to | Guideline Vulnerability | ★★ |
To see everything:
Our RSS (filtrered)
