What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-06-14 19:42:01 | Patch Tuesday: Microsoft Issues Fix for Actively Exploited \'Follina\' Vulnerability (lien direct) | Microsoft officially released fixes to address an actively exploited Windows zero-day vulnerability known as Follina as part of its Patch Tuesday updates. Also addressed by the tech giant are 55 other flaws, three of which are rated Critical, 51 are rated Important, and one is rated Moderate in severity. Separately, five other shortcomings were resolved in the Microsoft Edge browser. | Vulnerability | ||
|
2022-06-14 07:13:25 | New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials (lien direct) | A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal services and steal | Vulnerability | ||
|
2022-06-14 05:21:21 | Technical Details Released for \'SynLapse\' RCE Vulnerability Reported in Microsoft Azure (lien direct) | Microsoft has incorporated additional improvements to address the recently disclosed SynLapse security vulnerability in order to meet comprehensive tenant isolation requirements in Azure Data Factory and Azure Synapse Pipelines. The latest safeguards include moving the shared integration runtimes to sandboxed ephemeral instances and using scoped tokens to prevent adversaries from using a client | Vulnerability | ||
|
2022-06-08 06:24:15 | Researchers Warn of Unpatched "DogWalk" Microsoft Windows Vulnerability (lien direct) | An unofficial security patch has been made available for a new Windows zero-day vulnerability in the Microsoft Support Diagnostic Tool (MSDT), even as the Follina flaw continues to be exploited in the wild. The issue - referenced as DogWalk - relates to a path traversal flaw that can be exploited to stash a malicious executable file to the Windows Startup folder when a potential target opens a | Tool Vulnerability | ||
|
2022-06-06 03:58:16 | CISA Warned About Critical Vulnerabilities in Illumina\'s DNA Sequencing Devices (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and Food and Drug Administration (FDA) have issued an advisory about critical security vulnerabilities in Illumina's next-generation sequencing (NGS) software. Three of the flaws are rated 10 out of 10 for severity on the Common Vulnerability Scoring System (CVSS), with two others having severity ratings of 9.1 and 7.4. The issues | Vulnerability | ||
|
2022-06-05 18:54:10 | State-Backed Hackers Exploit Microsoft \'Follina\' Bug to Target Entities in Europe and U.S (lien direct) | A suspected state-aligned threat actor has been attributed to a new set of attacks exploiting the Microsoft Office "Follina" vulnerability to target government entities in Europe and the U.S. Enterprise security firm Proofpoint said it blocked attempts at exploiting the remote code execution flaw, which is being tracked CVE-2022-30190 (CVSS score: 7.8). No less than 1,000 phishing messages | Vulnerability Threat | ||
|
2022-06-03 07:01:16 | GitLab Issues Security Patch for Critical Account Takeover Vulnerability (lien direct) | GitLab has moved to address a critical security flaw in its service that, if successfully exploited, could result in an account takeover. Tracked as CVE-2022-1680, the issue has a CVSS severity score of 9.9 and was discovered internally by the company. The security flaw affects all versions of GitLab Enterprise Edition (EE) starting from 11.10 before 14.9.5, all versions starting from 14.10 | Vulnerability | ||
|
2022-06-02 19:57:46 | Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability (lien direct) | Atlassian has warned of a critical unpatched remote code execution vulnerability impacting Confluence Server and Data Center products that it said is being actively exploited in the wild. The Australian software company credited cybersecurity firm Volexity for identifying the flaw, which is being tracked as CVE-2022-26134. "Atlassian has been made aware of current active exploitation of a | Vulnerability | ||
|
2022-06-02 02:09:08 | Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones (lien direct) | A critical security flaw has been uncovered in UNISOC's smartphone chipset that could be potentially weaponized to disrupt a smartphone's radio communications through a malformed packet. "Left unpatched, a hacker or a military unit can leverage such a vulnerability to neutralize communications in a specific location," Israeli cybersecurity company Check Point said in a report shared with The | Vulnerability | ||
|
2022-06-01 06:56:56 | New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email (lien direct) | A new unpatched security vulnerability has been disclosed in the open-source Horde Webmail client that could be exploited to achieve remote code execution on the email server simply by sending a specially crafted email to a victim. "Once the email is viewed, the attacker can silently take over the complete mail server without any further user interaction," SonarSource said in a report shared | Vulnerability | ||
|
2022-05-31 22:02:54 | Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability (lien direct) | An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. "TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day using URLs to deliver ZIP archives which contain Word Documents that use the technique," enterprise security firm Proofpoint said in | Vulnerability Threat | ||
|
2022-05-30 21:12:31 | Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation (lien direct) | Microsoft on Monday published guidance for a newly discovered zero-day security flaw in its Office productivity suite that could be exploited to achieve code execution on affected systems. The weakness, now assigned the identifier CVE-2022-30190, is rated 7.8 out of 10 for severity on the CVSS vulnerability scoring system. Microsoft Office versions Office 2013, Office 2016, Office 2019, and | Vulnerability | ||
|
2022-05-30 01:40:43 | Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild (lien direct) | Cybersecurity researchers are calling attention to a zero-day flaw in Microsoft Office that could be abused to achieve arbitrary code execution on affected Windows systems. The vulnerability came to light after an independent cybersecurity research team known as nao_sec uncovered a Word document ("05-2022-0438.doc") that was uploaded to VirusTotal from an IP address in Belarus. "It uses Word's | Vulnerability | ||
|
2022-05-27 08:21:18 | Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel (lien direct) | Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitation of which could "allow an attacker to execute arbitrary code in the context of the browser." The | Vulnerability | ||
|
2022-05-26 23:28:02 | Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller and Firewall Devices (lien direct) | Zyxel has released patches to address four security flaws affecting its firewall, AP Controller, and AP products to execute arbitrary operating system commands and steal select information. The list of security vulnerabilities is as follows - CVE-2022-0734 - A cross-site scripting (XSS) vulnerability in some firewall versions that could be exploited to access information stored in the user's | Vulnerability | ||
|
2022-05-26 05:18:32 | Critical \'Pantsdown\' BMC Vulnerability Affects QCT Servers Used in Data Centers (lien direct) | Quanta Cloud Technology (QCT) servers have been identified as vulnerable to the severe "Pantsdown" Baseboard Management Controller (BMC) flaw, according to new research published today. "An attacker running code on a vulnerable QCT server would be able to 'hop' from the server host to the BMC and move their attacks to the server management network, possibly continue and obtain further | Vulnerability | ||
|
2022-05-24 04:02:38 | SIM-based Authentication Aims to Transform Device Binding Security to End Phishing (lien direct) | Let's face it: we all use email, and we all use passwords. Passwords create inherent vulnerability in the system. The success rate of phishing attacks is skyrocketing, and opportunities for the attack have greatly multiplied as lives moved online. All it takes is one password to be compromised for all other users to become victims of a data breach. To deliver additional security, therefore, | Vulnerability | ||
|
2022-05-24 01:34:29 | Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code (lien direct) | Threat actors behind web skimming campaigns are leveraging malicious JavaScript code that mimics Google Analytics and Meta Pixel scripts in an attempt to sidestep detection. "It's a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) via vulnerability exploitation, making this threat highly evasive to | Vulnerability Threat | ||
|
2022-05-23 03:02:00 | New Unpatched Bug Could Let Attackers Steal Money from PayPal Users (lien direct) | A security researcher claims to have discovered an unpatched vulnerability in PayPal's money transfer service that could allow attackers to trick victims into unknowingly completing attacker-directed transactions with a single click. Clickjacking, also called UI redressing, refers to a technique wherein an unwitting user is tricked into clicking seemingly innocuous webpage elements like buttons | Vulnerability | ||
|
2022-05-20 20:06:58 | Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild (lien direct) | Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821 (CVSS score: 6.5), the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution. "A successful exploit could allow | Vulnerability | ||
|
2022-05-20 02:23:24 | Hackers Exploiting VMware Horizon to Target South Korea with NukeSped Backdoor (lien direct) | The North Korea-backed Lazarus Group has been observed leveraging the Log4Shell vulnerability in VMware Horizon servers to deploy the NukeSped (aka Manuscrypt) implant against targets located in its southern counterpart. "The attacker used the Log4j vulnerability on VMware Horizon products that were not applied with the security patch," AhnLab Security Emergency Response Center (ASEC) said in a | Vulnerability Medical | APT 38 | |
|
2022-05-19 19:08:09 | New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars (lien direct) | A novel Bluetooth relay attack can let cybercriminals more easily than ever remotely unlock and operate cars, break open residential smart locks, and breach secure areas. The vulnerability has to do with weaknesses in the current implementation of Bluetooth Low Energy (BLE), a wireless technology used for authenticating Bluetooth devices that are physically located within a close range. | Hack Vulnerability | ||
|
2022-05-19 02:05:10 | High-Severity Bug Reported in Google\'s OAuth Client Library for Java (lien direct) | Google last month addressed a high-severity flaw in its OAuth client library for Java that could be abused by a malicious actor with a compromised token to deploy arbitrary payloads. Tracked as CVE-2021-22573, the vulnerability is rated 8.7 out of 10 for severity and relates to an authentication bypass in the library that stems from an improper verification of the cryptographic signature. | Vulnerability | ||
|
2022-05-16 19:24:22 | Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls RCE Vulnerability (lien direct) | Image source: z3r00t The U.S. Cybersecurity and Infrastructure Security Agency on Monday added two security flaws, including the recently disclosed remote code execution bug affecting Zyxel firewalls, to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. Tracked as CVE-2022-30525, the vulnerability is rated 9.8 for severity and relates to a command injection flaw | Vulnerability | ||
|
2022-05-13 21:16:51 | (Déjà vu) Google Created \'Open Source Maintenance Crew\' to Help Secure Critical Projects (lien direct) | Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers | Tool Vulnerability | ||
|
2022-05-13 05:26:14 | Google Created \'Open-Source Maintenance Crew\' to Help Secure Critical Projects (lien direct) | Google on Thursday announced the creation of a new "Open Source Maintenance Crew" to focus on bolstering the security of critical open source projects. Additionally, the tech giant pointed out Open Source Insights as a tool for analyzing packages and their dependency graphs, using it to determine "whether a vulnerability in a dependency might affect your code." "With this information, developers | Tool Vulnerability | ||
|
2022-05-12 23:24:37 | Zyxel Releases Patch for Critical Firewall OS Command Injection Vulnerability (lien direct) | Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution. "A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device," the company said in an advisory | Vulnerability | ★★★ | |
|
2022-05-11 21:42:42 | CISA Urges Organizations to Patch Actively Exploited F5 BIG-IP Vulnerability (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the recently disclosed F5 BIG-IP flaw to its Known Exploited Vulnerabilities Catalog following reports of active abuse in the wild. The flaw, assigned the identifier CVE-2022-1388 (CVSS score: 9.8), concerns a critical bug in the BIG-IP iControl REST endpoint that provides an unauthenticated adversary with a method to | Vulnerability | ★★★ | |
|
2022-05-10 02:48:16 | Microsoft Mitigates RCE Vulnerability Affecting Azure Synapse and Data Factory (lien direct) | Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. The vulnerability, tracked as CVE-2022-29972, has been codenamed "SynLapse" by researchers from Orca Security, who reported the flaw to Microsoft in January 2022. "The vulnerability was specific to | Vulnerability | ★★★★ | |
|
2022-05-08 20:06:57 | Researchers Develop RCE Exploit for the Latest F5 BIG-IP Vulnerability (lien direct) | Days after F5 released patches for a critical remote code execution vulnerability affecting its BIG-IP family of products, security researchers are warning that they were able to create an exploit for the shortcoming. Tracked CVE-2022-1388 (CVSS score: 9.8), the flaw relates to an iControl REST authentication bypass that, if successfully exploited, could lead to remote code execution, allowing | Vulnerability Guideline | ||
|
2022-05-06 20:20:36 | QNAP Releases Firmware Patches for 9 New Flaws Affecting NAS Devices (lien direct) | QNAP, Taiwanese maker of network-attached storage (NAS) devices, on Friday released security updates to patch nine security weaknesses, including a critical issue that could be exploited to take over an affected system. "A vulnerability has been reported to affect QNAP VS Series NVR running QVR," QNAP said in an advisory. "If exploited, this vulnerability allows remote attackers to run arbitrary | Vulnerability | ★★★★ | |
|
2022-05-05 22:13:54 | Google Releases Android Update to Patch Actively Exploited Vulnerability (lien direct) | Google has released monthly security patches for Android with fixes for 37 flaws across different components, one of which is a fix for an actively exploited Linux kernel vulnerability that came to light earlier this year. Tracked as CVE-2021-22600 (CVSS score: 7.8), the vulnerability is ranked "High" for severity and could be exploited by a local user to escalate privileges or deny service. The | Vulnerability | ||
|
2022-05-04 19:38:14 | F5 Warns of a New Critical BIG-IP Remote Code Execution Vulnerability (lien direct) | Cloud security and application delivery network (ADN) provider F5 on Wednesday released patches to contain 43 bugs spanning its products. Of the 43 issues addressed, one is rated Critical, 17 are rated High, 24 are rated Medium, and one is rated low in severity. Chief among the flaws is CVE-2022-1388, which carries a CVSS score of 9.8 out of a maximum of 10 and stems from a lack of | Vulnerability | ||
|
2022-05-04 05:05:34 | Critical RCE Bug Reported in dotCMS Content Management Software (lien direct) | A pre-authenticated remote code execution vulnerability has been disclosed in dotCMS, an open-source content management system written in Java and "used by over 10,000 clients in over 70 countries around the globe, from Fortune 500 brands and mid-sized businesses." The critical flaw, tracked as CVE-2022-26352, stems from a directory traversal attack when performing file uploads, enabling an | Vulnerability | ||
|
2022-05-02 21:58:25 | Unpatched DNS Related Vulnerability Affects a Wide Range of IoT Devices (lien direct) | Cybersecurity researchers have disclosed an unpatched security vulnerability that could pose a serious risk to IoT products. The issue, which was originally reported in September 2021, affects the Domain Name System (DNS) implementation of two popular C libraries called uClibc and uClibc-ng that are used for developing embedded Linux systems. uClibc is known to be used by major | Vulnerability | ||
|
2022-05-02 07:00:53 | Which Hole to Plug First? Solving Chronic Vulnerability Patching Overload (lien direct) | According to folklore, witches were able to sail in a sieve, a strainer with holes in the bottom. Unfortunately, witches don't work in cybersecurity – where networks generally have so many vulnerabilities that they resemble sieves. For most of us, keeping the sieve of our networks afloat requires nightmarishly hard work and frequent compromises on which holes to plug first. The reason? In 2010, | Vulnerability Patching | ||
|
2022-04-28 23:26:50 | Microsoft Azure Vulnerability Exposes PostgreSQL Databases to Other Customers (lien direct) | Microsoft on Thursday disclosed that it addressed a pair of issues with the Azure Database for PostgreSQL Flexible Server that could result in unauthorized cross-account database access in a region. "By exploiting an elevated permissions bug in the Flexible Server authentication process for a replication user, a malicious user could leverage an improperly anchored regular expression to bypass | Vulnerability | ||
|
2022-04-28 04:26:21 | Everything you need to know to create a Vulnerability Assessment Report (lien direct) | You've been asked for a Vulnerability Assessment Report for your organisation and for some of you reading this article, your first thought is likely to be "What is that?" Worry not. This article will answer that very question as well as why you need a Vulnerability Assessment Report and where you can get one from. As it's likely the request for such a report came from an important source such | Vulnerability | ||
|
2022-04-25 23:18:38 | Iranian Hackers Exploiting VMware RCE Bug to Deploy \'Code Impact\' Backdoor (lien direct) | An Iranian-linked threat actor known as Rocket Kitten has been observed actively exploiting a recently patched VMware vulnerability to gain initial access and deploy the Core Impact penetration testing tool on vulnerable systems. Tracked as CVE-2022-22954 (CVSS score: 9.8), the critical issue concerns a case of remote code execution (RCE) vulnerability affecting VMware Workspace ONE Access and | Tool Vulnerability Threat | ||
|
2022-04-25 13:00:00 | Researchers Report Critical RCE Vulnerability in Google\'s VirusTotal Platform (lien direct) | Security researchers have disclosed a security vulnerability in the VirusTotal platform that could have been potentially weaponized to achieve remote code execution (RCE). The flaw, now patched, made it possible to "execute commands remotely within VirusTotal platform and gain access to its various scans capabilities," Cysource researchers Shai Alfasi and Marlon Fabiano da Silva said in a report | Vulnerability | ||
|
2022-04-25 03:51:30 | Critical Bug in Everscale Wallet Could\'ve Let Attackers Steal Cryptocurrencies (lien direct) | A security vulnerability has been disclosed in the web version of the Ever Surf wallet that, if successfully weaponized, could allow an attacker to gain full control over a victim's wallet. "By exploiting the vulnerability, it's possible to decrypt the private keys and seed phrases that are stored in the browser's local storage," Israeli cybersecurity company Check Point said in a report shared | Vulnerability | ★★★★★ | |
|
2022-04-22 22:52:42 | Atlassian Drops Patches for Critical Jira Authentication Bypass Vulnerability (lien direct) | Atlassian has published a security advisory warning of a critical vulnerability in its Jira software that could be abused by a remote, unauthenticated attacker to circumvent authentication protections. Tracked as CVE-2022-0540, the flaw is rated 9.9 out of 10 on the CVSS scoring system and resides in Jira's authentication framework, Jira Seraph. Khoadha of Viettel Cyber Security has been | Vulnerability | ||
|
2022-04-22 04:43:05 | Researcher Releases PoC for Recent Java Cryptographic Vulnerability (lien direct) | A proof-of-concept (PoC) code demonstrating a newly disclosed digital signature bypass vulnerability in Java has been shared online. The high-severity flaw in question, CVE-2022-21449 (CVSS score: 7.5), impacts the following version of Java SE and Oracle GraalVM Enterprise Edition - Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18 Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1, 22.0.0.2 | Vulnerability | ||
|
2022-04-21 03:50:01 | Unpatched Bug in RainLoop Webmail Could Give Hackers Access to all Emails (lien direct) | An unpatched high-severity security flaw has been disclosed in the open-source RainLoop web-based email client that could be weaponized to siphon emails from victims' inboxes. "The code vulnerability [...] can be easily exploited by an attacker by sending a malicious email to a victim that uses RainLoop as a mail client," SonarSource security researcher Simon Scannell said in a report published | Vulnerability | ||
|
2022-04-20 03:43:52 | Researchers Detail Bug That Could Paralyze Snort Intrusion Detection System (lien direct) | Details have emerged about a now-patched security vulnerability in the Snort intrusion detection and prevention system that could trigger a denial-of-service (DoS) condition and render it powerless against malicious traffic. Tracked as CVE-2022-20685, the vulnerability is rated 7.5 for severity and resides in the Modbus preprocessor of the Snort detection engine. It affects all open-source Snort | Vulnerability | ||
|
2022-04-19 20:58:48 | Hackers Exploiting Recently Reported Windows Print Spooler Vulnerability in the Wild (lien direct) | A security flaw in the Windows Print Spooler component that was patched by Microsoft in February is being actively exploited in the wild, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned. To that end, the agency has added the shortcoming to its Known Exploited Vulnerabilities Catalog, requiring Federal Civilian Executive Branch (FCEB) agencies to address the issues by | Vulnerability | ||
|
2022-04-14 21:05:06 | Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software (lien direct) | Cisco has released patches to contain a critical security vulnerability affecting the Wireless LAN Controller (WLC) that could be abused by an unauthenticated, remote attacker to take control of an affected system. Tracked as CVE-2022-20695, the issue has been rated 10 out of 10 for severity and enables an adversary to bypass authentication controls and log in to the device through the | Vulnerability | ||
|
2022-04-13 21:51:58 | Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild (lien direct) | A week after VMware released patches to remediate eight security vulnerabilities in VMware Workspace ONE Access, threat actors have begun to actively exploit one of the critical flaws in the wild. Tracked as CVE-2022-22954, the critical issue relates to a remote code execution vulnerability that stems from server-side template injection in VMware Workspace ONE Access and Identity Manager. The | Vulnerability Threat | ||
|
2022-04-12 06:08:56 | Critical LFI Vulnerability Reported in Hashnode Blogging Platform (lien direct) | Researchers have disclosed a previously undocumented local file inclusion (LFI) vulnerability in Hashnode, a developer-oriented blogging platform, that could be abused to access sensitive data such as SSH keys, server's IP address, and other network information. "The LFI originates in a Bulk Markdown Import feature that can be manipulated to provide attackers with unimpeded ability to download | Vulnerability | ||
|
2022-04-08 22:18:21 | Hackers Exploiting Spring4Shell Vulnerability to Deploy Mirai Botnet Malware (lien direct) | The recently disclosed critical Spring4Shell vulnerability is being actively exploited by threat actors to execute the Mirai botnet malware, particularly in the Singapore region since the start of April 2022. "The exploitation allows threat actors to download the Mirai sample to the '/tmp' folder and execute them after permission change using 'chmod,'" Trend Micro researchers Deep Patel, Nitesh | Malware Vulnerability Threat |
To see everything:
Our RSS (filtrered)
