vulnerabilities

Network Security

Issued by: Security Week

Due to the COVID-19 pandemic, the competition has been turned into a virtual event and Pwn2Own Tokyo is actually coordinated by Trend Micro’s ZDI from Toronto, Canada, with participants demonstrating their exploits remotely. Organizers have offered significant prizes for exploits targeting a wide range of mobile and IoT devices, but participants have only focused on…

Network Security

Issued by: Security Week

Dubbed NAT Slipstreaming, the attack can be triggered when the victim visits a specially crafted website, exploiting the browser and Application Level Gateway (ALG), a connection tracking mechanism present in firewalls, NATs, and routers. According to the researcher, the attack chains “internal IP extraction via timing attack or WebRTC, automated remote MTU and IP fragmentation…

Malware & Threats

Issued by: Security Week

The warning comes roughly one week after the United States revealed that the same adversary targeted Democratic voters in multiple states with emails seeking to intimidate them into voting for President Donald Trump. In the previous alert, CISA and the FBI noted that the Iranian hackers targeted known vulnerabilities in virtual private network (VPN) products…

Network Security

Issued by: CSO

In October 2020, Microsoft patched a set of vulnerabilities that included critical networking bugs CVE-2020-16898 and CVE-2020-16899. Known as “Bad Neighbor” or “Ping of Death Redux,” these flaws lurk in the TCP/IP networking implementation in Windows in how incoming ICMPv6 packets are handled under certain conditions. Both CVE-2020-16898 and CVE-2020-16899 represent the Bad Neighbor vulnerability,…

Software Security

Issued by: Security Week

The Chinese software company’s tools allow users to create and edit PDF files, as well as secure them when necessary. Foxit also offers products under a freemium licensing model. Last week, the company released security updates for both Foxit PhantomPDF Mac and Foxit Reader Mac, to address a vulnerability that could result in code injection…

Vulnerabilities

Issued by: Security Week

Also known as Seedworm, MERCURY, and Static Kitten, and initially analyzed in 2017, MuddyWater is mainly focused on organizations in the Middle East and regions nearby. Highly active, the group was observed expanding its target list and leveraging a broad and varied toolset. Although further details on the threat actor’s operations emerged last year (after…

Software Security

Issued by: Security Week

Addressed on August 2020 Patch Tuesday, the flaw was identified in the Microsoft Windows Netlogon Remote Protocol (MS-NRPC) and can be abused by remote attackers to compromise Active Directory domain controllers and gain administrator access. To exploit the flaw, which is tracked as CVE-2020-1472, an unauthenticated attacker would need to run a specially crafted application…

Vulnerabilities

Issued by: Security Week

WordPress ‘File Manager’ Plugin Patches Critical Zero-Day Exploited in Attacks

Designed to provide WordPress site admins with copy/paste, edit, delete, download/upload, and archive functionality for both files and folders, File Manager has over 700,000 active installs. Assessed with a CVSS score of 10, the recently identified critical security flaw could have allowed an attacker to upload files and execute code remotely on an affected site,…