Elastic researchers uncovered a new technique, GrimResource, which allows full code execution via specially crafted MSC files. It underscores a trend of well-resourced attackers favoring innovative initial access methods to evade defenses.
Polyfill.io is a service that automatically provides front-end polyfills, making it very convenient to use. You just need to select the functionality you want to polyfill and then include a JavaScript
Lors de sa séance du 19 juin 2024, le Conseil fédéral a approuvé le rapport établi en réponse au postulat 22.3006 de la Commission de la politique de sécurité du Conseil national «État des lieux relatif à la menace que constituent pour la Suisse les campagnes de désinformation». Le rapport montre l’impact sur le pays des activités d’influence dans l’espace de l’information, les éléments caractéristiques pertinents dans ce contexte et les mesures supplémentaires que le Conseil fédéral entend prendre pour contrer ces menaces.
A recently disclosed critical-severity vulnerability in discontinued Zyxel NAS devices is already exploited in botnet attacks, the Shadowserver Foundation warns.
Tracked as CVE-2024-29973, the issue is described as a code injection flaw that can be exploited remotely without authentication. It was introduced last year, when Zyxel patched CVE-2023-27992, a similar code injection bug.
“While patching this vulnerability, they added a new endpoint which uses the same approach as the old ones, and while doing so, implemented the same mistakes as its predecessors,” explains Outpost24 security researcher Timothy Hjort, who discovered and reported the security defect.
A few months ago, I stumbled upon a 24 years old buffer overflow in the glibc, the base library for linux programs. Despite being reachable in multiple well-known libraries or executables, it proved rarely exploitable — while it didn't provide much leeway, it required hard-to-achieve preconditions. Looking for targets lead mainly to disappointment. On PHP however, the bug shone, and proved useful in exploiting its engine in two different ways.
The agency found no evidence that hackers exfiltrated information but noted the intrusion “may have resulted in the potential unauthorized access” to security plans, vulnerability assessments and user accounts within a national system to protect the chemicals sector.
A novel command execution technique dubbed 'GrimResource' uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management Console.
Wiz Research discovered CVE-2024-37032, an easy-to-exploit Remote Code Execution vulnerability in the open-source AI Infrastructure project Ollama.
Rapid7 observed a recent malvertising campaign luring users to download malicious installers for popular software like Google Chrome and Microsoft Teams.
