Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 6 / 12
233 résultats taggé Vulnerability  ✕
PoC exploit released for RCE zero-day in D-Link EXO AX4800 routers https://www.bleepingcomputer.com/news/security/poc-exploit-released-for-rce-zero-day-in-d-link-exo-ax4800-routers/
15/05/2024 00:24:02
QRCode
archive.org
thumbnail

The D-Link EXO AX4800 (DIR-X4860) router is vulnerable to remote unauthenticated command execution that could lead to complete device takeovers by attackers with access to the HNAP port.

bleepingcomputer EN 2024 Authentication-Bypass D-Link Exploit Proof-of-Concept Remote-Command-Execution Router Vulnerability Zero-Day Security InfoSec Computer-Security
WP Automatic WordPress plugin hit by millions of SQL injection attacks https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/
27/04/2024 19:23:36
QRCode
archive.org
thumbnail

Hackers have started to target a critical severity vulnerability in the WP Automatic plugin for WordPress to create user accounts with administrative privileges and to plant backdoors for long-term access.

bleepingcomputer EN 2024 Actively-Exploited Plugin SQL-Injection Vulnerability WordPress WP-Automatic
Unauthenticated function injection vulnerability in WordPress Shortcode Addons plugin (unpatched). – NinTechNet https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-shortcode-addons-plugin-unpatched/
22/04/2024 06:54:05
QRCode
archive.org
thumbnail

The WordPress Shortcode Addons plugin version 3.2.5 and below is prone to an unauthenticated function injection vulnerability.

nintechnet EN 2024 WordPress Shortcode Addons plugin vulnerability
PuTTY vulnerability vuln-p521-bias https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
16/04/2024 14:31:00
QRCode
archive.org

Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. (PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.)

chiark.greenend.org.uk PuTTY vulnerability CVE-2024-31497
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html?m=1
14/04/2024 15:30:37
QRCode
archive.org

Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

thehackernews 2024 EN Raspberry-Robin WSF return
Vulnerabilities Identified in LG WebOS https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/?ref=news.risky.biz%2F
10/04/2024 09:05:53
QRCode
archive.org
thumbnail

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.

bitdefender EN 2024 LG WebOS TV iot vulnerability CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
Over 92,000 exposed D-Link NAS devices have a backdoor account https://www.bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/
06/04/2024 20:13:31
QRCode
archive.org
thumbnail

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.

bleepingcomputer En 2024 Backdoor Command-Injection D-Link EOL NAS Remote-Code-Execution Vulnerability
Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7 https://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files/
05/04/2024 15:45:54
QRCode
archive.org
thumbnail

In a previous blog post we described a process injection vulnerability affecting all AppKit-based macOS applications. This research was presented at Black Hat USA 2022, DEF CON 30 and Objective by the Sea v5. This vulnerability was actually the second universal process injection vulnerability we reported to Apple, but it was fixed earlier than the first. Because it shared some parts of the exploit chain with the first one, there were a few steps we had to skip in the earlier post and the presentations. Now that the first vulnerability has been fixed in macOS 13.0 (Ventura) and improved in macOS 14.0 (Sonoma), we can detail the first one and thereby fill in the blanks of the previous post.

This vulnerability was independently found by Adam Chester and written up here under the name “DirtyNIB”. While the exploit chain demonstrated by Adam shares a lot of similarity to ours, our attacks trigger automatically and do not require a user to click a button, making them a lot more stealthy. Therefore we decided to publish our own version of this write-up as well.

sector7 EN 2024 macos nib exploit research vulnerability DirtyNIB
New HTTP/2 DoS attack can crash web servers with a single connection https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-single-connection/
05/04/2024 08:51:40
QRCode
archive.org
thumbnail

Newly discovered HTTP/2 protocol vulnerabilities called

Denial-of-Service DoS HTTP/2 Internet Vulnerability CVE-2024-27316 CVE-2024-2653 CVE-2024-27983 CVE-2024-27919
Security Flaw in WP-Members Plugin Leads to Script Injection https://www.securityweek.com/security-flaw-in-wp-members-plugin-leads-to-script-injection/
04/04/2024 19:04:25
QRCode
archive.org

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

securityweek EN 2024 plugin WP Wordpress WP-Members Injection vulnerability
Google fixes two Pixel zero-day flaws exploited by forensics firms https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/
03/04/2024 16:52:35
QRCode
archive.org
thumbnail

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.

bleepingcomputer EN 2024 Android Forensics Google Google-Pixel Mobile Pixel Vulnerability Zero-Day GrapheneOS
Ivanti fixes critical Standalone Sentry bug reported by NATO https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/
20/03/2024 22:40:25
QRCode
archive.org
thumbnail

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

bleepingcomputer EN 2024 Ivanti NATO Vulnerability Security InfoSec Computer-Security
Loop DoS: New Denial-of-Service attack targets application-layer protocols https://cispa.de/en/loop-dos
20/03/2024 15:26:21
QRCode
archive.org
thumbnail

A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.

cispa.de EN 2024 DoS Denial-of-Service UDP vulnerability Application-Layer
What a Cluster: Local Volumes Vulnerability in Kubernetes https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
18/03/2024 09:02:18
QRCode
archive.org
  • Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2.

  • The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster.

  • This vulnerability can lead to full takeover on all Windows nodes in a cluster.

  • This vulnerability can be exploited on default installations of Kubernetes (earlier than version 1.28.4), and was tested against both on-prem deployments and Azure Kubernetes Service.

  • In this blog post, we provide a proof-of-concept YAML file as well as an Open Policy Agent (OPA) rule for blocking this vulnerability.

akamai EN 2024 CVE-2023-5528 Kubernetes Windows vulnerability
'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
18/03/2024 08:32:01
QRCode
archive.org
thumbnail

Like Spectre, the new exploit could give attackers a way to access sensitive information from system memory, and take other malicious actions.

darkreading EN 2024 speculative CPU CVE-2024-2193 GhostRace vulnerability
JetBrains vulnerability exploitation highlights debate over 'silent patching' https://therecord.media/jetbrains-rapid7-silent-patching-dispute
13/03/2024 09:22:58
QRCode
archive.org
thumbnail

Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities.

therecord.media EN 2024 JetBrains vulnerability exploitation silent-patching
Exploiting CVE-2024-21378 – Remote Code Execution in Microsoft Outlook https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/
11/03/2024 15:45:31
QRCode
archive.org

Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.

netspi EN 2024 CVE-2024-21378 RCE vulnerability Outlook
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/
11/03/2024 11:26:35
QRCode
archive.org
thumbnail
  • Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published.
  • Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ.
  • Analysis of the actor’s recent Ivanti Connect Secure VPN campaign revealed a novel Linux version of a malware called NerbianRAT, in addition to WARPWIRE, a JavaScript credential stealer.
  • The actor’s arsenal also includes MiniNerbian, a small Linux backdoor, and remote monitoring and management (RMM) tools for Windows like ScreenConnect and AnyDesk.
checkpoint EN 2024 Magnet-Goblin 1-day vulnerability Linux NerbianRAT
Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day - Avast Threat Labs https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
29/02/2024 09:25:00
QRCode
archive.org
thumbnail

The Lazarus Group is back with an upgraded variant of their FudModule rootkit, this time enabled by a zero-day admin-to-kernel vulnerability for CVE-2024-21338. Read this blog for a detailed analysis of this rootkit variant and learn more about several new techniques, including a handle table entry manipulation technique that directly targets Microsoft Defender, CrowdStrike Falcon, and HitmanPro.

avast EN 2024 Lazarus FudModule CVE-2024-21338 vulnerability
ConnectWise ScreenConnect: Authentication Bypass Deep Dive https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
22/02/2024 08:26:47
QRCode
archive.org
thumbnail

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

horizon3 EN 2024 ConnectWise ScreenConnect bypass vulnerability
page 6 / 12
4379 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio