vulnerability Archives - Page 10 of 24

DoS Vulnerability Allows Easy Envoy Proxy Crashes

Issued by: Dark Reading

Researchers have discovered a denial-of-service (DoS) vulnerability in Envoy Proxy, which gives attackers the opportunity to crash the proxy server. This could lead to performance degradation or unavailability of resources handled by the proxy, according to JFrog Security Research, which disclosed the vulnerability (CVE-2022-29225). Envoy is a widely used open source edge and service proxy…

Vulnerabilities

Critical Zyxel Firewall Bug Under Active Attack After PoC Exploit Debut

Issued by: Dark Reading

Zyxel firewalls are under active cyberattack after a critical security vulnerability was disclosed last week that could allow unauthenticated, remote arbitrary code execution. The bug (CVE-2022-30525, CVSS 9.8) was silently patched in April, but no public disclosure was made until last Thursday, May 12, when Rapid7 released a technical report on the issue. It also…

Vulnerabilities

Microsoft Patches Critical Exchange Server Flaw

Issued by: Dark Reading

Microsoft today issued security updates for 71 software vulnerabilities, three of which were critical and one that has a known proof-of-concept available in the public domain. Among the most notable flaws fixed today by Microsoft are: CVE-2022-23277 Microsoft Exchange Server Remote Code Execution Vulnerability This is a critical bug that could allow an attacker who…

Vulnerabilities

Log4j and the Role of SBOMs in Reducing Software Security Risk

Issued by: Dark Reading

Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can range from fairly simple exploits of known vulnerabilities to very sophisticated attacks, sponsored by nation-state actors. The annual spending on enterprise software — also known as commercial off-the-shelf or…

Vulnerabilities

Log4j: Getting From Stopgap Remedies to Long-Term Solutions

Issued by: Dark Reading

While the worst of Log4Shell may be behind us and much work remains, let’s say “Well done” to the security engineers and managers who labored in the trenches in recent weeks. But if you thought the Log4j vulnerability was last year’s problem, think again. In 2022, this vulnerability will require care and attention to fully…

Vulnerabilities

Log4Shell is a dumpster fire that should have been avoided

Issued by: Help Net Security

On Thursday, December 9, 2021, my young, Minecraft-addicted kids were still completely oblivious of the Log4j vulnerabilities in their favorite game. Then again, so was every cybersecurity professional in the world. That all changed when the Apache Log4j project announced CVE-2021-44228 (aka Log4Shell) – a zero-day vulnerability in Log4j’s standardized method of handling log files…

Malware & Threats

When Threat Research Goes Wrong: Spectacular Screwups and What to Learn from Them

Issued by: CyberArk Blog

Threat researchers on the cutting edge of cybersecurity have a certain kind of drive — almost a relentless need — to get into the attacker’s mind, solve the “unsolvable” challenge and expose emerging attack techniques. So, it’s not every day these elite researchers come together to share the secrets to their success, and it’s even…

Vulnerabilities

After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)

Issued by: Help Net Security

A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged by malware developers. About the flaw and the exploit Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day…

Vulnerabilities

Critical RCE in Palo Alto Networks (PAN) firewalls revealed, patch ASAP! (CVE-2021-3064)

Issued by: Help Net Security

The existence of a critical RCE vulnerability (CVE-2021-3064) affecting certain versions of Palo Alto Networks (PAN) firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing…

Malware & Threats

Tens of thousands unpatched GitLab servers under attack via CVE-2021-22205

Issued by: Help Net Security

Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…