Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Flux RSS
  • Flux RSS
  • Daily Feed
  • Weekly Feed
  • Monthly Feed
Filtres

Liens par page

  • 20 links
  • 50 links
  • 100 links

Filtres

Untagged links
page 6 / 12
231 résultats taggé Vulnerability  ✕
Unauthenticated function injection vulnerability in WordPress Shortcode Addons plugin (unpatched). – NinTechNet https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-shortcode-addons-plugin-unpatched/
22/04/2024 06:54:05
QRCode
archive.org
thumbnail

The WordPress Shortcode Addons plugin version 3.2.5 and below is prone to an unauthenticated function injection vulnerability.

nintechnet EN 2024 WordPress Shortcode Addons plugin vulnerability
PuTTY vulnerability vuln-p521-bias https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
16/04/2024 14:31:00
QRCode
archive.org

Every version of the PuTTY tools from 0.68 to 0.80 inclusive has a critical vulnerability in the code that generates signatures from ECDSA private keys which use the NIST P521 curve. (PuTTY, or Pageant, generates a signature from a key when using it to authenticate you to an SSH server.)

chiark.greenend.org.uk PuTTY vulnerability CVE-2024-31497
Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files https://thehackernews.com/2024/04/raspberry-robin-returns-new-malware.html?m=1
14/04/2024 15:30:37
QRCode
archive.org

Researchers uncover a fresh wave of the Raspberry Robin campaign spreading malware through malicious Windows Script Files (WSFs) since March 2024.
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

thehackernews 2024 EN Raspberry-Robin WSF return
Vulnerabilities Identified in LG WebOS https://www.bitdefender.com/blog/labs/vulnerabilities-identified-in-lg-webos/?ref=news.risky.biz%2F
10/04/2024 09:05:53
QRCode
archive.org
thumbnail

As the creator of the world’s first smart home cybersecurity hub, Bitdefender regularly audits popular IoT hardware for vulnerabilities. This research paper is part of a broader program that aims to shed light on the security of the world’s best-sellers in the IoT space. This report covers vulnerabilities discovered while researching the LG WebOS TV operating system.

bitdefender EN 2024 LG WebOS TV iot vulnerability CVE-2023-6317 CVE-2023-6318 CVE-2023-6319 CVE-2023-6320
Over 92,000 exposed D-Link NAS devices have a backdoor account https://www.bleepingcomputer.com/news/security/over-92-000-exposed-d-link-nas-devices-have-a-backdoor-account/
06/04/2024 20:13:31
QRCode
archive.org
thumbnail

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models.

bleepingcomputer En 2024 Backdoor Command-Injection D-Link EOL NAS Remote-Code-Execution Vulnerability
Bringing process injection into view(s): exploiting all macOS apps using nib files · Sector 7 https://sector7.computest.nl/post/2024-04-bringing-process-injection-into-view-exploiting-all-macos-apps-using-nib-files/
05/04/2024 15:45:54
QRCode
archive.org
thumbnail

In a previous blog post we described a process injection vulnerability affecting all AppKit-based macOS applications. This research was presented at Black Hat USA 2022, DEF CON 30 and Objective by the Sea v5. This vulnerability was actually the second universal process injection vulnerability we reported to Apple, but it was fixed earlier than the first. Because it shared some parts of the exploit chain with the first one, there were a few steps we had to skip in the earlier post and the presentations. Now that the first vulnerability has been fixed in macOS 13.0 (Ventura) and improved in macOS 14.0 (Sonoma), we can detail the first one and thereby fill in the blanks of the previous post.

This vulnerability was independently found by Adam Chester and written up here under the name “DirtyNIB”. While the exploit chain demonstrated by Adam shares a lot of similarity to ours, our attacks trigger automatically and do not require a user to click a button, making them a lot more stealthy. Therefore we decided to publish our own version of this write-up as well.

sector7 EN 2024 macos nib exploit research vulnerability DirtyNIB
New HTTP/2 DoS attack can crash web servers with a single connection https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-single-connection/
05/04/2024 08:51:40
QRCode
archive.org
thumbnail

Newly discovered HTTP/2 protocol vulnerabilities called

Denial-of-Service DoS HTTP/2 Internet Vulnerability CVE-2024-27316 CVE-2024-2653 CVE-2024-27983 CVE-2024-27919
Security Flaw in WP-Members Plugin Leads to Script Injection https://www.securityweek.com/security-flaw-in-wp-members-plugin-leads-to-script-injection/
04/04/2024 19:04:25
QRCode
archive.org

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

securityweek EN 2024 plugin WP Wordpress WP-Members Injection vulnerability
Google fixes two Pixel zero-day flaws exploited by forensics firms https://www.bleepingcomputer.com/news/security/google-fixes-two-pixel-zero-day-flaws-exploited-by-forensics-firms/
03/04/2024 16:52:35
QRCode
archive.org
thumbnail

Google has fixed two Google Pixel zero-days exploited by forensic firms to unlock phones without a PIN and gain access to the data stored within them.

bleepingcomputer EN 2024 Android Forensics Google Google-Pixel Mobile Pixel Vulnerability Zero-Day GrapheneOS
Ivanti fixes critical Standalone Sentry bug reported by NATO https://www.bleepingcomputer.com/news/security/ivanti-fixes-critical-standalone-sentry-bug-reported-by-nato/
20/03/2024 22:40:25
QRCode
archive.org
thumbnail

Ivanti warned customers to immediately patch a critical severity Standalone Sentry vulnerability reported by NATO Cyber Security Centre researchers.

bleepingcomputer EN 2024 Ivanti NATO Vulnerability Security InfoSec Computer-Security
Loop DoS: New Denial-of-Service attack targets application-layer protocols https://cispa.de/en/loop-dos
20/03/2024 15:26:21
QRCode
archive.org
thumbnail

A new Denial-of-Service (DoS) attack targets application-layer protocols that draw on the User Datagram Protocol (UDP) for end-to-end communication. The vulnerability affects both legacy and contemporary protocols. Discovered by Christian Rossow and Yepeng Pan, the attack puts an estimated 300,000 Internet hosts and their networks at risk.

cispa.de EN 2024 DoS Denial-of-Service UDP vulnerability Application-Layer
What a Cluster: Local Volumes Vulnerability in Kubernetes https://www.akamai.com/blog/security-research/kubernetes-local-volumes-command-injection-vulnerability-rce-system-privileges
18/03/2024 09:02:18
QRCode
archive.org
  • Akamai security researcher Tomer Peled recently discovered a high-severity vulnerability in Kubernetes that was assigned CVE-2023-5528 with a CVSS score of 7.2.

  • The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster. To exploit this vulnerability, the attacker needs to apply malicious YAML files on the cluster.

  • This vulnerability can lead to full takeover on all Windows nodes in a cluster.

  • This vulnerability can be exploited on default installations of Kubernetes (earlier than version 1.28.4), and was tested against both on-prem deployments and Azure Kubernetes Service.

  • In this blog post, we provide a proof-of-concept YAML file as well as an Open Policy Agent (OPA) rule for blocking this vulnerability.

akamai EN 2024 CVE-2023-5528 Kubernetes Windows vulnerability
'GhostRace' Speculative Execution Attack Impacts All CPU, OS Vendors https://www.darkreading.com/cyber-risk/ghostrace-speculative-execution-attack-cpu-os-vendors
18/03/2024 08:32:01
QRCode
archive.org
thumbnail

Like Spectre, the new exploit could give attackers a way to access sensitive information from system memory, and take other malicious actions.

darkreading EN 2024 speculative CPU CVE-2024-2193 GhostRace vulnerability
JetBrains vulnerability exploitation highlights debate over 'silent patching' https://therecord.media/jetbrains-rapid7-silent-patching-dispute
13/03/2024 09:22:58
QRCode
archive.org
thumbnail

Czech software giant JetBrains harshly criticized security company Rapid7 this week following a dispute over two recently-discovered vulnerabilities.

therecord.media EN 2024 JetBrains vulnerability exploitation silent-patching
Exploiting CVE-2024-21378 – Remote Code Execution in Microsoft Outlook https://www.netspi.com/blog/technical/red-team-operations/microsoft-outlook-remote-code-execution-cve-2024-21378/
11/03/2024 15:45:31
QRCode
archive.org

Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.

netspi EN 2024 CVE-2024-21378 RCE vulnerability Outlook
Magnet Goblin Targets Publicly Facing Servers Using 1-Day Vulnerabilities https://research.checkpoint.com/2024/magnet-goblin-targets-publicly-facing-servers-using-1-day-vulnerabilities/
11/03/2024 11:26:35
QRCode
archive.org
thumbnail
  • Magnet Goblin is a financially motivated threat actor that quickly adopts and leverages 1-day vulnerabilities in public-facing services as an initial infection vector. At least in one case of Ivanti Connect Secure VPN (CVE-2024-21887), the exploit entered the group’s arsenal as fast as within 1 day after a POC for it was published.
  • Campaigns that we were able to attribute to this actor targeted Ivanti, Magento, Qlink Sense and possibly Apache ActiveMQ.
  • Analysis of the actor’s recent Ivanti Connect Secure VPN campaign revealed a novel Linux version of a malware called NerbianRAT, in addition to WARPWIRE, a JavaScript credential stealer.
  • The actor’s arsenal also includes MiniNerbian, a small Linux backdoor, and remote monitoring and management (RMM) tools for Windows like ScreenConnect and AnyDesk.
checkpoint EN 2024 Magnet-Goblin 1-day vulnerability Linux NerbianRAT
Lazarus and the FudModule Rootkit: Beyond BYOVD with an Admin-to-Kernel Zero-Day - Avast Threat Labs https://decoded.avast.io/janvojtesek/lazarus-and-the-fudmodule-rootkit-beyond-byovd-with-an-admin-to-kernel-zero-day/
29/02/2024 09:25:00
QRCode
archive.org
thumbnail

The Lazarus Group is back with an upgraded variant of their FudModule rootkit, this time enabled by a zero-day admin-to-kernel vulnerability for CVE-2024-21338. Read this blog for a detailed analysis of this rootkit variant and learn more about several new techniques, including a handle table entry manipulation technique that directly targets Microsoft Defender, CrowdStrike Falcon, and HitmanPro.

avast EN 2024 Lazarus FudModule CVE-2024-21338 vulnerability
ConnectWise ScreenConnect: Authentication Bypass Deep Dive https://www.horizon3.ai/attack-research/red-team/connectwise-screenconnect-auth-bypass-deep-dive/
22/02/2024 08:26:47
QRCode
archive.org
thumbnail

An analysis of the recent ConnectWise ScreenConnect authentication bypass vulnerability, root cause, and indicators of compromise.

horizon3 EN 2024 ConnectWise ScreenConnect bypass vulnerability
Serious Vulnerability in the Internet Infrastructure Fundamental design flaw in DNSSEC discovered https://www.athene-center.de/en/news/press/key-trap
19/02/2024 16:03:59
QRCode
archive.org

he National Research Center for Applied Cybersecurity ATHENE has uncovered a critical flaw in the design of DNSSEC, the Security Extensions of DNS (Domain Name System). DNS is one of the fundamental building blocks of the Internet. The design flaw has devastating consequences for essentially all DNSSEC-validating DNS implementations and public DNS providers, such as Google and Cloudflare. The ATHENE team, led by Prof. Dr. Haya Schulmann from Goethe University Frankfurt, developed “KeyTrap”, a new class of attacks: with just a single DNS packet hackers could stall all widely used DNS implementations and public DNS providers. Exploitation of this attack would have severe consequences for any application using the Internet including unavailability of technologies such as web-browsing, e-mail, and instant messaging. With KeyTrap, an attacker could completely disable large parts of the worldwide Internet. The researchers worked with all relevant vendors and major public DNS providers over several months, resulting in a number of vendor-specific patches, the last ones published on Tuesday, February 13. It is highly recommended for all providers of DNS services to apply these patches immediately to mitigate this critical vulnerability.

athene-center.de EN 2024 DNS DNSSEC Vulnerability CVE-2023-50387 KeyTrap
ESET fixed high-severity local privilege escalation bug in Windows products https://securityaffairs.com/159280/breaking-news/eset-local-privilege-escalation-windows.html
18/02/2024 20:51:07
QRCode
archive.org
thumbnail

Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution.

securityaffairs EN 2024 ESET Windows high-severity vulnerability
page 6 / 12
4372 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service par la communauté Shaarli - Theme by kalvn - Curated by Decio