Tag: vulnerability
-
New Windows zero-day exposes NTLM credentials, gets unofficial patch
by
in SecurityNewsA new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exposes-ntlm-credentials-gets-unofficial-patch/
-
Deutschland noch immer schlecht auf Cyberangriffe vorbereitet
by
in SecurityNewssrcset=”https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?quality=50&strip=all 5184w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=300%2C168&quality=50&strip=all 300w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=768%2C432&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1024%2C576&quality=50&strip=all 1024w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1536%2C864&quality=50&strip=all 1536w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=2048%2C1152&quality=50&strip=all 2048w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=1240%2C697&quality=50&strip=all 1240w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=150%2C84&quality=50&strip=all 150w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=854%2C480&quality=50&strip=all 854w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=640%2C360&quality=50&strip=all 640w, b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=444%2C250&quality=50&strip=all 444w” width=”1024″ height=”576″ sizes=”(max-width: 1024px) 100vw, 1024px”>Jedes dritte Unternehmen aus dem Bereich der kritischen Infrastruktur in Deutschland fühlt sich schlecht auf Cyberangriffe vorbereitet. CHONRI510 Shutterstock.comMehr als die Hälfte der Unternehmen in Deutschland aus Bereichen…
-
Sophisticated Celestial Stealer Targets Browsers to Steal Login Credentials
by
in SecurityNewsResearchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets. It operates as an Electron or NodeJS application, injecting code into vulnerable apps and communicating with C2 servers. The malware’s FUD status is maintained through regular updates…
-
U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CyberPanel flaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog. The getresetstatus vulnerability in CyberPanel (before commit 1c0c6cb) affects dns/views.py and ftp/views.py. Remote attackers could bypass authentication and execute…
-
SonicWall Patches 6 Vulnerabilities in Secure Access Gateway
by
in SecurityNewsSonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway. The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/sonicwall-patches-6-vulnerabilities-in-secure-access-gateway/
-
Multiple SonicWall Vulnerabilities Let Attackers Execute Remote Code
by
in SecurityNewsSonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances. These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity. SonicWall urges users to take immediate action by updating their devices to the latest firmware to mitigate these risks. These issues…
-
Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks
by
in SecurityNewsCybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution.The vulnerabilities, discovered by JFrog, are part of a broader collection of 22 security shortcomings the supply chain security company first disclosed last month.Unlike the first…
-
0patch für 0-day URL File NTLM Hash Disclosure-Schwachstelle
by
in SecurityNewsACROS Security ist auf eine bisher nicht per Update geschlossene Schwachstelle in Windows gestoßen, die per URL die Offenlegung von NTLM Hash-Werten ermöglicht. ACROS Security hat einen opatch Micropatch veröffentlicht, um diese Schwachstelle zu beseitigen. Bis zum Bereitstellen eines Updates … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/06/windows-0patch-fuer-0-day-url-file-ntlm-hash-disclosure-schwachstelle/
-
PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability
by
in SecurityNewsWatchTowr has published proof-of-concept (PoC) code for an unpatched vulnerability in the Mitel MiCollab enterprise collaboration platform. The post PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/poc-exploit-published-for-unpatched-mitel-micollab-vulnerability/
-
Django Security Update, Patch for DoS SQL Injection Vulnerability
by
in SecurityNewsThe Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in the strip_tags() method and a high-severity SQL injection risk in Oracle databases. All developers and system administrators using affected versions are strongly encouraged to update to the newly released versions to ensure…
-
Rockwell Automation Warns of Multiple Code Execution Vulnerabilities in Arena
by
in SecurityNews
Tags: advisory, automation, cyber, exploit, remote-code-execution, software, vulnerability, zero-dayRockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries looking to execute arbitrary code. With the release of updated software versions, Rockwell Automation has taken corrective action and…
-
8 biggest cybersecurity threats manufacturers face
by
in SecurityNews
Tags: access, ai, apt, attack, authentication, automation, awareness, business, china, cloud, computer, control, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, ddos, detection, email, encryption, exploit, extortion, firmware, framework, group, Hardware, india, infrastructure, intelligence, international, Internet, iot, iran, lazarus, leak, malicious, malware, monitoring, network, nis-2, north-korea, open-source, password, phishing, ransom, ransomware, regulation, risk, risk-analysis, risk-assessment, russia, service, software, strategy, supply-chain, technology, threat, update, vulnerability, windowsThe manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs.Manufacturers, often prime targets for state-sponsored malicious actors and ransomware gangs, face the difficult task of maintaining cost-effective operations while modernizing their network infrastructure.”Many manufacturing systems rely on outdated technology that lacks modern…
-
Multiple ICS Advisories Released by CISA Detailing Exploits Vulnerabilities
by
in SecurityNews
Tags: cisa, control, cyber, cybersecurity, exploit, infrastructure, programming, risk, software, switch, technology, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has released two advisories highlighting significant security vulnerabilities in Industrial Control Systems (ICS) software and hardware. These vulnerabilities, identified in AutomationDirect’s C-More EA9 Programming Software and Planet Technology’s industrial switch WGS-804HPT, could pose serious risks to critical infrastructure if exploited by attackers. AutomationDirect C-More EA9 Programming Software The…
-
Critical Vulnerability Discovered in SailPoint IdentityIQ
by
in SecurityNewsA critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers. The post Critical Vulnerability Discovered in SailPoint IdentityIQ appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/critical-vulnerability-discovered-in-sailpoint-identityiq/
-
NSFOCUS’s Coogo: An Automated Penetration Testing Tool
by
in SecurityNews
Tags: attack, cloud, container, cyber, network, open-source, penetration-testing, software, tool, vulnerabilityThe video above demonstrates an automated penetration test in a simple container escape scenario. In this video, in addition to using NSFOCUS’s open-source cloud-native cyber range software Metarget (for quickly and automatically building vulnerable cloud-native target machine environments), NSFOCUS’s own developed cloud-native attack suite Coogo is also utilized. Today, we will provide a brief introduction…The…
-
CISOs still cautious about adopting autonomous patch management solutions
by
in SecurityNews
Tags: automation, business, cisco, ciso, cloud, control, crowdstrike, cybersecurity, email, exploit, firmware, group, infosec, microsoft, open-source, regulation, risk, software, strategy, technology, update, vulnerability, windowsFailing to patch vulnerabilities keeps biting CISOs.The most recent evidence: Last month, the Five Eyes cybersecurity agencies in the US, the UK, Australia, Canada, and New Zealand reported that the top 15 vulnerabilities routinely exploited last year included one that dated back to 2020 (a Microsoft Netlogon hole); one that dated back to 2021 (in…
-
Hundred of CISCO switches impacted by bootloader flaw
by
in SecurityNewsA bootloader vulnerability in Cisco NX-OS affects 100+ switches, allowing attackers to bypass image signature checks. Cisco released security patches for a vulnerability, tracked as CVE-2024-20397 (CVSS score of 5.2), in the NX-OS software’s bootloader that could be exploited by attackers to bypass image signature verification. >>A vulnerability in the bootloader of Cisco NX-OS Software could…
-
Windows NTLM Zero-Day Vulnerability Exposes User Credentials
by
in SecurityNewsA critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal user interaction, posing a significant security risk. It impacts systems from Windows 7 and Server 2008 R2 to the latest Windows 11 (v24H2) and Server 2022. The vulnerability allows attackers…
-
Bypass Bug Revives Critical N-Day in Mitel MiCollab
by
in SecurityNewsA single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there’s a workaround. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/bypass-bug-critical-n-day-mitel-micollab
-
Why Zero-Day Attacks Bypass Traditional Firewall Security: Defending Against Zero-Day’s like Palo Alto Networks CVE-2024-0012
by
in SecurityNewsRecently, Palo Alto Networks identified and patched a critical zero-day vulnerability in their next-generation firewalls (NGFWs). This vulnerability, tracked as CVE-2024-0012, allowed attackers to execute code on vulnerable devices remotely. This vulnerability has been actively exploited in attacks dubbed “Operation Lunar Peek.” First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/why-zero-day-attacks-bypass-traditional-firewall-security-defending-against-zero-days-like-palo-alto-networks-cve-2024-0012/
-
Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert
by
in SecurityNewsNo Patch Yet Available for Second Zero Day To Be Recently Found in VoIP Software. Security researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles to evict Chinese nation-state hackers from telecom networks. The software is the MiCollab software suite from…
-
RACE Conditions in Modern Web Applications
by
in SecurityNews
Tags: vulnerabilityThe concept of a RACE condition and its potential for application vulnerabilities is nothing new. First mentioned back in the… First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/12/race-conditions-in-modern-web-applications/
-
Vulnerability Management Challenges in IoT & OT Environments
by
in SecurityNewsBy understanding the unique challenges of protecting IoT and OT devices, organizations can safeguard these critical assets against evolving cyber threats. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/vulnerability-management-challenges-iot-ot-environments