Cyberveillecurated by Decio
Nuage de tags
Mur d'images
Quotidien
Quotidien Hebdomadaire Mensuel

Quotidien Shaarli

Tous les liens d'un jour sur une page.

Jour précédent
Jour suivant

June 4, 2023

Rapid7 Observed Exploitation of Critical MOVEit Transfer Vulnerability

Rapid7 is observing exploitation of a critical vulnerability in Progress Software’s MOVEit Transfer solution across multiple customer environments.

23:02
Rapid7, EN, 2023, MOVEit, Transfer, Vulnerability
Enzo Biochem Ransomware Attack Exposes Information of 2.5M Individuals - SecurityWeek

Enzo Biochem says the clinical test information of roughly 2.47 million individuals was exposed in a recent ransomware attack.

22:38
securityweek, EN, 2023, Enzo_Biochem, PHI, ransomware
Bypassing SELinux with init_module

There are two Linux system calls for loading a kernel module - init_module and finit_module. By leveraging init_module, I bypassed a filesystem-based SELinux rule that prevented me from loading a kernel module through traditional means (e.g., insmod). I then disabled SELinux from kernel-space. Proof of concept code can be found on my GitHub.

22:33
seanpesce, EN, 2023, SELinux, bypass
New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog

A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device

22:30
Microsoft, en, 2023, research, vulnerability, macOS, Migraine, bypass, SIP
‘Gravity Forms’ WordPress Plugin Found Vulnerable to PHP Object Injection

Gravity Forms, a popular WordPress plugin, has been found vulnerable to
unauthenticated PHP Object Injection attacks.

14:05
bitdefender, EN, 2023, WP, WordPress, Plugin, gravity-forms, CVE-2023-28782