Tag: vulnerability
-
ProjectSend Authentication Vulnerability Exploited in the Wild
by
in SecurityNewsProjectSend, an open-source file-sharing web application, has become a target of active exploitation following the recent assignment of CVE-2024-11680 on November 25, 2024. Despite the availability of a patch for more than a year, adoption rates remain alarmingly low, leaving many instances vulnerable to attack. ProjectSend Authentication Vulnerability ProjectSend is moderately popular, with nearly 1,500…
-
Breaking Boundaries: Investigating Vulnerable Drivers and Mitigating Risks
by
in SecurityNewsesearch by:Jiri Vinopal Have you ever wondered why there are so many vulnerable drivers and what might be causing them to be vulnerable? Do you want t… First seen on research.checkpoint.com Jump to article: research.checkpoint.com/2024/breaking-boundaries-investigating-vulnerable-drivers-and-mitigating-risks/
-
ProjectSend Vulnerability Exploited in the Wild
by
in SecurityNewsVulnCheck warns of widespread exploitation of a year-and-a-half-old ProjectSend vulnerability for which multiple public exploits exist. The post ProjectSend Vulnerability Exploited in the Wild appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/projectsend-vulnerability-exploited-in-the-wild/
-
APT60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor
by
in CISOThe threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor.That’s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August…
-
Apple M-1, M-2 Chips Vulnerable to GoFetch Attack, Encryption Keys Exposed
by
in SecurityNewsResearchers unearthed a significant vulnerability lurking within Apple’s M-1 and M-2 chips, potentially exposing a chink in the armor of the tech gian… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/gofetch-attack-apple-m1-m2-chips/
-
Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled
by
in SecurityNewsA Russia-aligned hacking group, known as RomCom (also identified as Storm-0978, Tropical Scorpius, or UNC2596), has successfully exploited two zero-day vulnerabilities”, one in Mozilla Firefox and another in Microsoft Windows Task Scheduler. These vulnerabilities, identified as CVE-2024-9680 and CVE-2024-49039, were chained together to allow the group to execute arbitrary code and install malicious backdoors on…
-
Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows
by
in SecurityNewsRussia-backed hackers, known as RomCom, have exploited critical zero-day vulnerabilities in Mozilla Firefox and Windows to launch targeted attacks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/romcom-apt-zeroday-flaws-firefox/
-
New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products
by
in SecurityNewsPalo Alto Networks and SonicWall VPNs affected by vulnerabilities allowing remote code execution and privilege escalation. The post New VPN Attack Demonstrated Against Palo Alto Networks, SonicWall Products appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/new-vpn-attack-demonstrated-against-palo-alto-networks-sonicwall-products/
-
How DSPM Helps Businesses Meet Compliance Requirements
by
in SecurityNews
Tags: compliance, cybersecurity, data, finance, government, healthcare, regulation, risk, vulnerabilityData Security Posture Management (DSPM) helps monitor, secure, and ensure compliance for sensitive data, reducing risks across diverse environments. Complying with cybersecurity regulations can be a source of great pain for organizations, especially those that handle and store particularly valuable and vulnerable information. Organizations in sectors like healthcare, finance, legal, and government often process vast…
-
NVIDIA UFM Vulnerability Leads to Privilege Escalation Data Tampering
by
in SecurityNewsNVIDIA has released a critical security update addressing a significant vulnerability in its Unified Fabric Manager (UFM) products. This flaw, identified as CVE-2024-0130, poses a high-severity risk to users, with a CVSS v3.1 base score of 8.8. The vulnerability could allow attackers to escalate privileges, tamper with data, and even compromise system availability. Analyze cyber threats with…
-
Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America
by
in SecurityNewsThe Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America. Russian-based cybercrime group RomCom (aka UAT-5647, Storm-0978, Tropical Scorpius, UAC-0180, UNC2596) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The first zero-day exploited by the Russian group, is a use-after-free…
-
Critical Gitlab Vulnerability Let Attackers Escalate Privileges
by
in SecurityNewsGitLab, a widely used platform for DevOps lifecycle management, has released critical security updates for its Community Edition (CE) and Enterprise Edition (EE). The updates address multiple vulnerabilities, including a high-severity issue that could allow attackers to escalate privileges via compromised tokens. The company strongly advises all self-managed GitLab installations to upgrade immediately to the…
-
Veritas Enterprise Vault – Noch kein Patch für kritische Veritas-Schwachstellen
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/sicherheitsluecken-veritas-enterprise-vault-massnahmen-workaround-a-c3c87bfb450fffb2d92b685568b181bb/
-
Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign
by
in SecurityNewsA threat actor named Matrix has been linked to a widespread distributed denial-of-service (DoD) campaign that leverages vulnerabilities and misconfigurations in Internet of Things (IoT) devices to co-opt them into a disruptive botnet.”This operation serves as a comprehensive one-stop shop for scanning, exploiting vulnerabilities, deploying malware, and setting up shop kits, showcasing a First seen…
-
RomCom Exploits Zero-Days in Firefox (CVE-2024-9680) Windows (CVE-2024-49039) with No User Interaction
by
in SecurityNews
Tags: attack, browser, cybersecurity, exploit, microsoft, russia, threat, vulnerability, windows, zero-dayIn a recent cybersecurity report, ESET researchers have unveiled a coordinated attack by the Russia-aligned threat actor RomCom, exploiting zero-day vulnerabilities in both Mozilla Firefox and Microsoft Windows. These vulnerabilities”, previously... First seen on securityonline.info Jump to article: securityonline.info/romcom-exploits-zero-days-in-firefox-cve-2024-9680-windows-cve-2024-49039-with-no-user-interaction/
-
Russian Hackers Target Mozilla, Windows in New Exploit Chain
by
in SecurityNewsESET Discovers Two Major Vulnerabilities Exploited by Russian RomCom Hacking Group. Two vulnerabilities in Mozilla products and Windows are actively exploited by RomCom, a Kremlin-linked cybercriminal group known for targeting businesses and conducting espionage, warn security researchers from Eset. Exploiting the two flaws together enables attackers to execute arbitrary code. First seen on govinfosecurity.com Jump…
-
Why you should stay “professionally detached” from the vulns you find
by
in SecurityNews
Tags: vulnerabilityLearn how to stay professionally detached from the vulnerabilities you discover and disclose as part of your security research. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/why-you-should-stay-professionally-detached-from-the-vulns-you-find/
-
New NachoVPN attack uses rogue VPN servers to install malicious updates
by
in SecurityNewsA set of vulnerabilities dubbed “NachoVPN” allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-nachovpn-attack-uses-rogue-vpn-servers-to-install-malicious-updates/
-
‘RomCom’ APT Mounts Zero-Day, Zero-Click Browser Escapes in Firefox, Tor
by
in SecurityNewsThe innocuously named Russian-sponsored cyber threat actor has combined critical and serious vulnerabilities in Windows and Firefox products in a zero-click code execution exploit. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/romcom-apt-zero-day-zero-click-browser-escapes-firefox-tor
-
Russian hackers exploit Firefox, Windows zero-days in wild
by
in SecurityNewsRomCom threat actors chain two Firefox and Windows zero-day vulnerabilities together in order to execute arbitrary code in vulnerable Mozilla browsers. First seen on Jump to article: /www.techtarget.com/searchsecurity/news/366616460/Russian-hackers-exploit-Firefox-Windows-zero-days-in-wild
-
Russia-linked hackers exploited Firefox and Windows bugs in ‘widespread’ hacking campaign
by
in SecurityNewsThe Russia-aligned RomCom gang exploited the vulnerabilities to target hundreds of Firefox users across Europe and North America. First seen on techcrunch.com Jump to article: techcrunch.com/2024/11/26/russia-linked-hackers-exploited-firefox-and-windows-zero-day-bugs-in-widespread-hacking-campaign/
-
Several QNAP vulnerabilities addressed
by
in SecurityNews
Tags: vulnerabilityFirst seen on scworld.com Jump to article: www.scworld.com/brief/several-qnap-vulnerabilities-addressed
-
RomCom Hackers Exploits Windows Firefox Zero-Day in Advanced Cyberattacks
by
in SecurityNewsIn a new wave of cyberattacks, the Russia-aligned hacking group >>RomCom>The compromise chain is composed of a […] The post RomCom Hackers Exploits Windows & Firefox Zero-Day in Advanced Cyberattacks appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform. First seen on gbhackers.com Jump to article: gbhackers.com/romcom-hackers-exploits-windows-firefox-zero-day/
-
Chinese APT Hackers Using Multiple Tools And Vulnerabilities To Attack Telecom Orgs
by
in SecurityNews
Tags: apt, attack, backdoor, china, control, cyber, exploit, government, group, hacker, infrastructure, rat, tool, vulnerabilityEarth Estries, a Chinese APT group, has been actively targeting critical sectors like telecommunications and government entities since 2023. They employ advanced techniques, including exploiting vulnerabilities, lateral movement, and deploying multiple backdoors like GHOSTSPIDER, SNAPPYBEE, and MASOL RAT, which have impacted Southeast Asia significantly. The group makes use of a sophisticated command and control infrastructure…
-
CyCognito Report Highlights Rising Cybersecurity Risks in Holiday E-Commerce
by
in SecurityNewsFindings reveal growing cybersecurity risks in ecommerce, exposing vulnerabilities in PII handling and lack of basic security protections like HTTPS and WAFs First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cycognito-report-highlights-rising-cybersecurity-risks-holiday-e-commerce
-
Researchers reveal exploitable flaws in corporate VPN clients
by
in SecurityNewsResearchers have discovered vulnerabilities in the update process of Palo Alto Networks (CVE-2024-5921) and SonicWall (CVE-2024-29014) corporate VPN clients that could be … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/26/vulnerabilities-corporate-vpn-clients-cve-2024-5921-cve-2024-29014/
-
Vulnerability Recap 11/4/24 Fourteen-Year Bug Finally Gets Patched
by
in SecurityNews
Tags: vulnerabilityFirst seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/vulnerability-recap-november-4-2024/
-
VMware Patches High-Severity Vulnerabilities in Aria Operations
by
in SecurityNewsThe company warns that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks. The post VMware Patches High-Severity Vulnerabilities in Aria Operations appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/vmware-patches-high-severity-vulnerabilities-in-aria-operations/
-
IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR
by
in SecurityNewsIBM has released patches for two high-severity remote code execution vulnerabilities in Data Virtualization Manager and Security SOAR. The post IBM Patches RCE Vulnerabilities in Data Virtualization Manager, Security SOAR appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ibm-patches-rce-vulnerabilities-in-data-virtualization-manager-security-soar/