Recherche : [vulnerability]

In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/

16/11/2023 07:15:01

An error as small as a single flipped memory bit is all it takes to expose a private key.
The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host.

CVE-2023-38548 https://attackerkb.com/topics/UPt5tpYK2Y/cve-2023-38548/rapid7-analysis?

10/11/2023 21:28:37

On November 6, 2023, Veeam published an advisory for several vulnerabilities affecting Veeam ONE, an IT monitoring and analytics platform for enterprises. One …

SysAid On-Prem Software CVE-2023-47246 Vulnerability Disclosure https://profero.io/posts/sysaidonpremvulnerability/

10/11/2023 08:45:17

On Nov 2nd, our security team received reports regarding a potential vulnerability in our on-premise software which was being actively exploited. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software. We urge all customers with SysAid on-prem server installations to ensure that your SysAid systems are updated to version 23.3.36, which remediates the identified vulnerability, and conduct a comprehensive compromise assessment of your network to look for any indicators further discussed below. Should you identify any indicators, take immediate action and follow your incident response protocols.

SysAid On-Prem Software CVE-2023-47246 Vulnerability https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification

09/11/2023 06:44:07

On Nov 2nd, a potential vulnerability in our on-premise software came to our security team’s attention. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software.

Common Vulnerability Scoring System https://www.first.org/cvss/v4-0/

08/11/2023 12:17:41

CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard.

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System https://thehackernews.com/2023/11/first-announces-cvss-40-new.html

02/11/2023 18:22:13

FIRST announces CVSS v4.0, the latest version of the Common Vulnerability Scoring System. Discover how this update addresses critical vulnerabilities.

HackerOne paid ethical hackers over $300 million in bug bounties https://www.bleepingcomputer.com/news/security/hackerone-paid-ethical-hackers-over-300-million-in-bug-bounties/

28/10/2023 23:07:20

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception.

Compromising F5 BIGIP with Request Smuggling | CVE-2023-46747 https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/

27/10/2023 13:43:18

Our team identified a request smuggling vulnerability that led to complete compromise of an F5 system with the TMUI exposed.

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers https://www.welivesecurity.com/en/eset-research/winter-vivern-exploits-zero-day-vulnerability-roundcube-webmail-servers/

27/10/2023 08:24:41

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

VMSA-2023-0023 https://www.vmware.com/security/advisories/VMSA-2023-0023.html

25/10/2023 23:47:03

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so https://blog.qualys.com/vulnerabilities-threat-research/2023/10/03/cve-2023-4911-looney-tunables-local-privilege-escalation-in-the-glibcs-ld-so#potential-impact-of-looney-tunables

04/10/2023 09:33:44

The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES…

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers https://www.bleepingcomputer.com/news/security/qualcomm-says-hackers-exploit-3-zero-days-in-its-gpu-dsp-drivers/

03/10/2023 17:31:45

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

Vulnerability in popular ‘libwebp’ code more widespread than expected https://therecord.media/libwebp-vulnerability-more-widespread-than-expected

28/09/2023 21:11:47

Initial alerts about a bug in the obscure but widely used libwebp library have expanded into concerns that it affects not only web browsers like Chrome, but also many other common pieces of software.

GPU.zip https://www.hertzbleed.com/gpu.zip/

27/09/2023 19:23:47

On the Side-Channel Implications of Hardware-Based Graphical Data Compression

Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes https://www.akamai.com/blog/security-research/kubernetes-critical-vulnerability-command-injection

15/09/2023 16:34:42

Akamai researchers discover a critical vulnerability in Kubernetes that can lead to remote code execution.

CVE-2023-34127 https://attackerkb.com/topics/Vof5fWs4rx/cve-2023-34127

21/08/2023 21:47:28

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authe…

2023-08 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and EX Series: Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution?language=en_US

20/08/2023 18:21:02

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips https://www.wired.com/story/downfall-flaw-intel-chips/

13/08/2023 21:37:17

The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys.

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog https://www.rapid7.com/blog/post/2023/08/02/cve-2023-35082-mobileiron-core-unauthenticated-api-access-vulnerability/

04/08/2023 09:42:28

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).

Ivanti warns of second vulnerability used in attacks on Norway gov’t https://therecord.media/ivanti-warns-of-second-vulnerability-norway-government-attack

30/07/2023 20:32:11

A second vulnerability affecting mobile endpoint management software from IT giant Ivanti has been discovered, according to a new advisory from the company.

Liens par page

Filtres