exploit

Vulnerabilities

Issued by: Help Net Security

Attackers are leveraging two zero-day vulnerabilities (CVE-2022-41040, CVE-2022-41082) to breach Microsoft Exchange servers. News of the attacks broke on Wednesday, when researchers with Vietnamese cybersecurity company GTSC released a warning saying that, “while providing SOC service to a customer, GTSC Blueteam detected exploit requests in IIS logs with the same format as ProxyShell vulnerability.” About…

Vulnerabilities

Issued by: Help Net Security

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged by malware developers. About the flaw and the exploit Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day…

Vulnerabilities

Issued by: Help Net Security

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…

Vulnerabilities

Issued by: Help Net Security

Despite lower number of vulnerability disclosures, security teams have their work cut out for them

The number of vulnerabilities disclosed in Q1 2020 has decreased by 19.8% compared to Q1 2019, making this likely the only true dip observed within the last 10 years, Risk Based Security reveals. Vulnerabilities disclosed in Q1 2020: What happened? Many factors have been identified as potential contributors to this decline, including the COVID-19 pandemic,…

Vulnerabilities

Issued by: Help Net Security

For the third time in a year, Google has fixed a Chrome zero-day (CVE-2020-6418) that is being actively exploited by attackers in the wild. About CVE-2020-6418 No details have been shared about the attacks and about the flaw itself, apart from the short description that says it’s a type confusion flaw in V8, the JavaScript…

Network Security

Issued by: Help Net Security

Attackers disrupt business operations through stealthy crypto mining

WannaMine, a Monero-mining worm discovered last October, is increasingly wreaking havoc on corporate computers. Either by slowing down computers or by crashing systems and applications, the crypto mining worm is, according to CrowdStrike researchers, seriously affecting business operations and rendering some companies unable to operate for days and even weeks.

Application Security

Issued by: Security Week

Facebook Flaw Allowed Removal of Any Photo

A researcher says he received a $10,000 bounty from Facebook after finding a critical vulnerability that could have been exploited to delete any photo from the social media network. In early November, Facebook announced a new feature for posting polls that include images and GIF animations. Iran-based security researcher and web developer Pouya Darabi analyzed…

Software Security

Issued by: Security Week

Iranian Hackers Target Aerospace, Energy Companies

A cyber espionage group linked by security researchers to the Iranian government has been observed targeting aerospace and energy organizations in the United States, Saudi Arabia and South Korea. The threat actor, tracked by FireEye as APT33, is believed to have been around since at least 2013. Since mid-2016, the security firm has spotted attacks…

Vulnerabilities

Issued by: Help Net Security

Equifax attackers got in through an Apache Struts flaw?

Have the attackers responsible for the Equifax data breach exploited a vulnerability in Apache Struts, a popular open source framework for developing web applications, to compromise the company’s networks? Equifax has yet to share more details about how the attack was pulled off, but a report by financial services firm Robert W. Baird & Co….