Microsoft on Tuesday disclosed a set of two privilege escalation vulnerabilities in the Linux operating system that could potentially allow threat actors to carry out an array of nefarious activities. Collectively called “Nimbuspwn,” the flaws “can be chained together to gain root privileges on Linux systems, allowing attackers to deploy payloads, like a root backdoor, […]
LemonDuck, a cross-platform cryptocurrency mining botnet, is targeting Docker to mine cryptocurrency on Linux systems as part of an active malware campaign. “It runs an anonymous mining operation by the use of proxy pools, which hide the wallet addresses,” CrowdStrike said in a new report. “It evades detection by targeting Alibaba Cloud’s monitoring service and […]
Cybersecurity specialists from Palo Alto Networks mention that patches released by Amazon Web Services (AWS) to address vulnerabilities in Log4j could be evaded to escalate privileges on the system or evade containers. Identified by the end of 2021, Log4Shell flaws would allow threat actors to execute remote code and take control of affected deployments. To […]
In its quarterly Critical Patch Update (CPU), Oracle has included a total of 520 patches to address all sorts of vulnerabilities. This update fixes security flaws in dozens of products, with special focus on three bugs that received critical scores according to the Common Vulnerability Scoring System (CVSS). Oracle recommends its users update their products […]
A first-of-its-kind malware targeting Amazon Web Services’ (AWS) Lambda serverless computing platform has been discovered in the wild. Dubbed “Denonia” after the name of the domain it communicates with, “the malware uses newer address resolution techniques for command and control traffic to evade typical detection measures and virtual network access controls,” Cado Labs researcher Matt […]
CISA is known for publishing various reports and remediations for cyberattacks. They release a list of many known exploited vulnerabilities which are exploited by hackers frequently. They have added a list of 15 new exploited vulnerabilities to their list. The recent list contains almost all of the recent Windows Privilege Escalation vulnerabilities. CVE ID Vulnerability […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week added 95 more security flaws to its Known Exploited Vulnerabilities Catalog, taking the total number of actively exploited vulnerabilities to 478. “These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise,” the agency said […]
Most web applications today must be protected against multiple hacking variants, such as remote code execution (RCE), SQL injections, cross-site scripting (XS) attacks, and other common security issues. The so-called web application firewalls (WAF) are the most common security solutions, and within these Google Cloud Armor has become a recurring choice among Google Cloud Load […]
Cisco recently released a patch for a new generation of exploits that target some of its recently shipped products (Expressway Series and Cisco TelePresence Video Communication Server (VCS)). This security flaw leaves these devices susceptible to attacks, leaving them open to widespread vulnerabilities that Cisco promptly addressed by releasing the patch. On successful exploitation of […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) last week published an industrial control system (ICS) advisory related to multiple vulnerabilities impacting Schneider Electric’s Easergy medium voltage protection relays. “Successful exploitation of these vulnerabilities may disclose device credentials, cause a denial-of-service condition, device reboot, or allow an attacker to gain full control of the relay,” […]
Cybersecurity experts have urged companies and users to immediately change the default setting of the Horde Webmail who use the Horde Webmail application to view their emails. As recently, it has been discovered that a default feature of Horde Webmail contains a nine-year-old unpatched security flaw that could be exploited by the threat actors to […]
A “potentially destructive actor” aligned with the government of Iran is actively exploiting the well-known Log4j vulnerability to infect unpatched VMware Horizon servers with ransomware. Cybersecurity firm SentinelOne dubbed the group “TunnelVision” owing to their heavy reliance on tunneling tools, with overlaps in tactics observed to that of a broader group tracked under the moniker […]
VMware on Tuesday patched several high-severity vulnerabilities impacting ESXi, Workstation, Fusion, Cloud Foundation, and NSX Data Center for vSphere that could be exploited to execute arbitrary code and cause a denial-of-service (DoS) condition. As of writing, there’s no evidence that any of the weaknesses are exploited in the wild. The list of six flaws is […]
Technical details have been disclosed regarding a number of security vulnerabilities affecting Moxa’s MXview web-based network management system, some of which could be chained by an unauthenticated adversary to achieve remote code execution on unpatched servers. The five security weaknesses “could allow a remote, unauthenticated attacker to execute code on the hosting machine with the […]
Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept (PoC) exploit code targeting some of these bugs. Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the […]
Walk-through metal detectors manufactured by well-known U.S.-based firm Garett are vulnerable to remote attacks, according to Cisco Talos. Researchers at Cisco Talos discovered as many as nine vulnerabilities in walk-through metal detectors manufactured by well-known U.S.-based firm Garett. According to researchers, if these flaws are exploited, the attacker can take the detectors offline, monitor, read, and modify […]
An urgent update has been released (Apache HTTP Server 2.4.52) recently by the Apache Software Foundation to resolve critical vulnerabilities in its Apache HTTP Server. The discovered vulnerability was marked as critical and it could be exploited by the threat actors to take control of a vulnerable system. Apart from this, even CISA, the U.S. […]
Privilege elevation bugs have been detected recently by the security analysts at NCC Group in the ImControllerService service of Lenovo laptops including the top models like ThinkPad and Yoga. This privilege elevation flaws with admin privileges allow the threat actors to execute arbitrary commands. The ImControllerService component of all Lenovo System Interface Foundation versions below […]
If exploited, an unauthenticated, remote attacker can execute code as a “nobody user” in the device meaning attacker would get root access and gain full control of the device. SonicWall, a renowned network security vendor is urging users to immediately update their SMA 100 [PDF] series devices with the latest version after detecting multiple security […]
With this flaw, FatPipe joins the list of VPN providers that have faced a similar situation in the past, including Fortinet, Cisco, Pulse Secure, and Citrix. The Federal Bureau of Investigation (FBI) released a warning revealing that an APT group (advanced persistent threat) exploited a zero-day flaw in FatPipe WARP, MPVPN, and IPVPN software before […]
Cybersecurity agencies from Australia, the U.K., and the U.S. on Wednesday released a joint advisory warning of active exploitation of Fortinet and Microsoft Exchange ProxyShell vulnerabilities by Iranian state-sponsored actors to gain initial access to vulnerable systems for follow-on activities, including data exfiltration and ransomware. The threat actor is believed to have leveraged multiple Fortinet […]