Found 31 bookmarks
Custom sorting
Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface
Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface
On 18 November 2024, Palo Alto Networks issued a security advisory for an authentication bypass vulnerability in the PAN-OS management web interface. The vulnerability is tracked under CVE-2024-0012 [1] and has a CVSS score for this is 9.3 [2]. The vulnerability allows an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges. As the Northwave CERT has already observed mass exploitation by multiple threat actors, we urge all recipients to implement mitigation measures and patch their systems.
#northwave-cybersecurity#EN#2024#Critical#Authentication#Bypass#CVE-2024-0012
·northwave-cybersecurity.com·
Threat Response - Critical Authentication Bypass in PAN-OS Management Web Interface
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
I found a zero-click vulnerability in macOS Calendar, which allows an attacker to add or delete arbitrary files inside the Calendar sandbox environment. This could lead to many bad things including malicious code execution which can be combined with security protection evasion with Photos to compromise users’ sensitive Photos iCloud Photos data. Apple has fixed all of the vulnerabilities between October 2022 and September 2023.
#mikko-kenttala#EN#2024#Critical#zero-click#macos#vulnerability
·mikko-kenttala.medium.com·
Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS
Russian Military Cyber Actors Target US and Global Critical Infrastructure
Russian Military Cyber Actors Target US and Global Critical Infrastructure
The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020. GRU Unit 29155 cyber actors began deploying the destructive WhisperGate malware against multiple Ukrainian victim organizations as early as January 13, 2022. These cyber actors are separate from other known and more established GRU-affiliated cyber groups, such as Unit 26165 and Unit 74455.
#cisa#EN#2024#FBI#CISA#GRU#Global#Critical#Infrastructure#Unit29155#GRU-affiliated
·cisa.gov·
Russian Military Cyber Actors Target US and Global Critical Infrastructure
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthorized attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.
#checkpoint#EN#2023#analysis#RCE#Queuejumper#CVE-2023-21554#MSMQ#Service#Critical#PatchTuesday
·research.checkpoint.com·
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC to attend a cybersecurity conference and (try) to take a break from our usual computer work. While we were visiting the University of Maryland, we came across a fleet of electric scooters scattered across the campus and couldn't resist poking at the scooter's mobile app. To our surprise, our actions caused the horns and headlights on all of the scooters to turn on and stay on for 15 minutes straight. When everything eventually settled down, we sent a report over to the scooter manufacturer and became super interested in trying to more ways to make more things honk. We brainstormed for a while, and then realized that nearly every automobile manufactured in the last 5 years had nearly identical functionality. If an attacker were able to find vulnerabilities in the API endpoints that vehicle telematics systems used, they could honk the horn, flash the lights, remotely track, lock/unlock, and start/stop vehicles, completely remotely.
#samcurry#EN#2023#Auto#Industry#Critical#Vulnerabilities#BMW#Rolls#Royce#Porsche#car-hacking#API
·samcurry.net·
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
Vulnerability Analysis - CVE-2022-1388
Vulnerability Analysis - CVE-2022-1388
CVE-2022-1388 is a critical vulnerability (CVSS 9.8) in the management interface of F5 Networks’ BIG-IP solution that enables an unauthenticated attacker to gain remote code execution on the system through bypassing F5’s iControl REST authentication. The vulnerability was first discovered by F5’s internal product security team and disclosed publicly on May 4, 2022.
#CVE-2022-1388#randori#EN#2022#critical#vulnerability#F5#BIG-IP#RCE
·randori.com·
Vulnerability Analysis - CVE-2022-1388
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Check Point Research recently discovered three vulnerabilities in the “Microsoft Message Queuing” service, commonly known as MSMQ. These vulnerabilities were disclosed to Microsoft and patched in the April Patch Tuesday update. The most severe of these, dubbed QueueJumper by CPR (CVE-2023-21554), is a critical vulnerability that could allow unauthorized attackers to remotely execute arbitrary code in the context of the Windows service process mqsvc.exe.
#checkpoint#EN#2023#analysis#RCE#Queuejumper#CVE-2023-21554#MSMQ#Service#Critical#PatchTuesday
·research.checkpoint.com·
Queuejumper: Critical Unauthorized RCE Vulnerability In MSMQ Service
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
During the fall of 2022, a few friends and I took a road trip from Chicago, IL to Washington, DC to attend a cybersecurity conference and (try) to take a break from our usual computer work. While we were visiting the University of Maryland, we came across a fleet of electric scooters scattered across the campus and couldn't resist poking at the scooter's mobile app. To our surprise, our actions caused the horns and headlights on all of the scooters to turn on and stay on for 15 minutes straight. When everything eventually settled down, we sent a report over to the scooter manufacturer and became super interested in trying to more ways to make more things honk. We brainstormed for a while, and then realized that nearly every automobile manufactured in the last 5 years had nearly identical functionality. If an attacker were able to find vulnerabilities in the API endpoints that vehicle telematics systems used, they could honk the horn, flash the lights, remotely track, lock/unlock, and start/stop vehicles, completely remotely.
#samcurry#EN#2023#Auto#Industry#Critical#Vulnerabilities#BMW#Rolls#Royce#Porsche#car-hacking#API
·samcurry.net·
Web Hackers vs. The Auto Industry: Critical Vulnerabilities in Ferrari, BMW, Rolls Royce, Porsche, and More
Vulnerability Analysis - CVE-2022-1388
Vulnerability Analysis - CVE-2022-1388
CVE-2022-1388 is a critical vulnerability (CVSS 9.8) in the management interface of F5 Networks’ BIG-IP solution that enables an unauthenticated attacker to gain remote code execution on the system through bypassing F5’s iControl REST authentication. The vulnerability was first discovered by F5’s internal product security team and disclosed publicly on May 4, 2022.
#CVE-2022-1388#randori#EN#2022#critical#vulnerability#F5#BIG-IP#RCE
·randori.com·
Vulnerability Analysis - CVE-2022-1388
Vulnerability Analysis - CVE-2022-1388
Vulnerability Analysis - CVE-2022-1388
CVE-2022-1388 is a critical vulnerability (CVSS 9.8) in the management interface of F5 Networks’ BIG-IP solution that enables an unauthenticated attacker to gain remote code execution on the system through bypassing F5’s iControl REST authentication. The vulnerability was first discovered by F5’s internal product security team and disclosed publicly on May 4, 2022.
#CVE-2022-1388#randori#EN#2022#critical#vulnerability#F5#BIG-IP#RCE
·randori.com·
Vulnerability Analysis - CVE-2022-1388