A previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. “GambleForce uses a set of basic yet very effective techniques, including SQL injections and the exploitation of vulnerable website content management systems (CMS) to steal […]
In the ever-evolving landscape of cybersecurity, researchers are continually uncovering new methods that challenge existing defense mechanisms. A recent study by SafeBreach, a leader in cybersecurity research, has brought to light a novel process injection technique that exploits Windows thread pools, revealing vulnerabilities in current Endpoint Detection and Response (EDR) solutions. This groundbreaking research not […]
A new collection of eight process injection techniques, collectively dubbed PoolParty, could be exploited to achieve code execution in Windows systems while evading endpoint detection and response (EDR) systems. SafeBreach researcher Alon Leviev said the methods are “capable of working across all processes without any limitations, making them more flexible than existing process injection techniques.” […]
A kind of attack known as prompt injection is directed against LLMs, which are the language models that are the driving force behind chatbots such as ChatGPT. It is the process by which an adversary inserts a prompt in such a manner as to circumvent any guardrails that the developers have set in place, so […]
Those that work with databases on a regular basis will know that PostgreSQL is more than just a name. It has an impressive history that spans over 30 years, and now it serves as an effective object-relational database system that is open source. Because of its ability to store and grow even the most complex […]
A new process injection technique dubbed Mockingjay could be exploited by threat actors to bypass security solutions to execute malicious code on compromised systems. “The injection is executed without space allocation, setting permissions or even starting a thread,” Security Joes researchers Thiago Peixoto, Felipe Duarte, and Ido Naor said in a report shared with The […]
Cisco on Wednesday rolled out security updates to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to […]
Cryptocurrency companies are being targeted as part of a new campaign that delivers a remote access trojan called Parallax RAT. The malware “uses injection techniques to hide within legitimate processes, making it difficult to detect,” Uptycs said in a new report. “Once it has been successfully injected, attackers can interact with their victim via Windows […]
Fortinet, a company that develops next-generation firewalls, VPNs, antivirus, and endpoint solutions, among other products, issued a public security advisory on October 10, 2022, disclosing that there was a critical vulnerability (CVE-2022-40684) impacting several of their products. The advisory also disclosed that the vulnerability could have been exploited by malicious actors. The security flaw, which […]
Web application firewalls, also known as WAFs, are intended to protect web-based applications and application programming interfaces (APIs) from malicious HTTPS traffic coming from the outside, particularly cross-site scripting and SQL injection attacks, which never seem to fall off the security radar. SQL injection in particular is a constant among the output of automated code […]
A critical SQL injection (SQLi) vulnerability was recently patched by the network security company SonicWall as a result of a new update. The company’s Analytics On-Premise and Global Management System (GMS) products are affected by this critical flaw and as a result, they must be updated. CVE-2022-22280 has been assigned to the flaw which has […]
SonicWall has published a hotpatch to fix two SQL injection vulnerabilities impacting the GMS (Global Management System) and Analytics On-Prem products. CVE-2022-22280 is a critical vulnerability (CVSS 9.4) that results in an Improper Neutralization of Special Elements used in an SQL command in SonicWall GMS. SonicWall Global Management System (GMS) contains a SQL Injection security […]
The Django project, an open source web framework based on Python, has fixed a high severity vulnerability in its latest versions. Identified as CVE-2022-34265, the potential SQL injection vulnerability exists in the Django main version and in versions 4.1 (currently in beta), 4.0, and 3.2. New releases and patches issued this Monday, July 4, remove […]
Two bugs in the web interface of a Fujitsu cloud storage system would allow authenticated threat actors to read, write, and even destroy backed up files. According to the report, these flaws reside in the enterprise-grade Fujitsu Eternus CS800 V8.1 solution. These problems were found by researchers at NCC Group, who mention that the flaws […]
Zyxel has moved to address a critical security vulnerability affecting Zyxel firewall devices that enables unauthenticated and remote attackers to gain arbitrary code execution. “A command injection vulnerability in the CGI program of some firewall versions could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device,” the […]
Rapid7 security teams announced the fix of a critical SQL injection vulnerability in Nexpose, a popular local vulnerabilities management software. The flaw was tracked as CVE-2022-0757 and received a score of 9.8/10 according to the Common Vulnerability Scoring System (CVSS). According to the report, the vulnerability arose because no valid search operators were defined, so […]
Cybersecurity specialists report the detection of two vulnerabilities in VMware Spring Cloud Gateway, a library for creating API gateways over Spring and Java for a flexible way to route requests based on a number of criteria. According to the report, the exploitation of these flaws could lead to dangerous hacking scenarios. Below are brief descriptions […]
VMware had multiple issues that were privately reported. VMware swiftly acted on the reported issues and released patches for all the critical vulnerabilities. The vulnerability details are as follows Advisory ID:VMSA-2022-0004CVSSv3 Range:5.3-8.4Issue Date:2022-02-15Updated On:2022-02-15 (Initial Advisory) CVE(s): CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050 Synopsis: VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, […]
The cybercrime operators behind the notorious TrickBot malware have once again upped the ante by fine-tuning its techniques by adding multiple layers of defense to slip past antimalware products. “As part of that escalation, malware injections have been fitted with added protection to keep researchers out and get through security controls,” IBM Trusteer said in […]
Cybersecurity specialists report the detection of two critical vulnerabilities in Philips Tasy EMR, a medical record and health services management tool. Tracked as CVE-2021-39375 and CVE-2021-39376, both flaws received scores of 8.8/10 according to the Common Vulnerability Scoring System (CVSS). The flaws were described as SQL injection errors that exist due to the incorrect use […]
Cybersecurity experts report that two legacy IBM System x server models recalled in 2019 are exposed to multiple attack variants due to the presence of a severe vulnerability. While this flaw will not receive security updates, manufacturers have already offered an alternative solution to mitigate the risk of attack. The vulnerability was tracked as CVE-2021-3723 […]