Think, Talk, Hack

This exploit code allows Low level privileges user to get full admin privileges on vulnerable Cisco Secure Manager Appliance and Cisco Email Security Appliance

Two vulnerabilities in Cisco’s product line, including high-severity flaws in the Cisco Email Security Appliance, Cisco Secure Email and Web Manager, and Cisco Secure Web Appliance Next Generation Management products, have been patched, according to Cisco. A SQL Injection vulnerability known as CVE-2022-20867 (CVSS score: 4.7) affects Cisco ESA and Cisco Secure Email and Web […]

root

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured Docker and Kubernetes instances. The intrusions, […]

root

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. “The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection,” Sophos threat researcher Andreas […]

root

RTLS Systems Found Vulnerable to MiTM Attacks and Location Tampering

Researchers have disclosed multiple vulnerabilities impacting Ultra-wideband (UWB) Real-time Locating Systems (RTLS), enabling threat actors to launch adversary-in-the-middle (AitM) attacks and tamper with location data. “The zero-days found specifically pose a security risk for workers in industrial environments,” cybersecurity firm Nozomi Networks disclosed in a technical write-up last week. “If a threat actor exploits these […]

root

GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions

Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows. “When a security vulnerability is reported in an action, our team of security researchers will create an advisory to document the vulnerability, which will trigger an alert […]

root

Hive Ransomware Affiliate Attacking Microsoft Exchange Servers vulnerable to ProxyShell Flaw

The cybersecurity experts at Varonis security firm have recently discovered a Hive ransomware affiliate that has been deploying a variety of backdoors, including the Cobalt Strike beacon, in order to compromise the Microsoft Exchange servers that are vulnerable to the ProxyShell flaws. By deploying these backdoors the threat actors perform the following tasks and activities:- […]

root

Squirrelwaffle malware takes control of vulnerable Microsoft Exchange servers to spread banking scam

Researchers at security firm Sophos recently reported a hacking campaign related to the ProxyLogon and ProxyShell exploits for the exploitation of an unpatched Microsoft Exchange server. This compromised server was used for the mass distribution of Squirrelwaffle, a malware loader delivered via email threads as a method of deceiving employees in the affected organizations in […]

root

Over 300,000 MikroTik Devices Found Vulnerable to Remote Hacking Bugs

At least 300,000 IP addresses associated with MikroTik devices have been found vulnerable to multiple remotely exploitable security vulnerabilities that have since been patched by the popular supplier of routers and wireless ISP devices. The most affected devices are located in China, Brazil, Russia, Italy, Indonesia, with the U.S. coming in at number eight, cybersecurity […]

root

High severity Intel chip flaw left cars, medical and IoT devices vulnerable

The vulnerability can be exploited by attackers with physical access to the CPU to breach the security protocols and obtain sensitive information. Positive Technologies security researchers have identified a vulnerability in Intel CPUs, allowing an attacker with physical access to a device to gain enhanced privileges on the system. The vulnerability was discovered by Positive […]

root

Millions of Printers Worldwide Vulnerable To The 16-Year-Old Bug

Cybersecurity analysts have recently discovered a vulnerability in a common printer driver used by major manufacturers like HP, Xerox, and Samsung. This occurrence was alerted by the security experts of SentinelOne security firm, and they have tracked this vulnerability with the following CVE ID:- CVE-2021-3438 They have claimed that since 2005 which means for 16 […]

root

NVIDIA Jetson Chipsets Found Vulnerable to High-severity Flaws

U.S. graphics chip specialist NVIDIA has released software updates to address a total of 26 vulnerabilities impacting its Jetson system-on-module (SOM) series that could be abused by adversaries to escalate privileges and even lead to denial-of-service and information disclosure. Tracked from CVE‑2021‑34372 through CVE‑2021‑34397, the flaws affect products Jetson TX1, TX2 series, TX2 NX, AGX […]

root

PDF certification process is vulnerable to new attack variants; flaws affect Adobe, Foxit and other PDF tools

A recent research states that certified PDF files are not protected enough, so they are vulnerable to various types of cyberattack. These files are often used to securely sign agreements between two parties, as certification protects document integrity. The research, by a specialized team at Ruhr University, notes that certified PDF documents employ two specific […]

root

Hundreds of Millions of Dell Systems Vulnerable to Hack Due to Driver Bug

The cybersecurity researchers have detected a set of five high-severity flaws in hundred of millions of Dell’s firmware update. The set of Five high-severity flaws is affecting Dell computers, laptops, notebooks, and tablets. The security researchers at SentinelOne’s SentinelLabs declared in their report that Dell has published hundreds of millions of Windows devices throughout the […]

root

F5 BIG-IP Found Vulnerable to Kerberos KDC Spoofing Vulnerability

Cybersecurity researchers on Wednesday disclosed a new bypass vulnerability (CVE-2021-23008) in the Kerberos Key Distribution Center (KDC) security feature impacting F5 Big-IP application delivery services. “The KDC Spoofing vulnerability allows an attacker to bypass the Kerberos authentication to Big-IP Access Policy Manager (APM), bypass security policies and gain unfettered access to sensitive workloads,” Silverfort researchers […]

root

Popular Netop Remote Learning Software Found Vulnerable to Hacking

Cybersecurity researchers on Sunday disclosed multiple critical vulnerabilities in remote student monitoring software Netop Vision Pro that a malicious attacker could abuse to execute arbitrary code and take over Windows computers. “These findings allow for elevation of privileges and ultimately remote code execution which could be used by a malicious attacker within the same network […]

root

FreakOut, the new botnet that threatens thousands of vulnerable Linux systems

According to a recent report by cybersecurity experts, the operators of a botnet have been targeting non-patched applications running on Linux systems. The botnet, identified as FreakOut, was first identified in November 2020 and has shown a new uptick in attacks over the past few weeks. Among the main objectives of FreakOut operators are Terramaster […]

root

Robinhood Ransomware Borrow Vulnerable Driver To Kill Antivirus and Encrypt Windows System Files

Researchers observed a new ransomware family called “Robinhood” that using a digitally signed vulnerable driver to bypass the protection by killing files belonging to endpoint security products, bypassing tamper protection and antivirus software to encrypt the system files. Attackers using the Living off the Land technique for this ransomware attack to destructive file encryption portion […]

root