Tag: exploit
-
North Korean APT Exploited IE Zero-Day in Supply Chain Attack
A Pyongyang-aligned APT was caught exploiting a recent zero-day in Internet Explorer in a supply chain attack. The post North Korean APT Exploited IE Zero-Day in Supply Chain Attack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/north-korean-apt-exploited-ie-zero-day-in-supply-chain-attack/
-
Microsoft Reveals macOS Vulnerability that Bypasses Privacy Controls in Safari Browser
Microsoft has disclosed details about a now-patched security flaw in Apple’s Transparency, Consent, and Control (TCC) framework in macOS that has likely come under exploitation to get around a user’s privacy preferences and access data.The shortcoming, codenamed HM Surf by the tech giant, is tracked as CVE-2024-44133. It was addressed by Apple as part of…
-
Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk
A critical security flaw has been disclosed in the Kubernetes Image Builder that, if successfully exploited, could be abused to gain root access under certain circumstances.The vulnerability, tracked as CVE-2024-9486 (CVSS score: 9.8), has been addressed in version 0.1.38. The project maintainers acknowledged Nicolai Rybnikar for discovering and reporting the vulnerability.”A security issue First seen…
-
Solarwinds: Lücken in Plattform und Serv-U ermöglichen Schadcode-Schmuggel
Tags: exploitSolarwinds warnt vor Sicherheitslücken in der Plattform und in Serv-U. Angreifer können etwa Code einschleusen oder ihre Rechte ausweiten. First seen on heise.de Jump to article: www.heise.de/news/Solarwinds-Luecken-in-Plattform-und-Serv-U-ermoeglichen-Schadcode-Schmuggel-9983920.html
-
Critical Veeam Vulnerability CVE-2024-40711 Exploited by Ransomware Groups
Veeam has addressed a severe vulnerability in its widely utilized Backup & Replication tool, CVE-2024-40711. This critical flaw has a staggering Common Vulnerability Scoring System (CVSS) score of 9.8. Ransomware gangs have already begun exploiting this Veeam vulnerability, particularly deploying Akira and Fog ransomware in targeted attacks. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/critical-veeam-vulnerability-2/
-
Attackers Hijack 360 Total Security to Deliver SSLoad
In a recent attack discovered by ANY.RUN researchers, cybercriminals exploited 360 Total Security antivirus software to distribute a Rust-based malware known as SSLoad. This was achieved through the use of... First seen on securityonline.info Jump to article: securityonline.info/attackers-hijack-360-total-security-to-deliver-ssload/
-
SolarWinds, Firefox, Windows Face Active Exploitation: CISA Issues Urgent Warning
The Cybersecurity and Infrastructure Security Agency (CISA) has recently added three vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, emphasizing the pressing need for organizations to address these risks promptly. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisa-adds-3-known-exploited-vulnerabilities/
-
Critical hardcoded SolarWinds credential now exploited in the wild
Another blow for IT software house and its customers First seen on theregister.com Jump to article: www.theregister.com/2024/10/16/solarwinds_critical_hardcoded_credential_bug/
-
70% of exploited flaws disclosed in 2023 were zero-days
Mandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/
-
Oracle October 2024 Critical Patch Update Addresses 198 CVEs
Oracle addresses 198 CVEs in its fourth quarterly update of 2024 with 334 patches, including 35 critical updates. Background On October 15, Oracle released its Critical Patch Update (CPU) for October 2024, the fourth and final quarterly update of the year. This CPU contains fixes for 198 CVEs in 334 security updates across 28 Oracle…
-
CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability
Tags: cisa, credentials, cve, cybersecurity, exploit, flaw, infrastructure, kev, software, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.Tracked as CVE-2024-28987 (CVSS score: 9.1), the vulnerability relates to a case of hard-coded credentials that could be abused to gain First…
-
Impact of actively exploited Fortinet bug remains widespread
First seen on scworld.com Jump to article: www.scworld.com/brief/impact-of-actively-exploited-fortinet-bug-remains-widespread
-
Critical CVE in 4 Fortinet products actively exploited
CISA added the format string vulnerability to its known exploited vulnerabilities catalog last week, months after it was first disclosed by the company. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/critical-cve-fortinet-exploited/729736/
-
Vulnerability Recap 10/15/24 Patch Tuesday Posts 117 Vulnerabilities
We take a look at the past week’s exploited vulnerabilities, including previous Ivanti and Veeam flaws, and also cover critical Patch Tuesday fixes. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-october-15-2024/
-
Iranian Cyberspies Exploiting Recent Windows Kernel Vuln
First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36474/Iranian-Cyberspies-Exploiting-Recent-Windows-Kernel-Vuln.html
-
Log4j Still Being Exploited Nearly 3 Years Later
Tags: exploitFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36472/Log4j-Still-Being-Exploited-Nearly-3-Years-Later.html
-
SentinelOne CISO Identifies ‘Most Pressing Concern’ for Cyber Professionals
SentinelOne’s Alex Stamos sees a future where defenders have the advantage when it comes to generative AI. At least until it can write exploit code. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/isc2-security-summit-cyber-interview/
-
Zero-day flaw behind Rackspace breach still a mystery
More than two weeks after threat actors exploited a zero-day vulnerability in a third-party utility to breach Rackspace, the details about the flaw and the utility remain unknown. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366613555/Zero-day-flaw-behind-Rackspace-breach-still-a-mystery
-
The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented,…
-
Open Source Package Entry Points May Lead to Supply Chain Attacks
Entry points in packages across multiple programming languages are susceptible to exploitation in supply chain attacks. The post Open Source Package Entry Points May Lead to Supply Chain Attacks appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/open-source-package-entry-points-may-lead-to-supply-chain-attacks/
-
How DDoS Botent is used to Infect your Network?
DDoS botnet gained attention a few years ago due to its record-breaking attacks, but the emergence of new threats in 2024 illustrates the evolving tactics of cyber attackers. The cyber threat landscape is in constant flux, with vulnerabilities like Zyxel’s CVE-2023-28771 being exploited and MySQL servers coming under fire from variants like Ddostf and Mirai’s……
-
Imperva Defends Against Targeted Exploits Used By APT29 Hackers
Recently, U.S. and U.K. cyber agencies have warned of a renewed wave of attacks led by Russian APT29 hackers. These sophisticated threat actors have been actively exploiting vulnerabilities in Zimbra Collaboration Suite and JetBrains TeamCity, specifically CVE-2022-27924 and CVE-2023-42793, to target critical systems. At Imperva, we are committed to ensuring our customers remain secure from……
-
How nation-states exploit political instability to launch cyber operations
In this Help Net Security interview, Ismael Valenzuela, Vice President of Threat Research Intelligence at BlackBerry, discusses the impact of geopolitical tensions on … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/10/15/ismael-valenzuela-blackberry-political-instability-cyber-operations/
-
Earth Simnavaz Exploits Windows Kernel Flaw CVE-2024-30088 in Attacks on Critical Infrastructure
Trend Micro researchers have uncovered a series of advanced cyberattacks carried out by the threat group Earth Simnavaz, also known as APT34 or OilRig. This Iranian-linked cyber espionage group has... First seen on securityonline.info Jump to article: securityonline.info/earth-simnavaz-exploits-windows-kernel-flaw-cve-2024-30088-in-attacks-on-critical-infrastructure/
-
CISA Warns of Attacks Exploiting F5 BIG-IP
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-warns-of-attacks-exploiting-f5-big-ip
-
Attacks exploiting F5 BIG-IP cookies underway
First seen on scworld.com Jump to article: www.scworld.com/brief/cisa-attacks-exploiting-f5-big-ip-cookies-underway
-
U.S. CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog
Tags: cisa, cloud, cve, cybersecurity, exploit, fortinet, infrastructure, ivanti, kev, service, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: Last week, Ivanti warned of three new security vulnerabilities (CVE-2024-9379, CVE-2024-9380, and CVE-2024-9381) in its Cloud Service Appliance (CSA)…
-
Nation-state actor exploited three Ivanti CSA zero-days
An alleged nation-state actor exploited three zero-day vulnerabilities in Ivanti Cloud Service Appliance (CSA) in recent attacks. Fortinet FortiGuard Labs researchers warn that a suspected nation-state actor has been exploiting three Ivanti Cloud Service Appliance (CSA) zero-day issues to carry out malicious activities. The three vulnerabilities exploited by the threat actor are: “an advanced adversary…