Found 103 bookmarks
Custom sorting
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog
The Qualys Threat Research Unit (TRU) has identified five Local Privilege Escalation (LPE) vulnerabilities within the needrestart component, which is installed by default on Ubuntu Server. These vulnerabilities can be exploited by any unprivileged user to gain full root access without requiring user interaction. The identified flaws have been assigned the CVE identifiers CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, CVE-2024-10224, and CVE-2024-11003, highlighting the need for immediate remediation to protect system integrity. Our TRU team has successfully developed functional exploits for these vulnerabilities. While we will not disclose our exploits, please be aware that these vulnerabilities are easily exploitable, and other researchers may release working exploits shortly following this coordinated disclosure. These vulnerabilities have been present since the introduction of interpreter support in needrestart version 0.8, released in April 2014.
#qualys#EN#2024#TRU#LPE#vulnerabilities#UbuntuServer#CVE-2024-48990#CVE-2024-48991#CVE-2024-48992#CVE-2024-10224
·blog.qualys.com·
Qualys TRU Uncovers Five Local Privilege Escalation Vulnerabilities in needrestart | Qualys Security Blog
2023 Top Routinely Exploited Vulnerabilities | CISA
2023 Top Routinely Exploited Vulnerabilities | CISA
In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets. In 2023, the majority of the most frequently exploited vulnerabilities were initially exploited as a zero-day, which is an increase from 2022, when less than half of the top exploited vulnerabilities were exploited as a zero-day. Malicious cyber actors continue to have the most success exploiting vulnerabilities within two years after public disclosure of the vulnerability. The utility of these vulnerabilities declines over time as more systems are patched or replaced. Malicious cyber actors find less utility from zero-day exploits when international cybersecurity efforts reduce the lifespan of zero-day vulnerabilities.
#cisa#EN#2024#zero-day#vulnerabilities#2023#Routinely-Exploited
·cisa.gov·
2023 Top Routinely Exploited Vulnerabilities | CISA
Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE
Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE
  • In collaboration with renowned security researcher Orange Tsai and DEVCORE, Akamai researchers have issued early-release remediations to Apache CVEs for our Akamai App & API Protector customers. Tsai presented his research at Black Hat USA 2024 and outlined the details for many Apache HTTP Server (httpd) vulnerabilities that were recently patched. Before his Black Hat presentation, the Akamai Security Intelligence Group (SIG) proactively contacted Tsai to facilitate the sharing of technique details for proactive defense for our customers. * App & API Protector customers who are in automatic mode have existing and updated protections.
#akamai#OrangeTsai#EN#2024#DEVCORE#vulnerabilities#Apache#httpd#CVE-2024-38475#CVE-2024-38472#CVE-2024-39573#CVE-2024-38477
·akamai.com·
Improving Apache httpd Protections Proactively with Orange Tsai of DEVCORE
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
Microsoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise, and unauthorized access to sensitive information.
#microsoft#EN#2024#OpenVPN#vulnerabilities#discovered#RCE#CVE-2024-27459#CVE-2024-27903
·microsoft.com·
Chained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPE | Microsoft Security Blog
SwRI evaluates cybersecurity risks associated with EV fast-charging equipment | Southwest Research Institute
SwRI evaluates cybersecurity risks associated with EV fast-charging equipment | Southwest Research Institute
Engineers at Southwest Research Institute have identified cybersecurity vulnerabilities with electric vehicles (EVs) using direct current fast-charging systems, the quickest, commonly used way to charge electric vehicles. The high-voltage technology relies on power line communication (PLC) technology to transmit smart-grid data between vehicles and charging equipment. In a laboratory, the SwRI team exploited vulnerabilities in the PLC layer, gaining access to network keys and digital addresses on both the charger and the vehicle.
#swri#EN#2024#electric#vehicles#vulnerabilities#PLC#charging#equipment
·swri.org·
SwRI evaluates cybersecurity risks associated with EV fast-charging equipment | Southwest Research Institute
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Researchers have discovered several vulnerabilities in popular WordPress plugins that allow attackers to create rogue admin accounts. #attacks #breach #computer #cyber #data #hack #hacker #hacking #how #information #malware #network #news #ransomware #security #software #the #to #today #updates #vulnerability
#thehackernews#EN#2024#WordPress#Plugin#Vulnerabilities
·thehackernews.com·
Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities
Big Vulnerabilities in Next-Gen BIG-IP
Big Vulnerabilities in Next-Gen BIG-IP
Our ongoing research has identified remotely exploitable vulnerabilities in F5’s Next Central Manager that can give attackers full administrative control of the device, and subsequently allow attackers to create accounts on any F5 assets managed by the Next Central Manager. These attacker-controlled accounts would not be visible from the Next Central Manager itself, enabling ongoing malicious persistence within the environment. At the time of writing, we have not seen any indication that these vulnerabilities have been exploited in the wild.
#eclypsium#EN#2024#BIG-IP#vulnerabilities#CVE-2024-21793#CVE-2024-26026
·eclypsium.com·
Big Vulnerabilities in Next-Gen BIG-IP
Chinese Keyboard App Vulnerabilities Explained
Chinese Keyboard App Vulnerabilities Explained
We analyzed third-party keyboard apps Tencent QQ, Baidu, and iFlytek, on the Android, iOS, and Windows platforms. Along with Tencent Sogou, they comprise over 95% of the market share for third-party keyboard apps in China. This is an FAQ for the full report titled "The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers."
#citizenlab#EN#2024#Chinese#Keyboard#App#Vulnerabilities#Tencent#Baidu#Android#iOS
·citizenlab.ca·
Chinese Keyboard App Vulnerabilities Explained
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
Vulnerabilities Year-in-Review: 2023
Vulnerabilities Year-in-Review: 2023
In 2023, threat actors continued to exploit a variety of vulnerabilities — both newly discovered weaknesses and unresolved issues — to carry out sophisticated attacks on global organizations. The number of documented software vulnerabilities continued to rise, and threat actors were quick to capitalize on new vulnerabilities and leverage recent releases of publicly available vulnerability research and exploit code to target entities. However, while there was a high number of vulnerabilities released in the reporting period, only a handful actually were weaponized in attacks. The ones of most interest are those that threat actors use for exploitation. In this report, we’ll analyze the numbers and types of vulnerabilities in 2023 with a view to understanding attack trends and how organizations can better defend themselves.
#intel471#EN#2024#Year-in-Review#2023#Vulnerabilities
·intel471.com·
Vulnerabilities Year-in-Review: 2023
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
Sometimes when we publish details and writeups about vulnerabilities we are so focused on the actual bug, that we don't notice others, which might be still hidden inside the details. The same can happen when we read these issues, but if we keep our eyes open we might find hidden gems. Download Slides Download Whitepaper
#blackhat#2022#session#bug#writeup#presentation#macos#hidden#Vulnerabilities#Fitzl#offensivesecurity#CVE-2021-1815#CVE-2021-30972
·blackhat.com·
macOS Vulnerabilities Hiding in Plain Sight (Black Hat Asia 2022 presentation)
2021 Top Routinely Exploited Vulnerabilities | CISA
2021 Top Routinely Exploited Vulnerabilities | CISA
This joint Cybersecurity Advisory (CSA) was coauthored by cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom: the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), Australian Cyber Security Centre (ACSC), Canadian Centre for Cyber Security (CCCS),
#cisa#uscert#csirt#cert#U.-S.-Computer-Emergency-Readiness#top#2021#top2021#EN#2022#Vulnerabilities
·cisa.gov·
2021 Top Routinely Exploited Vulnerabilities | CISA
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Connect and Policy Secure Gateways | CISA
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Connect and Policy Secure Gateways | CISA
Based upon the authoring organizations’ observations during incident response activities and available industry reporting, as supplemented by CISA’s research findings, the authoring organizations recommend that the safest course of action for network defenders is to assume a sophisticated threat actor may deploy rootkit level persistence on a device that has been reset and lay dormant for an arbitrary amount of time. For example, as outlined in PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure), sophisticated actors may remain silent on compromised networks for long periods. The authoring organizations strongly urge all organizations to consider the significant risk of adversary access to, and persistence on, Ivanti Connect Secure and Ivanti Policy Secure gateways when determining whether to continue operating these devices in an enterprise environment.
#CISA#EN#2024#Ivanti#Vulnerabilities#Connect#persistence#Warning
·cisa.gov·
Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Connect and Policy Secure Gateways | CISA