Hackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices.

Fortinet is warning of two new unpatched patch bypasses for a critical remote code execution vulnerability in FortiSIEM, Fortinet's SIEM solution.

Four vulnerabilities collectively called "Leaky Vessels" allow hackers to escape containers and access data on the underlying host operating system.

The flaws were discovered by Snyk security researcher Rory McNamara in November 2023, who reported them to impacted parties for fixing.

Snyk has found no signs of active exploitation of the Leaky Vessels flaws in the wild, but the publicity could change the exploitation status, so all impacted system admins are recommended to apply the available security updates as soon as possible.

Apple said the vulnerability, which is being exploited in the wild, allows malicious code to run on an affected device.

Malicious code hiding in seemingly innocent PyPI packages steals your passwords, crypto & more
#attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month.

Critical security flaw found in Opera Browsers. MyFlow sync feature lets attackers take over your Windows and macOS systems.

Beware of YouTube videos offering cracked software! They might be a gateway to the Lumma malware, stealing your sensitive information

• Juniper Networks recently patched a critical pre-authentication Remote Code Execution (RCE) vulnerability in the J-Web configuration interface across all versions of Junos OS on SRX firewalls and EX switches.
• Unauthenticated actors could exploit this vulnerability to gain root access or initiate Denial of Service (DoS) attacks on devices that have not been patched. Ensure your systems are updated promptly to mitigate this risk.
• Check for exposed J-Web configuration interfaces using this Censys Search query: services.software.uniform_resource_identifier: cpe:2.3:a:juniper:jweb:*:*:*:*:*:*:*:*.
• As emphasized last year in CISA’s BOD 23-02 guidance, exposed network management interfaces continue to pose a significant risk. Restrict access to these interfaces from the public internet wherever possible.

The critical bug that could lead to a remote attack via voice call is one of 26 vulnerabilities affecting hundreds of Qualcomm chipsets.

This write-up presents an exploit for a vulnerability in the XNU kernel:

• Assigned CVE-2023-32434.

• Fixed in iOS 16.5.1 and macOS 13.4.1.

• Reachable from the WebContent sandbox and might have been actively exploited.
  *Note that this CVE fixed multiple integer overflows, so it is unclear whether or not the integer overflow used in my exploit was also used in-the-wild. Moreover, if it was, it might not have been exploited in the same way.
  The exploit has been successfully tested on:

• iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max)

• macOS 13.1 and 13.4 (MacBook Air M2 2022)

• All code snippets shown below are from xnu-8792.81.2.

A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info

Chinese threat actors exploited a new zero-day vulnerability in Barracuda's Email Security Gateway (ESG) appliances.

Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla

Our open-source vulnerability impact scoring system is now available and enhances incident response capabilities. Here's how VISS is unique.

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.

7 December 2023 - Apache Struts version 6.3.0.2 General Availability

The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” release. The GA designation is our highest quality grade.

The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework has been designed to streamline the full development cycle, from building, to deploying, to maintaining applications over time.

This version addresses a potential security vulnerability identified as CVE-2023-50164 and described in S2-066 - please read the mentioned security bulletins for more details. This is a drop-in replacement and upgrade should be straightforward.

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm.
#Actively #Botnet #Computer #Exploited #FXC #InfectedSlurs #InfoSec #Malware #QNAP #Router #Security #Vulnerability

Unpack the analysis of a GOG Galaxy XPC service vulnerability. More from IBM X-Force Red.

Learn about a RCE vulnerability, discovered by the Imperva Red Team, identified as CVE-2023-22524, in Atlassian Companion for macOS.