vulnerabilities Archives - Page 15 of 63

Exploitation of Recent Chrome Zero-Day Linked to Israeli Spyware Company

Issued by: Security Week

Google was informed about the vulnerability and attacks exploiting it on July 1 by cybersecurity company Avast, which observed it being used against its customers in the Middle East as part of what appeared to be highly targeted operations. The vulnerability is tracked as CVE-2022-2294 and it has been described as a heap buffer overflow…

Vulnerabilities

Microsoft fixes exploited zero-day in Windows CSRSS (CVE-2022-22047)

Issued by: Help Net Security

The July 2022 Patch Tuesday is upon us and has brought fixes for 84 CVEs in various Microsoft products, including an actively exploited zero-day: CVE-2022-22047, an elevation of privilege bug in Windows’ Client/Server Runtime Subsystem (CSRSS). “An attacker who successfully exploited this vulnerability could gain SYSTEM privileges,” Microsoft noted, but the attacker must first gain…

Vulnerabilities

Emergency Chrome 103 Update Patches Actively Exploited Vulnerability

Issued by: Security Week

The flaw, tracked as CVE-2022-2294, has been described as a heap buffer overflow in WebRTC. The security hole was reported to Google by a member of the Avast Threat Intelligence team on July 1. The zero-day has been patched with the release of Chrome 103.0.5060.114 for Windows. No information has been made available about the…

Network Security

NXM Announces Platform That Protects Space Infrastructure and IoT Devices From Cyberattacks

Issued by: Dark Reading

NXM Labs, Inc., a leader in advanced cybersecurity software for connected devices, today unveiled its NXM Autonomous Security(TM) platform that prevents hackers from gaining unauthorized access to commercial, industrial, medical, or consumer internet of things (IoT) devices. Tested in collaboration with the Jet Propulsion Laboratory (JPL), California Institute of Technology (Caltech), NXM successfully demonstrated the…

Vulnerabilities

Exchange Servers Backdoored Globally by SessionManager

Issued by: Dark Reading

Attackers once focused on exploiting ProxyLogon Microsoft Exchange server vulnerabilities have made a pivot to the new SessionManager backdoor, which can be used to gain persistent, undetected access to emails — and even take over the target organization’s infrastructure. Researchers from Kaspersky today report the emergence of SessionManager, which they say is part of a…

Vulnerabilities

MITRE Publishes 2022 List of 25 Most Dangerous Vulnerabilities

Issued by: Security Week

The 2022 CWE Top 25 Most Dangerous Software Weaknesses list contains the most common and impactful weaknesses, and is based on the analysis of nearly 38,000 CVE records from the previous two years. Out-of-bounds write and cross-site scripting (XSS) remain the two most dangerous vulnerabilities. Some of the most significant changes include race conditions moving…

Vulnerabilities

Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware

Issued by: Trend Micro Blog

Trend Micro Research recently analyzed several cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. After investigating the chain of events, we found that many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with…

Application Security

Credential Sharing as a Service: The Hidden Risk of Low-Code/No-Code

Issued by: Dark Reading

According to the “2022 Verizon Data Breach Investigations Report,” stolen credentials were the top path leading to data breaches. More often than phishing or exploiting vulnerabilities, attackers gain direct access to credentials, letting them virtually walk into victim organizations using the front door. Low-code/no-code platforms make it extremely easy for users to share their credentials…

Vulnerabilities

Windows Updates Patch Actively Exploited ‘Follina’ Vulnerability

Issued by: Security Week

The Follina vulnerability can and has been exploited for remote code execution using specially crafted documents. The root cause of the vulnerability has been known for at least a couple of years, but Microsoft appears to have largely ignored the issue until a researcher saw it being exploited in May. The first attacks leveraging Follina…

Malware & Threats

Emotet Banking Trojan Resurfaces, Skating Past Email Security

Issued by: Dark Reading

Malware botnet Emotet has resurfaced in a more advanced form after having been taken down by joint international task force in January 2021. A prolific threat throughout the pandemic, the Emotet malware began as a banking trojan in 2014, and its operators were one of the first criminal groups to provide malware-as-a-service (MaaS). While it…