DarkReading
GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft
Thankfully, GE ultrasounds aren't Internet-facing. Exploiting most of the bugs to cause serious damage to patients would require physical device access.
The Hacker News
Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines
Nearly a dozen security flaws have been discovered in the GE HealthCare Vivid Ultrasound product family.
Latest Hacking News
Vulnerabilities In Cinterion Cellular Modems Threatened IoT And Industrial Devices
Researchers caught numerous security vulnerabilities riddling Cinterion cellular modems, exploiting which would threaten millions of devices. Since no active patches currently exist for the flaws, the researchers recommend applying the suggested mitigations to prevent potential
SecurityWeek
Intel Publishes 41 Security Advisories for Over 90 Vulnerabilities
Intel has published 41 new May 2024 Patch Tuesday advisories covering a total of more than 90 vulnerabilities.
The Hacker News
(Cyber) Risk = Probability of Occurrence x Damage
CVSS v4.0 evaluates vulnerabilities using a revised scoring system, emphasizing environmental and threat metrics.
The Cyber Express
Microsoft Addresses Zero-Day Vulnerability Exploited by QakBot Malware
Microsoft patched a zero-day vulnerability exploited by attackers to distribute QakBot and other malware payloads on susceptible Windows systems. Identified
The Hacker News
Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days
Microsoft has patched 61 new security flaws, including two zero-days actively exploited in the wild.
SC Magazine
Microsoft fixes exploited Qakbot-delivering 0-day in May Patch Tuesday
In this month’s release, Redmond patched 60 CVEs including two other zero-days and a SharePoint Server remote code execution vulnerability rated critical.
DarkReading
Microsoft Windows DWM Zero-Day Poised for Mass Exploit
CVE-2024-30051 is the most concerning out of this month's Patch Tuesday offerings, and is already under active exploit by several QakBot actors.
SecurityWeek
Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities
Microsoft patched 60 security bugs in multiple products and waned of an actively exploited Windows zero-day (CVE-2024-30051)
Security Affairs
VMware fixed zero-day flaws demonstrated at Pwn2Own2024
VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024
Infosecurity News
NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stopped
Several software security experts have told Infosecurity that no new vulnerabilities have been added to the US NVD since May 9
The Hacker News
VMware Patches Severe Security Flaws in Workstation and Fusion Products
Researchers have uncovered a critical vulnerability in VMware's Bluetooth device, allowing code execution by malicious actors.
SecurityWeek
SAP Patches Critical Vulnerabilities in CX Commerce, NetWeaver
SAP has released 14 new and three updated security notes on its May 2024 Security Patch Day, including for critical vulnerabilities.
The Hacker News
Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code
12 security flaws addressed, including two critical issues leading to remote code execution. Update to version 1.2.27 now to stay protected
HACKRead
Cinterion Modem Vulnerabilities Leave IoT and Industrial Networks Exposed
Kaspersky researchers have identified multiple security vulnerabilities in Cinterion cellular modems, which could be exploited by threat actors.
SecurityWeek
Cinterion Modem Flaws Pose Risk to Millions of Devices in Industrial, Other Sectors
A critical vulnerability in the Cinterion cellular modems can be exploited for remote code execution via SMS messages.
CyberSecurity Dive
Black Basta ransomware is toying with critical infrastructure providers, authorities say
The threat group has impacted more than 500 targets worldwide and the vast majority of critical infrastructure sectors. Numerous attacks have exploited vulnerabilities in ConnectWise ScreenConnect.
The Hacker News
Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries
Kaspersky researchers have uncovered multiple security flaws in Cinterion cellular modems that could put your communication networks and IoT devices a
.png)
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Staying informed is the key in this dynamic battle of cybersecurity, and due to this, the weekly news recap provides you with the newest trends, weaknesses, infringements found, and some possible defense mechanisms.
DarkReading
Is CISA's Secure by Design Pledge Toothless?
CISA's agreement is voluntary and, frankly, basic. Signatories say that's a good thing.
The Hacker News
Chrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
Google has just released an update to patch a new zero-day flaw, CVE-2024-4671, which hackers are actively exploiting in the wild.
DarkReading
2 (or 5) Bugs in F5 Asset Manager Allow Full Takeover, Hidden Accounts
F5 customers should patch immediately, though even that won't protect them from every problem with their networked devices.
The Hacker News
New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation
Researchers have uncovered a vulnerability (CVE-2024-3661) that allows threat actors to snoop on your VPN traffic.
Security Affairs
Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs
Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet.
Cyber Security News
CISA Announced Vulnrichment : Project to Enrich CVE Records
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has announced a new initiative called "Vulnrichment" aimed at enriching Common Vulnerabilities and Exposures (CVE) records with additional metadata to help organizations better prioritize vulnerability remediation efforts.
SecurityWeek
CISA Announces CVE Enrichment Project 'Vulnrichment'
CISA’s Vulnrichment project is adding important information to CVE records to help improve vulnerability management processes.
Cyber Security News
Golang Vulnerability Alert: Remote Code Execution & Infinite Loop DNS Lookup
The Go team has released patches for two significant vulnerabilities that could allow attackers to execute arbitrary code and cause service disruptions through infinite loops.
Cyber Security News
Citrix Releases Security Update For Critical PuTTY Vulnerability In Hypervisor
Citrix has released a security bulletin detailing a critical vulnerability (CVE-2024-31497) affecting certain versions of their Citrix
The Hacker News
Critical F5 Central Manager Vulnerabilities Allow Enable Full Device Takeover
Two critical vulnerabilities have been discovered in F5 Next Central Manager that could grant attackers full admin control.
CSO
F5 patches BIG-IP Next Central Manager flaws that could lead to device takeover
Two high-risk vulnerabilities could be exploited to allow attackers to gain full administrative control on devices via leaked password hashes.
Infosecurity News
#RSAC: CISA Launches Vulnrichment Program to Address NVD Challenges
CISA launched a new software vulnerability enrichment program to fill the gap left by NIST’s National Vulnerability Database backlog
DarkReading
Critical Bug Could Open 50K+ Tinyproxy Servers to DoS, RCE
Patch now: CVE-2023-49606 in the open source, small-footprint proxy server can potentially lead to remote code execution.
Security Affairs
LiteSpeed Cache WordPress plugin actively exploited in the wild
Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites
Security Affairs
Most Tinyproxy Instances are potentially vulnerable to flaw CVE-2023-49606
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts.
The Hacker News
Hackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress Sites
A critical flaw in the hugely popular LiteSpeed Cache plugin for WordPress is being exploited in the wild to create rogue admin accounts, granting att
Latest Hacking News
Code Execution Vulnerability Found In R Language
Researchers caught a serious security vulnerability in the R programming language that could allow arbitrary code execution. Given the extensive application of this language, particularly for AI/ML projects, the vulnerability could have a huge impact
Bleeping Computer
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw
Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw.
CSO
Citrix quietly fixes a new critical vulnerability similar to Citrix Bleed
Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers.
The Hacker News
Critical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code Execution
Critical unpatched flaw (CVE-2023-49606) in Tinyproxy could lead to remote code execution. Over 50% of 90K+ exposed hosts are vulnerable.
Cyber Security News
NVIDIA ChatRTX for Windows Vulnerability Lets Attackers Escalate Privileges
NVIDIA, a leading technology company, has recently released a security update regarding its Windows ChatRTX application.
The Hacker News
Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Czechia and Germany reveal they were targets of a massive cyber espionage campaign by Russia-linked APT28 hacker group.
HACKRead
New Goldoon Botnet Targeting D-Link Devices by Exploiting Weak Credentials
A new botnet called Goldoon targets D-Link routers and NAS devices putting them at risk of DDoS attacks and more. Learn how weak credentials leave you vulnerable and how to secure your network. pen_spark
DarkReading
Critical GitLab Bug Under Exploit Enables Account Takeover, CISA Warns
Patch now: Cyberattackers are exploiting CVE-2023-7028 (CVSS 10) to take over and lock users out of GitLab accounts, steal source code, and more.
Cyber Security News
ShadowSyndicate Hackers Exploit Aiohttp Vulnerability To Steal Sensitive Data
A directory traversal vulnerability (CVE-2024-23334) was identified in aiohttp versions before 3.9.2, allowing remote attackers to
SecurityWeek
Horizon3.ai Introduces AI-Assisted Service to Prioritize and Patch Vulnerabilities Faster
Horizon3.ai's AISaaS-based, AI-assisted penetration service allows proactive defensive action against exploitation of new vulnerabilities.
The Hacker News
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks
Aruba Networking has released critical security patches for ArubaOS. Four flaws could allow remote code execution, giving attackers full control.
SecurityWeek
1,400 GitLab Servers Impacted by Exploited Vulnerability
CISA says a critical GitLab password reset flaw is being exploited in attacks and roughly 1,400 servers have not been patched.
Security Affairs
CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog
CISA adds GitLab Community and Enterprise Editions improper access control vulnerability to its Known Exploited Vulnerabilities catalog.
The Hacker News
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw
A new botnet called Goldoon is targeting D-Link routers with a critical vulnerability from 2015 (CVE-2015-2051).
The Hacker News
CISA Warns of Active Exploitation of Severe GitLab Password Reset Vulnerability
A critical flaw (CVE-2023-7028) is being actively exploited, allowing account takeover by sending password reset emails to unverified addresses.
SC Magazine
Critical GitLab account takeover flaw added to CISA’s KEV Catalog
More than 2,100 servers may still be vulnerable to GitLab password reset exploits.
Bleeping Computer
HPE Aruba Networking fixes four critical RCE flaws in ArubaOS
HPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system.
Security Affairs
A flaw in the R programming language could allow code execution
A flaw in the R programming language enables the execution of arbitrary code when parsing specially crafted RDS and RDX files.
Bleeping Computer
R language flaw allows code execution via RDS/RDX files
A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files.
SecurityWeek
Critical Vulnerabilities in Judge0 Lead to Sandbox Escape, Host Takeover
Three vulnerabilities in the Judge0 open source service could allow attackers to escape the sandbox and obtain root privileges on the host.
Cyber Security News
Investigating Two TeamCity Authentication Bypass Vulnerabilities
Reviewing the “getJspFromRequest” method details we can see that it pulls the HTTP parameter “jsp” from the web request.
SecurityWeek
Vulnerability in R Programming Language Could Fuel Supply Chain Attacks
A vulnerability (CVE-2024-27322) in the R programming language implementation can be exploited to execute arbitrary and be used as part of a supply chain attack.
DarkReading
R Programming Bug Exposes Orgs to Vast Supply Chain Risk
The CVE-2024-27322 security vulnerability in R's deserialization process gives attackers a way to execute arbitrary code in target environments via specially crafted files.
CSO
Most attacks affecting SMBs target five older vulnerabilities
Attackers target flaws for a reason: Even years after they are discovered, they still work.
Security Magazine
Experts weigh in on the MITRE nation-state cyberattack
MITRE Corporation announced that it was the target of a nation-state cyberattack, and security leaders are sharing their insights.
CyberSecurity Dive
Cactus ransomware targets a handful of Qlik Sense CVEs
Security researchers warn the threat group is ramping up exploitation of previously disclosed flaws in the cloud platform.
The Hacker News
Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover
Multiple vulnerabilities have been discovered in the popular Judge0 online code execution system, putting users at risk of complete system compromise.
Security Affairs
Multiple Brocade SANnav SAN Management SW flaws allow device compromise
Multiple flaws in Brocade SANnav storage area network (SAN) management application can allow to compromise impacted appliances.
SC Magazine
Ten years of Heartbleed: Lessons learned
A look back at the Heartbleed bug and measuring its’ legacy, impact and how some view one of cybersecurity’s biggest headaches as an important learning moment.
Cyber Security News
Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories)
Welcome to this week's edition of the Cyber Security News Weekly Round-Up. This issue covers the latest vulnerabilities, cyber attacks, and emerging threats that have been making headlines. Stay informed and stay secure!
The Cyber Express
Hackers Exploit WP-Automatic Plugin Vulnerability, Threatening WordPress Site Security
Hackers have honed in on a critical WP-Automatic plugin vulnerability, aiming to infiltrate WordPress websites by creating unauthorized admin accounts, according
The Hacker News
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Cybersecurity researchers have uncovered a targeted cyber attack against Ukraine that leveraged a 7-year-old Microsoft Office flaw to deploy Cobalt St
DarkReading
Palo Alto Updates Remediation for Max-Critical Firewall Bug
Though PAN originally described the attacks exploiting the vulnerability as being limited, they are increasingly growing in volume, and exploits have been disclosed by outside parties.
The Hacker News
Severe Flaws Disclosed in Brocade SANnav SAN Management Software
Multiple critical vulnerabilities discovered in Brocade SANnav SAN management application, impacting all versions up to 2.3.0.
SecurityWeek
Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day
More than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published.
Security Affairs
Experts warn of malware campaign targeting WP-Automatic plugin
A critical vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites
The Cyber Express
CISA Warns of High-Risk Flaws in Honeywell Products
CISA (Cybersecurity & Infrastructure Security Agency) has shared an ICS (Industrial Control Systems) advisory regarding several vulnerabilities present in Honeywell
The Hacker News
Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack
A critical vulnerability (CVE-2024-3400) in PAN-OS could expose your systems to remote code execution attacks.
SecurityWeek
Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors
A vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites.
Cyber Security News
Hackers Actively Exploiting WP Automatic Updates Plugin Vulnerability
WordPress plugins are often targeted by hackers as they have security loopholes that can be exploited by them to hack into sites without
The Hacker News
Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites
A critical vulnerability (CVE-2024-27956) in the WP-Automatic plugin is being actively exploited. This flaw could allow attackers to take complete con
The Hacker News
North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures
North Korean hackers used fake job offers to deliver a new Trojan called Kaolin RAT. It can change file timestamps and load malware.
Cyber Security News
GitLab High-severity Flaw Let Attackers Takeover Account - Update Now
GitLab released security patches 16.11.1, 16.10.4, and 16.9.6 for both Community and Enterprise Editions, and upgrading to these versions is
CyberSecurity Dive
Cisco devices again targeted by state-linked threat campaign
The campaign, dubbed ArcaneDoor, dates back to late 2023 and is targeting perimeter network devices from Cisco — and potentially other companies.
The Hacker News
State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage
A new stealthy malware campaign leveraging two zero-day flaws in Cisco networking gear has been uncovered, allowing covert data collection and reconna
Cyber Security News
IBM QRadar XSS Flaw Let Attackers Arbitrary JavaScript Code
A significant vulnerability was detected in IBM QRadar Suite Software and Cloud Pak for Security that allows attackers to execute arbitrary
.webp)
Cyber Security News
WordPress Plugin Flaw Exposes 10k+ Websites to Cyber Attacks
A critical vulnerability in the WP Datepicker WordPress plugin was identified, affecting more than 10,000 active installations.
Latest Hacking News
Multiple Vulnerabilities Found In Forminator WordPress Plugin
WordPress admins using the Forminator plugin on their websites must rush to update their sites with the latest plugin release. That’s because numerous vulnerabilities existed in the Forminator plugin that could allow triggering site crashes
SecurityWeek
CISA Warns of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation
CISA warns organizations of a two-year-old Windows Print Spooler vulnerability being exploited in the wild.
CyberSecurity Dive
Zero-day exploits hit CrushFTP, researchers expect rapid exploitation
CrushFTP CEO Ben Spink said the company isn’t aware of any data theft thus far, but researchers see echoes of MOVEit exploits and other high-profile file-transfer vulnerabilities.
CyberSecurity Dive
Palo Alto Networks quibbles over impact of exploited, compromised firewalls
The security vendor downplayed the impact of exploit activity, describing most attempts as unsuccessful, but outside researchers say 6,000 devices are vulnerable.
%20(1).webp)
Cyber Security News
Forminator WordPress Plugin Flaw Exposes Over 50,000 Websites to Cyber Attacks
Cybersecurity revelation, over 50k websites using the popular WordPress plugin Forminator are at risk due to multiple vulnerabilities.
CSO
Russian state-sponsored hacker used GooseEgg malware to steal Windows credentials
A now-patched Windows Print Spooler flaw was used by Forest Blizzard to drop the privilege-elevating malware for credential stealing and persistence.
The Hacker News
Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware
Hackers linked to Russia have been exploiting a Windows bug for YEARS to deploy GooseEgg malware for escalating attack access.
Cyber Security News
48 Vulnerabilities Uncovered In AI systems : Surge By 220%
A 220% increase in vulnerabilities impacting AI systems has been discovered since the initial disclosures of 15 vulnerabilities in November
SecurityWeek
Thousands of Palo Alto Firewalls Potentially Impacted by Exploited Vulnerability
Shadowserver has identified roughly 6,000 internet-accessible Palo Alto Networks firewalls potentially vulnerable to CVE-2024-3400.
The Hacker News
MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws
MITRE, a top cybersecurity firm, breached by a nation-state. Zero-days and session hijacking were the weapons.
Security Affairs
Windows DOS-to-NT flaws exploited to achieve unprivileged rootkit-like capabilities
Researcher demonstrated how to exploit vulnerabilities in the Windows DOS-to-NT path conversion process to achieve rootkit-like capabilities.
The Hacker News
Researchers Uncover Windows Flaws Granting Hackers Rootkit-Like Powers
Researchers detail a flaw in the Windows DOS-to-NT path conversion process which can be exploited by threat actors to gain rootkit like powers.
Security Affairs
A flaw in the Forminator plugin impacts hundreds of thousands of WordPress sites
Japan's CERT warns of a vulnerability in the Forminator WordPress plugin that allows unrestricted file uploads to the server.
CyberSecurity Dive
Preparing for CISA’s Secure Software Development Attestation and PCI compliance updates with ASPM
With increased expectations and a prime position in the spotlight, AppSec teams need reliable tools that can act as a force multiplier for their AppSec programs.
SC Magazine
MITRE research and prototyping network breached via Ivanti zero-days
Security pros say while the target was an unclassified network, the research it manages on emerging technologies could be of interest to adversaries.
SC Magazine
6.2K Palo Alto firewalls still at risk as exploits increase
Proof-of-concept exploits for CVE-2024-3400 are now publicly available.
Bleeping Computer
Critical Forminator plugin flaw impacts over 300k WordPress sites
The Forminator WordPress plugin used in over 500,000 sites is vulnerable to a flaw that allows malicious actors to perform unrestricted file uploads to the server.
Loading more articles....