Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2021-12-20 11:33:11 |
Log4j vulnerability now used to install Dridex banking malware (lien direct) |
Threat actors now exploit the critical Apache Log4j vulnerability named Log4Shell to infect vulnerable devices with the notorious Dridex banking trojan or Meterpreter. [...] |
Malware
Vulnerability
Threat
|
|
|
|
2021-12-17 18:37:23 |
The Week in Ransomware - December 17th 2021 - Enter Log4j (lien direct) |
A critical Apache Log4j vulnerability took the world by storm this week, and now it is being used by threat actors as part of their ransomware attacks. [...] |
Ransomware
Vulnerability
Threat
|
|
|
|
2021-12-17 13:32:30 |
CISA urges VMware admins to patch critical flaw in Workspace ONE UEM (lien direct) |
CISA has asked VMware admins and users today to patch a critical security vulnerability found in the Workspace ONE UEM console that threat actors could abuse to gain access to sensitive information. [...] |
Vulnerability
Threat
|
|
|
|
2021-12-17 12:35:43 |
(Déjà vu) US orders federal govt agencies to patch critical Log4j bug (lien direct) |
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. [...] |
Vulnerability
|
|
|
|
2021-12-17 12:35:43 |
US emergency directive orders govt agencies to patch Log4j bug (lien direct) |
US Federal Civilian Executive Branch agencies have been ordered to patch the critical and actively exploited Log4Shell security vulnerability in the Apache Log4j library within the next six days. [...] |
Vulnerability
|
|
|
|
2021-12-16 16:12:45 |
Log4j attackers switch to injecting Monero miners via RMI (lien direct) |
Some threat actors exploiting the Apache Log4j vulnerability have switched from LDAP callback URLs to RMI or even used both in a single request for maximum chances of success. [...] |
Vulnerability
Threat
|
|
|
|
2021-12-15 11:09:21 |
Log4j vulnerability now used by state-backed hackers, access brokers (lien direct) |
As expected, nation-state hackers of all kinds have jumped at the opportunity to exploit the recently disclosed critical vulnerability (CVE-2021-44228) in the Log4j Java-based logging library. [...] |
Vulnerability
|
|
|
|
2021-12-14 17:02:25 |
New ransomware now being deployed in Log4Shell attacks (lien direct) |
The first public case of the Log4j Log4Shell vulnerability used to download and install ransomware has been discovered by researchers. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-12-14 14:09:44 |
Microsoft fixes Windows AppX Installer zero-day used by Emotet (lien direct) |
Microsoft has patched a high severity Windows zero-day vulnerability exploited in the wild to deliver Emotet malware payloads. [...] |
Malware
Vulnerability
|
|
|
|
2021-12-14 13:41:43 |
(Déjà vu) Microsoft December 2021 Patch Tuesday fixes 6 zero-days, 67 flaws (lien direct) |
Today is Microsoft's December 2021 Patch Tuesday, and with it comes fixes for six zero-day vulnerabilities and a total of 67 flaws. These updates include a fix for an actively exploited Windows Installer vulnerability used in malware distribution campaigns. [...] |
Malware
Vulnerability
|
|
|
|
2021-12-14 02:46:48 |
Log4j: List of vulnerable products and vendor advisories (lien direct) |
News about a critical vulnerability in the Apache Log4j logging library broke last week when proof-of-concept exploits started to emerge on Thursday. [...] |
Vulnerability
|
|
|
|
2021-12-13 15:21:59 |
Dell driver fix still allows Windows Kernel-level attacks (lien direct) |
Dell's driver fix of the CVE-2021-21551 vulnerability leaves margin for catastrophic BYOVD attacks resulting in Windows kernel driver code execution. [...] |
Vulnerability
|
|
|
|
2021-12-13 12:05:13 |
Attackers can get root by crashing Ubuntu\'s AccountsService (lien direct) |
A local privilege escalation security vulnerability could allow attackers to gain root access on Ubuntu systems by exploiting a double-free memory corruption bug in GNOME's AccountsService component. [...] |
Vulnerability
|
|
|
|
2021-12-12 18:07:20 |
Hackers start pushing malware in worldwide Log4Shell attacks (lien direct) |
Threat actors and researchers are scanning for and exploiting the Log4j Log4Shell vulnerability to deploy malware or find vulnerable servers. In this article we compiled the known payloads, scans, and attacks using the Log4j vulnerability. [...] |
Malware
Vulnerability
Threat
|
|
|
|
2021-12-10 20:58:47 |
Researchers release \'vaccine\' for critical Log4Shell vulnerability (lien direct) |
Researchers from cybersecurity firm Cybereason has released a "vaccine" that can be used to remotely mitigate the critical 'Log4Shell' Apache Log4j code execution vulnerability running rampant through the Internet. [...] |
Vulnerability
|
|
|
|
2021-12-10 11:20:06 |
Minecraft rushes out patch for critical Log4j vulnerability (lien direct) |
Swedish video game developer Mojang Studios has released an emergency Minecraft security update to address a critical bug in the Apache Log4j Java logging library used by the game's Java Edition client and multiplayer servers. [...] |
Vulnerability
|
|
|
|
2021-12-10 04:59:23 |
New zero-day exploit for Log4j Java library is an enterprise nightmare (lien direct) |
Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently being shared online, exposing home users and enterprises alike to remote code execution attacks. [...] |
Vulnerability
|
|
|
|
2021-12-09 12:14:16 |
Dark Mirai botnet targeting RCE on popular TP-Link router (lien direct) |
The botnet known as Dark Mirai (aka MANGA) has been observed exploiting a new vulnerability on the TP-Link TL-WR840N EU V5, a popular inexpensive home router released in 2017. [...] |
Vulnerability
|
|
|
|
2021-12-09 08:40:09 |
SanDisk SecureAccess bug allows brute forcing vault passwords (lien direct) |
Western Digital has fixed a security vulnerability that enabled attackers to brute force SanDisk SecureAccess passwords and access the users' protected files. [...] |
Vulnerability
|
|
|
|
2021-12-09 07:47:15 |
Fujitsu pins Japanese govt data breach on stolen ProjectWEB accounts (lien direct) |
Fujitsu says the attackers behind the May data breach used a vulnerability in the company's ProjectWEB information-sharing tool to steal accounts from legitimate users and access proprietary data belonging to multiple Japanese government agencies. [...] |
Data Breach
Tool
Vulnerability
|
|
|
|
2021-12-09 03:22:11 |
Windows \'InstallerFileTakeOver\' zero-day bug gets free micropatch (lien direct) |
An unofficial patch is available for a zero-day vulnerability that is actively exploited in the wild to gain administrator privileges. [...] |
Vulnerability
|
|
|
|
2021-12-08 03:27:54 |
Moobot botnet spreading via Hikvision camera vulnerability (lien direct) |
A Mirai-based botnet called 'Moobot' is spreading aggressively via exploiting a critical command injection flaw in the webserver of many Hikvision products. [...] |
Vulnerability
|
|
|
|
2021-12-07 17:46:58 |
Grafana fixes zero-day vulnerability after exploits spread over Twitter (lien direct) |
Open-source analytics and interactive visualization solution Grafana received an emergency update today to fix a high-severity, zero-day vulnerability that enabled remote access to local files. [...] |
Vulnerability
|
|
|
|
2021-12-01 12:39:15 |
Mozilla fixes critical bug in cross-platform cryptography library (lien direct) |
Mozilla has addressed a critical memory corruption vulnerability affecting its cross-platform Network Security Services (NSS) set of cryptography libraries. [...] |
Vulnerability
|
|
|
|
2021-11-30 08:00:00 |
8-year-old HP printer vulnerability affects 150 printer models (lien direct) |
Researchers have discovered several vulnerabilities affecting at least 150 multi-function (print, scan, fax) printers made by Hewlett Packard. [...] |
Vulnerability
|
|
|
|
2021-11-27 10:00:00 |
New Windows 10 zero-day gives admin rights, gets unofficial patch (lien direct) |
Free unofficial patches have been released to protect Windows users from a local privilege escalation (LPE) zero-day vulnerability in the Mobile Device Management Service impacting all Windows 10 versions from v1809 to v21H1. [...] |
Vulnerability
|
|
|
|
2021-11-22 17:40:37 |
New Windows zero-day with public exploit lets you become an admin (lien direct) |
A security researcher has publicly disclosed an exploit for a new Windows zero-day local privilege elevation vulnerability that gives admin privileges in Windows 10, Windows 11, and Windows Server. [...] |
Vulnerability
|
|
|
|
2021-11-22 17:04:40 |
Exploit released for Microsoft Exchange RCE bug, patch now (lien direct) |
Proof-of-concept exploit code has been released online over the weekend for an actively exploited high severity vulnerability impacting Microsoft Exchange servers. [...] |
Vulnerability
|
|
|
|
2021-11-19 09:57:57 |
Six million Sky routers exposed to takeover attacks for 17 months (lien direct) |
Around six million Sky Broadband customer routers in the UK were affected by a critical vulnerability that took over 17 months to roll out a fix to customers. [...] |
Vulnerability
|
|
|
|
2021-11-17 03:33:33 |
Threat actors offer millions for zero-days, developers talk of exploit-as-a-service (lien direct) |
While mostly hidden in private conversations, details sometimes emerge about the parallel economy of vulnerability exploits on underground forums, revealing just how fat of a wallet some threat actors have. [...] |
Vulnerability
Threat
|
|
|
|
2021-11-15 17:27:28 |
New Rowhammer technique bypasses existing DDR4 memory defenses (lien direct) |
Researchers have developed a new fuzzing-based technique called 'Blacksmith' that revives Rowhammer vulnerability attacks against modern DRAM devices that bypasses existing mitigations. [...] |
Vulnerability
|
|
|
|
2021-11-12 07:28:40 |
Zero-day bug in all Windows versions gets free unofficial patch (lien direct) |
A free and unofficial patch is now available for a zero-day local privilege escalation vulnerability in the Windows User Profile Service that lets attackers gain SYSTEM privileges under certain conditions. [...] |
Vulnerability
|
|
|
|
2021-11-10 10:36:47 |
Microsoft patches Excel zero-day used in attacks, asks Mac users to wait (lien direct) |
During this month's Patch Tuesday, Microsoft has patched an Excel zero-day vulnerability exploited in the wild by threat actors. [...] |
Vulnerability
Threat
|
|
|
|
2021-11-09 14:14:25 |
Microsoft urges Exchange admins to patch bug exploited in the wild (lien direct) |
Microsoft warned admins today to immediately patch a high severity Exchange Server vulnerability that may allow authenticated attackers to execute code remotely on vulnerable servers. [...] |
Vulnerability
|
|
|
|
2021-11-09 09:54:21 |
Clop gang exploiting SolarWinds Serv-U flaw in ransomware attacks (lien direct) |
The Clop ransomware gang, also tracked as TA505 and FIN11, is exploiting a SolarWinds Serv-U vulnerability to breach corporate networks and ultimately encrypt its devices. [...] |
Ransomware
Vulnerability
|
|
|
|
2021-10-28 17:34:38 |
All Windows versions impacted by new LPE zero-day vulnerability (lien direct) |
A security researcher has disclosed technical details for a Windows zero-day privilege elevation vulnerability and a public proof-of-concept (PoC) exploit that gives SYSTEM privileges under certain conditions. [...] |
Vulnerability
|
|
|
|
2021-10-28 12:44:27 |
Microsoft: Shrootless bug lets hackers install macOS rootkits (lien direct) |
Attackers could use a new macOS vulnerability discovered by Microsoft to bypass System Integrity Protection (SIP) and perform arbitrary operations, elevate privileges to root, and install rootkits on vulnerable devices. [...] |
Vulnerability
|
|
|
|
2021-10-25 05:20:37 |
CISA urges admins to patch critical Discourse code execution bug (lien direct) |
A critical Discourse remote code execution (RCE) vulnerability tracked as CVE-2021-41163 was fixed via an urgent update by the developer on Friday [...] |
Vulnerability
|
|
|
|
2021-10-21 12:00:00 |
Google launches Android Enterprise bug bounty program (lien direct) |
Google has announced the launch of its first vulnerability rewards program for Android Enterprise with bounties of up to $250,000. [...] |
Vulnerability
|
|
|
|
2021-10-20 08:39:27 |
(Déjà vu) New PurpleFox botnet variant uses WebSockets for C2 communication (lien direct) |
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. [...] |
Vulnerability
|
|
|
|
2021-10-20 08:39:27 |
Newer PurpleFox botnet variants leverage WebSockets for coms (lien direct) |
The PurpleFox botnet has refreshed its arsenal with new vulnerability exploits and dropped payloads, now also leveraging WebSockets for C2 bidirectional communication. [...] |
Vulnerability
|
|
|
|
2021-10-19 05:12:07 |
(Déjà vu) Microsoft issues advisory for Surface Pro 3 TPM bypass vulnerability (lien direct) |
Microsoft has published an advisory regarding a security feature bypass vulnerability impacting Surface Pro 3 tablets which could allow threat actors to introduce malicious devices within enterprise environments. [...] |
Vulnerability
Threat
|
|
|
|
2021-10-19 05:12:07 |
Microsoft fixes Surface Pro 3 TPM bypass with public exploit code (lien direct) |
Microsoft has patched a security feature bypass vulnerability impacting Surface Pro 3 tablets that enables threat actors to introduce malicious devices within enterprise environments. [...] |
Vulnerability
Threat
|
|
|
|
2021-10-13 11:25:15 |
Apple silently fixes iOS zero-day, asks bug reporter to keep quiet (lien direct) |
Apple has silently fixed a gamed zero-day vulnerability with the release of iOS 15.0.2, on Monday, a security flaw that could let attackers gain access to sensitive user information. [...] |
Vulnerability
|
|
|
|
2021-10-12 14:01:37 |
Chinese hackers use Windows zero-day to attack defense, IT firms (lien direct) |
A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a previously unknown remote access trojan (RAT). [...] |
Vulnerability
|
|
|
|
2021-10-11 14:48:18 |
Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks (lien direct) |
Apple has released iOS 15.0.2 and iPadOS 15.0.2 to fix a zero-day vulnerability that is actively exploited in the wild in attacks targeting Phones and iPads. [...] |
Vulnerability
|
|
|
|
2021-10-11 12:47:36 |
LibreOffice, OpenOffice bug allows hackers to spoof signed docs (lien direct) |
LibreOffice and OpenOffice have pushed updates to address a vulnerability that makes it possible for an attacker to manipulate documents to appear as signed by a trusted source. [...] |
Vulnerability
|
|
|
|
2021-10-06 11:29:05 |
Actively exploited Apache 0-day also allows remote code execution (lien direct) |
Proof-of-Concept (PoC) exploits for the Apache web server zero-day surfaced on the internet revealing that the vulnerability is far more critical than originally disclosed. These exploits show that the scope of the vulnerability transcends path traversal, allowing attackers remote code execution (RCE) abilities. [...] |
Vulnerability
|
|
|
|
2021-10-05 09:56:56 |
Apache fixes zero-day vulnerability exploited in the wild, patch now (lien direct) |
The Apache Software Foundation has released version 2.4.50 of the HTTP Web Server to address two vulnerabilities, one of which is an actively exploited path traversal and file disclosure flaw. [...] |
Vulnerability
|
|
|
|
2021-10-01 10:32:26 |
Hackers rob thousands of Coinbase customers using MFA flaw (lien direct) |
Crypto exchange Coinbase disclosed that a threat actor stole cryptocurrency from 6,000 customers after using a vulnerability to bypass the company's SMS multi-factor authentication security feature. [...] |
Vulnerability
Threat
|
|
|