Security Affairs
CISA: Cisco ASA/FTD bug CVE-2020-3259 exploited in ransomware attacks
CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 in attacks in the wild.
DataBreaches
Tokyo 2020 reportedly suffers ticket-related data breach
Michael Pavitt reports: Login identification and passwords of some Tokyo 2020 Olympic and Paralympic Games ticketholders has reportedly been leaked online...
Trend Micro
A Technical Analysis of CVE-2022-22583 and CVE-2022-32800
This blog entry discusses the technical details of how we exploited CVE-2022-22583 using a different method. We also tackle the technical details of CVE-2022-32800, another SIP-bypass that we discovered more recently, in this report.
DataBreaches
Belden issues substitute notice for November, 2020 breach
In November, 2020, networking equipment vendor Belden revealed that they had been the victim of a cyberattack. DataBreaches.net noted it at the time, but did...
The Record
Official: DOJ probing 2020 federal court system breach
A senior Justice Department official on Thursday said the agency is investigating a breach of the federal courts docketing system that occurred in early 2020.
Bleeping Computer
US Census Bureau hacked in January 2020 using Citrix exploit
US Census Bureau servers were breached on January 11, 2020, by hackers who exploited a Citrix ADC zero-day vulnerability as the US Office of Inspector General (OIG) disclosed in a recent report.
DataBreaches
Dental Care Alliance settles lawsuit stemming from 2020 breach
In December 2020, DataBreaches reported on a hacking incident involving Dental Care Alliance, a business associate to hundreds of dental practices. ...
Bleeping Computer
Belden says health benefits data stolen in 2020 cyberattack
Belden has disclosed that additional data was accessed and copied during their November 2020 cyberattack related to employees' healthcare benefits and family members covered under their plan.
Security Affairs
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws
CISA orders federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 vulnerabilities by May 23, 2022. The Cybersecurity and Infrastructure Security Agency (CISA) issued the Emergency Directive 22-03 to order federal agencies to fix VMware CVE-2022-22972 and CVE-2022-22973 flaws or to remove the affected products from their networks by May 23, 2022. The list of impacted […]
Security Affairs
Thousands of Citrix servers still vulnerable to CVE-2022-27510 and CVE-2022-27518
Researchers warn of thousands of Citrix Application Delivery Controller (ADC) and Gateway endpoints are still unpatched. NCC Group’s Fox-IT research team warns of thousands of Citrix ADC and Gateway endpoints remain vulnerable to two critical vulnerabilities, tracked as CVE-2022-27510 and CVE-2022-27518 (CVSS scores: 9.8), that the company addressed in recent months. CVE-2022-27510 flaw is an authentication bypass using an […]
Bleeping Computer
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division.
DataBreaches
Guilford Technical Community College notifies 65,646 affected by ransomware incident in 2020
On September 19, 2020, DataBreaches.net reported that Guilford Technical Community College (GTCC) in North Carolina had reportedly become a ransomware victim...
Bleeping Computer
Microsoft: Evasive Office 365 phishing campaign active since July 2020
Microsoft says that a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020.
SecurityWeek
CISA Announces CVE Enrichment Project 'Vulnrichment'
CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes.
Bleeping Computer
Apple rejected over 215,000 apps in 2020 for privacy violations
Apple says that more than 215,000 iOS apps were blocked by its App Store's App Review team for privacy violations in 2020, while another 150,00 were rejected because they were spamming or misleading iOS users.
Bleeping Computer
FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020
The Federal Bureau of Investigation (FBI) has shared info about a threat actor known as OnePercent Group that has been actively targeting US organizations in ransomware attacks since at least November 2020.
DataBreaches
Attorney General James Announces $600,000 Agreement with EyeMed After 2020 Data Breach
New York Attorney General Letitia James today announced a $600,000 agreement with EyeMed that resolves a 2020 data breach that compromised the personal...
Bleeping Computer
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics
The Federal Bureau of Investigation (FBI) warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered.
DataBreaches
Ambry Genetics Settles Class Action Lawsuit Over 2020 Data Breach for $12.3M
Genome Web reports: NEW YORK – Ambry Genetics has settled a class action lawsuit over a breach of personal customer data that occurred in 2020. According to...
The Hacker News
Trickbot Malware Targeted Customers of 60 High-Profile Companies Since 2020
Trickbot malware has been targeting customers of 60 high-profile companies since 2020, including cryptocurrency and technology companies.
Trend Micro
1H 2020 Cyber Security Defined by Covid-19 Pandemic -
When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for...
Latest Hacking News
Twitter Hacker Sentenced: A look into the 2020 Twitter Crypto Scam
Twitter hacker sentenced in a landmark ruling, the mastermind behind the infamous 2020 Twitter Crypto Scam. This case has sent shockwaves through the cybersecurity and social media worlds, highlighting the vulnerabilities even within major tech
DataBreaches
PDPC penalizes Eatigo over data protection failures leading to 2020 breach
On October 31, 2020, Eatigo reported a data breach of customer data and that the data had been put up for sale on a popular forum. The Personal Data Protection...
Security Affairs
+1,400 CrushFTP servers vulnerable to CVE-2024-4040
Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability.
DataBreaches
The Puerto Rican Organization to Motivate, Enlighten, and Serve Addicts (PROMESA) discloses 2020 data breach
Is there anyone who thinks this timeline/delay to notification is just fine? On July 17, 2020, Acacia determined that an unauthorized person gained access to...
Security Affairs
SideWinder carried out over 1,000 attacks since April 2020
SideWinder, an aggressive APT group, is believed to have carried out over 1,000 attacks since April 2020, Kaspersky reported. Researchers from Kaspersky have analyzed the activity of an aggressive threat actor tracked as SideWinder (aka RattleSnake and T-APT-04). The group stands out for the high frequency and persistence of its attacks, researchers believe that the […]
The Hacker News
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
23-year-old mastermind behind the Twitter 2020 hack, which compromised 130 high-profile accounts (including those of Bill Gates and Elon Musk).
Security Affairs
Google fixed critical Chrome vulnerability CVE-2024-4058
Google addressed a critical Chrome vulnerability, tracked as CVE-2024-4058, that resides in the ANGLE graphics layer engine.
Trend Micro
Cerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518
We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.
Security Affairs
Experts created a PoC for Apache OFBiz flaw CVE-2023-51467
Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz.
Security Affairs
Critical Magento zero-day flaw CVE-2022-24086 actively exploited
Adobe addressed a critical vulnerability (CVE-2022-24086) impacting Magento Open Source products that is being actively exploited in the wild. Adobe rolled out security updates to address a critical security vulnerability, tracked as CVE-2022-24086, affecting its Commerce and Magento Open Source products that is being actively exploited in the wild. “Adobe is aware that CVE-2022-24086 has […]
Trend Micro
SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes
This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.
Bleeping Computer
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Google has assigned a new CVE ID (CVE-2023-5129) to a libwebp security vulnerability exploited as a zero-day in attacks and patched two weeks ago.
Security Affairs
Securing Easy Appointments and earning CVE-2022-0482
Easy Appointments contained a very dangerous Broken Access Control vulnerability tracked as CVE-2022-0482 that was exposing PII. Another day, another threat to your data. The recently discovered CVE-2022-0482 is a Broken Access Control vulnerability affecting Easy Appointments, a popular open-source web app written in PHP, used by thousands of sites to manage their online bookings. […]
SecurityWeek
Over 50 New CVE Numbering Authorities Announced in 2022
More than 50 organizations have been added as a CVE Numbering Authority (CNA) in 2022, bringing the total to 260.
The Hacker News
Critical Exchange Server Flaw (CVE-2024-21410) Under Active Exploitation
A newly discovered privilege escalation vulnerability (CVE-2024-21410) in Microsoft Exchange Server is being actively exploited.
HACKRead
CISA Urges Patching Microsoft SharePoint Vulnerability (CVE-2023-24955)
CISA is urging all US federal civilian agencies to patch a critical vulnerability (CVE-2023-24955) in Microsoft SharePoint Server by April 16, 2024.
Security Affairs
Multiple PoC exploits released for Jenkins flaw CVE-2024-23897
Multiple proof-of-concept (PoC) exploits for recently disclosed critical Jenkins vulnerability CVE-2024-23897 have been released.
Security Affairs
Microsoft revised CVE-2022-37958 severity due to its broader scope
Microsoft revised the severity rate for the CVE-2022-37958 flaw which was addressed with Patch Tuesday security updates for September 2022. Microsoft revised the severity rate for the CVE-2022-37958 vulnerability, the IT giant now rated it as “critical” because it discovered that threat actors can exploit the bug to achieve remote code execution. The CVE-2022-37958 was […]
The Record
Law firm must hand over names of some clients affected by 2020 cyberattack, judge says
A multinational law firm must give the Securities and Exchange Commission the names of seven clients affected by a 2020 cyberattack attributed to a China-linked cyber-espionage group, a federal judge ruled Monday.
Cyber Security News
CISA Announced Vulnrichment : Project to Enrich CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new initiative called "Vulnrichment" aimed at enriching Common Vulnerabilities and Exposures (CVE) records with additional metadata to help organizations better prioritize vulnerability remediation efforts.
Security Affairs
CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
Lexmark released a security firmware update to fix a remote code execution flaw, tracked as CVE-2023-23560, that impacts more than 100 printer models. Lexmark has released a security firmware update to address a remote code execution vulnerability, tracked as CVE-2023-23560, that impacts more than 100 printer models. The CVE-2023-23560 flaw is a server-side request forgery […]
Trend Micro
Jenkins Args4j CVE-2024-23897 Files Exposed Code at Risk
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.
Security Affairs
Hackers are actively exploiting CVE-2022-47966 flaw in Zoho ManageEngine
Experts warn of threat actors actively exploiting the critical CVE-2022-47966 (CVSS score: 9.8) flaw in Zoho ManageEngine. Multiple threat actors are actively exploiting the Zoho ManageEngine CVE-2022-47966 (CVSS score: 9.8) in attacks in the wild, Bitdefender Labs reported. “Starting on January 20 2023, Bitdefender Labs started to notice a global increase in attacks using the ManageEngine exploit CVE-2022-47966.” reads the […]
Security Affairs
Researchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035
Proof-of-concept exploit code for critical Ivanti Sentry authentication bypass flaw CVE-2023-38035 has been released. Researchers released a proof-of-concept (PoC) exploit code for critical Ivanti Sentry authentication bypass vulnerability CVE-2023-38035 (CVSS score 9.8). This week the software company Ivanti released urgent security patches to address the critical-severity vulnerability CVE-2023-38035 impacting the Ivanti Sentry (formerly MobileIron Sentry) product. […]
Bleeping Computer
Hackers exploiting critical VMware vCenter CVE-2021-22005 bug
Exploit code that could be used for remote code execution on VMware vCenter Server vulnerable to CVE-2021-22005 has been released today and attackers are already using it.
The Cyber Express
Imperva WAF Flaw (CVE-2023-50969) Exposes Organizations to Breaches
A critical security flaw, identified as CVE-2023-50969, has recently been discovered in Imperva SecureSphere, a popular on-premise Web Application Firewall
SecurityWeek
CVE and NVD - A Weak and Fractured Source of Vulnerability Truth
The CVE List and the National Vulnerability Database (NVD) can no longer be considered a single central source of vulnerability truth.
Security Affairs
Experts released PoC exploit code for critical VMware CVE-2022-22972 flaw
Security researchers released PoC exploit code for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. Horizon3 security researchers have released a proof-of-concept (PoC) exploit and technical analysis for the critical authentication bypass vulnerability CVE-2022-22972 affecting multiple VMware products. The virtualization giant recently warned that a threat actor can exploit the CVE-2022-22972 flaw (CVSSv3 base score of 9.8) […]
Security Affairs
Microsoft shares guidance for investigating attacks exploiting CVE-2023-23397
Microsoft is warning of cyber attacks exploiting a recently patched Outlook vulnerability tracked as CVE-2023-23397 (CVSS score: 9.8). Microsoft published guidance for investigating attacks exploiting recently patched Outlook vulnerability tracked as CVE-2023-23397. The flaw is a Microsoft Outlook spoofing vulnerability that can lead to an authentication bypass. A remote, unauthenticated attacker can exploit the flaw to […]
Security Affairs
US CISA warns of actively exploited Ivanti EPMM flaw CVE-2023-35082
The U.S. CISA added Ivanti EPMM vulnerability CVE-2023-35082 to its Known Exploited Vulnerabilities catalog.
Security Affairs
Apple fixes recently disclosed CVE-2023-23529 zero-day on older devices
Apple released updates to backport security patches that address actively exploited CVE-2023-23529 WebKit zero-day for older iPhones and iPads. Apple released security updates to backport patches that address an actively exploited zero-day flaw (CVE-2023-23529) for older iPhones and iPads. The CVE-2023-23529 flaw is a type confusion issue in WebKit that was addressed by the IT giant with […]
DataBreaches
When I emailed Overlake OB/GYN in July about a ransomware attack in 2020, I didn’t anticipate what would happen next.
In December, 2019, Overlake Medical Center & Clinics discovered that some employees had fallen for a phishing scheme. On February 7, 2020, they reported...
The Hacker News
New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation
Google has released emergency fixes for a new zero-day vulnerability (CVE-2024-4761) that has been actively exploited in the wild.
Security Affairs
CVE-2022-0778 DoS flaw in OpenSSL was fixed
OpenSSL addressed a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, related to certificate parsing. OpenSSL released updates to address a high-severity denial-of-service (DoS) vulnerability, tracked as CVE-2022-0778, that affects the BN_mod_sqrt() function used when certificate parsing. The flaw was discovered by the popular Google Project Zero researchers Tavis Ormandy. An attacker can trigger the vulnerability by crafting […]
The Hacker News
Alert: 330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE Flaw
Over 330,000 FortiGate firewalls are still vulnerable to the critical CVE-2023-27997 RCE exploit.
Cyber Security News
Linux Kernel Vulnerability (CVE-2024-26925) Let Hackers Access Unauthorized Data
In a significant update from the Linux kernel's security team, a critical vulnerability identified as CVE-2024-26925 has been addressed.
Security Affairs
Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers
Cisco fixed a high-severity DoS vulnerability (CVE-2023-20049) in IOS XR software that impacts several enterprise routers. Cisco has released security updates to address a high-severity DoS vulnerability, tracked as CVE-2023-20049 (CVSS score of 8.6), in IOS XR software used by several enterprise-grade routers. The vulnerability resides in the bidirectional forwarding detection (BFD) hardware offload feature […]
Bleeping Computer
Citrix warns admins to patch NetScaler CVE-2023-4966 bug immediately
Citrix warned admins today to secure all NetScaler ADC and Gateway appliances immediately against ongoing attacks exploiting the CVE-2023-4966 vulnerability.
Security Affairs
Critical RCE flaw CVE-2023-20887 in VMware vRealize exploited in the wild
VMware is warning customers that critical remote code execution vulnerability CVE-2023-20887 is being actively exploited in attacks. VMware is warning customers that a critical remote code execution vulnerability in Aria Operations for Networks (Formerly vRealize Network Insight), tracked as CVE-2023-20887, is being actively exploited in the wild. “VMware has confirmed that exploitation of CVE-2023-20887 has […]
Trend Micro
Analyzing an Old Bug and Discovering CVE-2021-30995
A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995.
Bleeping Computer
Working exploit released for VMware vCenter CVE-2021-22005 bug
A complete exploit for the remote code execution vulnerability in VMware vCenter tracked as CVE-2021-22005 is now widely available, and threat actors are taking advantage of it.
Security Affairs
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug
Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
Security Affairs
Microsoft Exchange flaw CVE-2024-21410 could impact up to 97,000 servers
Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410.
Security Affairs
Experts released VMware vRealize Log RCE exploit for CVE-2022-31706
Horizon3 security researchers released proof-of-concept (PoC) code for VMware vRealize Log Insight RCE vulnerability CVE-2022-31706. Last week, researchers from Horizon3’s Attack Team announced the release of PoC exploit code for remote code execution in VMware vRealize Log tracked as CVE-2022-31706 (CVSS base 9.8/10). The PoC exploit code will trigger a series of flaws in VMware […]
HACKRead
Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)
A vulnerability, CVE-2024-3094, was discovered in XZ Utils package. This vulnerability threatens Linux systems with backdoor attacks.
Security Affairs
Sophos backports fix for CVE-2022-3236 for EOL firewall firmware
Sophos backports the patch for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the issue.
Trend Micro
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit
In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal.
Trend Micro
Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners
Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by malicious actors to deploy cryptocurrency miners.
Security Affairs
CVE-2022-22292 flaw could allow hacking of Samsung Android devices
Experts discovered a vulnerability, tracked as CVE-2022-22292, which can be exploited to compromise Android 9, 10, 11, and 12 devices. Researchers from mobile cybersecurity firm Kryptowire discovered a vulnerability, tracked as CVE-2022-22292, in Android 9, 10, 11, and 12 devices. The vulnerability resides in the pre-installed Phone app that executes with system privileges on Samsung […]
Security Affairs
PoC exploits for Atlassian CVE-2022-26134 RCE flaw released online
Proof-of-concept exploits for the critical CVE-2022-26134 vulnerability in Atlassian Confluence and Data Center servers are available online. Proof-of-concept exploits for the critical CVE-2022-26134 flaw, affecting Atlassian Confluence and Data Center servers, have been released. Bleeping Computer reported that starting from Friday afternoon, a proof-of-concept exploit for this issue was publicly shared. Researchers from cybersecurity firm […]
Security Affairs
Critical Fortinet FortiOS bug CVE-2024-21762 potentially impact 150,000 internet-facing devices
Researchers warn that the critical vulnerability CVE-2024-21762 in Fortinet FortiOS could potentially impact 150,000 exposed devices.
Security Affairs
CISA added Zoho ManageEngine RCE (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog
US CISA added the Zoho ManageEngine RCE vulnerability CVE-2022-47966 to its Known Exploited Vulnerabilities Catalog. The US CISA added the Zoho ManageEngine remote code execution flaw (CVE-2022-47966) to its Known Exploited Vulnerabilities Catalog. The CVE-2022-47966 flaw is an unauthenticated remote code execution vulnerability that impacts multiple Zoho products with SAML SSO enabled in the ManageEngine setup. The […]
Security Affairs
CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager
Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8). Snap is a software packaging and deployment system developed by Canonical for operating systems that use the Linux […]
Security Affairs
335,923 out of 489,337 Fortinet firewalls vulnerable to CVE-2023-27997
Researchers reported that there are 490,000 Fortinet firewalls exposing SSL VPN interfaces on the internet, and roughly 69% of them are still vulnerable to CVE-2023-27997. In Mid-June Fortinet addressed a critical flaw, tracked as CVE-2023-27997 (CVSS score: 9.2), in FortiOS and FortiProxy that is likely exploited in a limited number of attacks. “A heap-based buffer overflow vulnerability […]
Security Affairs
FBI: Patches for Barracuda ESG Zero-Day CVE-2023-2868 are ineffective
The FBI warned that patches for a critical Barracuda ESG flaw CVE-2023-2868 are “ineffective” and patched appliances are still being hacked. The Federal Bureau of Investigation warned that security patches for critical vulnerability CVE-2023-2868 in Barracuda Email Security Gateway (ESG) are “ineffective.” According to the feds, threat actors are still hacking the patched appliances in […]
Security Affairs
US CISA adds MS Exchange bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog
US CISA added Microsoft Exchange elevation of privileges bug CVE-2022-41080 to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog. The first issue, tracked as CVE-2022-41080, is a Microsoft Exchange server privilege escalation vulnerability. The issue can be chained with CVE-2022-41082 (ProxyNotShell) to […]
Trend Micro
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.
Security Affairs
CVE-2022-0492 flaw in Linux Kernel cgroups feature allows container escape
A Linux kernel flaw, tracked as CVE-2022-0492, can allow an attacker to escape a container to execute arbitrary commands on the container host. A now-patched high-severity Linux kernel vulnerability, tracked as CVE-2022-0492 (CVSS score: 7.0), can be exploited by an attacker to escape a container to execute arbitrary commands on the container host. The issue is […]
Security Affairs
Surge in Magento 2 template attacks exploiting the CVE-2022-24086 flaw
Sansec researchers warn of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Sansec researchers are warning of a hacking campaign targeting the CVE-2022-24086 Magento 2 vulnerability. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide. In February, Adobe […]
Security Affairs
Barracuda ESG appliances impacted by CVE-2023-2868 must be immediately replaced
Barracuda warns customers to immediately replace Email Security Gateway (ESG) appliances impacted by the flaw CVE-2023-2868. At the end of May, the network security solutions provider Barracuda warned customers that some of its Email Security Gateway (ESG) appliances were recently breached by threat actors exploiting a now-patched zero-day vulnerability. The vulnerability, tracked as CVE-2023-2868, resides in the […]
Security Affairs
Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor
Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor
Security Affairs
VMware fixes a command injection flaw CVE-2023-20887 in VMware Aria Operations for Networks
Virtualization giant VMware addressed critical and high-severity vulnerabilities in VMware Aria Operations for Networks. Virtualization technology giant VMware released security patches to address three critical and high-severity vulnerabilities, tracked as CVE-2023-20887, CVE-2023-20888, CVE-2023-20889, in VMware Aria Operations for Networks. VMware Aria Operations for Networks (formerly vRealize Network Insight) is a network monitoring tool that helps organizations build […]
Trend Micro
Patch CVE-2023-23397 Immediately: What You Need To Know and Do
We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System (CVSS) scale.
Bleeping Computer
New CVE-2023-3519 scanner detects hacked Citrix ADC, Gateway devices
Mandiant has released a scanner to check if a Citrix NetScaler Application Delivery Controller (ADC) or NetScaler Gateway Appliance was compromised in widespread attacks exploiting the CVE-2023-3519 vulnerability.
Security Affairs
Experts warn attackers started exploiting Citrix ShareFile RCE flaw CVE-2023-24489
Researchers warn that threat actors started exploiting Citrix ShareFile RCE vulnerability CVE-2023-24489 in the wild. Citrix ShareFile is a widely used cloud-based file-sharing application, which is affected by the critical remote code execution (RCE) tracked as CVE-2023-24489 (CVSS score of 9.1). The flaw impacts the customer-managed ShareFile storage zones controller, an unauthenticated, remote attacker can […]
HACKRead
Palo Alto Patches 0-Day (CVE-2024-3400) Exploited by Python Backdoor
Palo Alto Networks has released patches for a 0-day vulnerability (CVE-2024-3400) that threatened to leave firewalls exposed to cyberattacks.
Trend Micro
CVE-2019-8561 A Hard-to-Banish PackageKit Framework Vulnerability in macOS
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files).
Trend Micro
Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining.
Trend Micro
MacOS SUHelper Root Privilege Escalation Vulnerability A Deep Dive Into CVE-2022-22639
We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation.
Security Affairs
Researchers created a PoC exploit for recently disclosed critical Magento CVE-2022-24086 bug
Researchers developed an exploit code for CVE-2022-24086 vulnerability affecting Adobe Commerce and Magento Open Source. Positive Technologies researchers have created a working PoC exploit for the recently patched CVE-2022-24086 vulnerability affecting its Commerce and Magento Open Source products. An attacker could use the exploit to achieve remote code execution from an unauthenticated user. This week, Adobe rolled […]
Bleeping Computer
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Joseph James O'Connor, aka 'PlugwalkJoke,' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and hijacking high-profile accounts on Twitter and TikTok.
Security Affairs
Apple backported patches for CVE-2022-42856 zero-day on older iPhones, iPads
Apple has backported the security updates for the zero-day vulnerability CVE-2022-42856 to older iPhones and iPads. On December 2022, Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The IT giant released security bulletins for iOS/iPadOS 15.7.2, Safari 16.2, tvOS 16.2, and macOS Ventura 13.1. Apple addressed […]
Security Affairs
Threat actors are actively exploiting CVE-2022-1388 RCE in F5 BIG-IP
Threat actors are exploiting critical F5 BIG-IP flaw CVE-2022-1388 to deliver malicious code, cybersecurity researchers warn. Threat actors started massively exploiting the critical remote code execution vulnerability, tracked as CVE-2022-1388, affecting F5 BIG-IP. Last week security and application delivery solutions provider F5 released its security notification to inform customers that it has released security updates from tens of vulnerabilities in its […]
DataBreaches
MOVEit hackers leverage new zero-day bug to breach organizations (CVE-2023-47246)
Helga Labus reports: A critical zero-day vulnerability (CVE-2023-47246) in the SysAid IT support and management software solution is being exploited by Lace...
Security Affairs
VMware warns customers of exploit available for critical vRealize RCE flaw CVE-2023-20864
VMware warns customers of the public availability of an exploit code for the RCE vulnerability CVE-2023-20864 affecting vRealize. VMware warned customers of the availability of an exploit code for the critical RCE vulnerability CVE-2023-20864 in the VMware Aria Operations for Logs analysis tool (formerly vRealize Log Insight). VMware Aria Operations for Networks (formerly vRealize Network Insight) is […]
Security Affairs
CVE-2022-40684 flaw in Fortinet products is being exploited in the wild
Fortinet has confirmed that the recently disclosed critical authentication bypass issue (CVE-2022-40684) is being exploited in the wild. Last week, Fortinet addressed a critical authentication bypass flaw, tracked as CVE-2022-40684, that impacted FortiGate firewalls and FortiProxy web proxies. An attacker can exploit the vulnerability to log into vulnerable devices. “An authentication bypass using an alternate […]
Security Affairs
Hackers already installed web shells on 581 Citrix servers in CVE-2023-3519 attacks
Researchers warn that hundreds of Citrix servers have been hacked in an ongoing campaign exploiting the RCE CVE-2023-3519. Security researchers from the non-profit organization Shadowserver Foundation reported that hundreds of Citrix Netscaler ADC and Gateway servers have already been compromised as part of an ongoing campaign exploiting the critical remote code execution (RCE) vulnerability CVE-2023-3519. […]
Bleeping Computer
US govt shares top flaws exploited by Chinese hackers since 2020
NSA, CISA, and the FBI revealed today the top security vulnerabilities most exploited by hackers backed by the People's Republic of China (PRC) to target U.S. government and critical infrastructure networks.
Security Affairs
Experts disclose technical details of now-patched CVE-2022-37969 Windows Zero-Day
Researchers disclosed details of a now-patched flaw, tracked as CVE-2022-37969, in Windows Common Log File System (CLFS). The CVE-2022-37969 (CVSS score: 7.8) flaw is a Windows Common Log File System Driver Elevation of Privilege Vulnerability. The Common Log File System (CLFS) is a general-purpose logging subsystem that can be used by applications running in both kernel mode […]
Loading more articles....