A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its discoverer, still exploitable. What’s more, it is already being leveraged by malware developers. About the flaw and the exploit Abdelhamid Naceri, who reported the flaw through the Trend Micro Zero Day…

The existence of a critical RCE vulnerability (CVE-2021-3064) affecting certain versions of Palo Alto Networks (PAN) firewalls using the GlobalProtect Portal VPN has been revealed by a cybersecurity company that exploited it during red team engagements for the last 12 months. The vulnerability has been patched, but since there are still over 10,000 vulnerable internet-facing…

Attackers are actively exploiting an “old” vulnerability (CVE-2021-22205) to take over on-premise GitLab servers, Rapid7 researcher Jacob Baines warns. The additional bad news is that at least half of the 60,000 internet-facing GitLab installations the company detects are not patched against this issue. What are the attackers doing with these servers? Damian Menscher, a security…

Researchers have unearthed 11 vulnerabilities affecting Nagios XI, a widely used enterprise IT infrastructure/network monitoring solution, some of which can be chained to allow remote code execution with root privileges on the underlying system. Attackers are likely to try to exploit vulnerabilities in network management systems like Nagios because their oversee critical network components and…

On Friday, security researcher RyotaK published information on three vulnerabilities in PyPI, one of which could potentially lead to the compromise of the entire PyPI ecosystem. Python Package Index (PyPI) is the official third-party software repository for the Python programming language, with some package managers using it as the default source for packages and dependencies….

Tracked as CVE-2021-22893, the vulnerability was made public in late April, after security researchers discovered that threat actors had already been exploiting it in attacks targeting organizations in the defense, financial, government, high tech, and transportation sectors in the U.S. and Europe. At the time, FireEye revealed that at least two Chinese threat actors believed…

A cybersecurity attack targeted a vulnerability in Accellion, a third-party vendor that is used to securely transfer files, the university said in a statement Wednesday. “We understand those behind this attack have published online screenshots of personal information, and we will notify members of the UC community if we believe their data was leaked in…

Tufin released the Vulnerability-Based Change Automation App (VCA). The new app expands Tufin’s vulnerability management capabilities with automated vulnerability checks prior to approving network access changes. When combined with the Vulnerability Mitigation App (VMA), Tufin delivers a vulnerability management solution that allows customers to maintain additional control over their attack surface when making network changes….

Apple has release a new batch of security updates and has fixed three iOS zero-days that “may have been actively exploited” by attackers. The three zero-days Two of the zero-day vulnerabilities (CVE-2021-1870 and CVE-2021-1871) are logic issues affecting the WebKit browser engine, which may allow a remote attacker to achieve code execution on devices running…

Bugs in several messaging/video chat mobile apps allowed attackers to spy on targeted users’s surroundings. The vulnerabilities – in Signal, Google Duo, Facebook Messenger, JioChat, and Mocha – could be triggered by simply placing a call to the target’s device – no other action was needed. Searching for bugs in video chat apps In early…