Search cyberveille.decio.ch

Found 67 bookmarks

Custom sorting

smith (CVE-2023-32434)

This write-up presents an exploit for a vulnerability in the XNU kernel: Assigned CVE-2023-32434. Fixed in iOS 16.5.1 and macOS 13.4.1. Reachable from the WebContent sandbox and might have been actively exploited. *Note that this CVE fixed multiple integer overflows, so it is unclear whether or not the integer overflow used in my exploit was also used in-the-wild. Moreover, if it was, it might not have been exploited in the same way. The exploit has been successfully tested on: iOS 16.3, 16.3.1, 16.4 and 16.5 (iPhone 14 Pro Max) macOS 13.1 and 13.4 (MacBook Air M2 2022) All code snippets shown below are from xnu-8792.81.2.

#Poulin-Bélanger #EN #2023 #exploit #analysis #vulnerability #github #macos #ios #CVE-2023-32434

·github.com·Jan 3, 2024

smith (CVE-2023-32434)

D-Link D-View 8 Unauthenticated Probe-Core Server Communication

A security issue exists in D-Link D-View 8 v2.0.2.89 and prior that could allow an attacker to manipulate the probe inventory of the D-View service. This could result in the disclosure of info

#tenable #EN #2023 #D-Link #D-View #vulnerability #disclosure

·tenable.com·Jan 3, 2024

D-Link D-View 8 Unauthenticated Probe-Core Server Communication

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

Chinese threat actors exploited a new zero-day vulnerability in Barracuda's Email Security Gateway (ESG) appliances.

#thehackernews #EN #2023 #0-day #network #hacker #vulnerability #ESG #CVE-2023-7102 #appliance #Barracuda

·thehackernews.com·Dec 30, 2023

Chinese Hackers Exploited New Zero-Day in Barracuda's ESG Appliances

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Beware of phishing emails with invoice-themed attachments! Attackers are using an old Office vulnerability (CVE-2017-11882) to spread the Agent Tesla

#thehackernews #EN #2023 #malware #Agent-Tesla #CVE-2017-11882 #phishing #email #MSExcel #Excel #vulnerability

·thehackernews.com·Dec 21, 2023

Hackers Exploiting MS Excel Vulnerability to Spread Agent Tesla Malware

Unveiling VISS: a revolutionary approach to vulnerability impact scoring

Our open-source vulnerability impact scoring system is now available and enhances incident response capabilities. Here's how VISS is unique.

#zoom #EN #2023 #VISS #vulnerability #impact #scoring

·zoom.com·Dec 20, 2023

Unveiling VISS: a revolutionary approach to vulnerability impact scoring

Terrapin attacks can downgrade security of OpenSSH connections

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH channel integrity when certain widely-used encryption modes are used.

#bleepingcomputer #EN #2023 #Cyberattack #Encryption #Man-In-The-Middle-Attack #SSH #Terrapin #Vulnerability

·bleepingcomputer.com·Dec 20, 2023

Terrapin attacks can downgrade security of OpenSSH connections

7 December 2023 - Apache Struts version 6.3.0.2 General Availability

7 December 2023 - Apache Struts version 6.3.0.2 General Availability The Apache Struts group is pleased to announce that Apache Struts version 6.3.0.2 is available as a “General Availability” release. The GA designation is our highest quality grade. The Apache Struts is an elegant, extensible framework for creating enterprise-ready Java web applications. The framework has been designed to streamline the full development cycle, from building, to deploying, to maintaining applications over time. This version addresses a potential security vulnerability identified as CVE-2023-50164 and described in S2-066 - please read the mentioned security bulletins for more details. This is a drop-in replacement and upgrade should be straightforward.

#apache.org #EN #2023 #CVE-2023-50164 #Apache #Struts #annonce #Vulnerability

·struts.apache.org·Dec 18, 2023

7 December 2023 - Apache Struts version 6.3.0.2 General Availability

QNAP VioStor NVR vulnerability actively exploited by malware botnet

A Mirai-based botnet named 'InfectedSlurs' is exploiting a remote code execution (RCE) vulnerability in QNAP VioStor NVR (Network Video Recorder) devices to hijack and make them part of its DDoS (distributed denial of service) swarm. #Actively #Botnet #Computer #Exploited #FXC #InfectedSlurs #InfoSec #Malware #QNAP #Router #Security #Vulnerability

#bleepingcomputer #EN #2023 #FXC #QNAP #InfectedSlurs #Actively #Botnet #Malware #Exploited #Computer #Router #Vulnerability

·bleepingcomputer.com·Dec 16, 2023

QNAP VioStor NVR vulnerability actively exploited by malware botnet

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Unpack the analysis of a GOG Galaxy XPC service vulnerability. More from IBM X-Force Red.

#securityintelligence #2023 #EN #macos #GOG #client #XPC #vulnerability

·securityintelligence.com·Dec 16, 2023

Exploiting GOG Galaxy XPC service for privilege escalation in macOS

Imperva Uncovers CVE-2023-22524, A RCE Vulnerability

Learn about a RCE vulnerability, discovered by the Imperva Red Team, identified as CVE-2023-22524, in Atlassian Companion for macOS.

#imperva #EN #2023 #RCE #vulnerability #CVE-2023-22524 #Atlassian #macOS

·imperva.com·Dec 16, 2023

Imperva Uncovers CVE-2023-22524, A RCE Vulnerability

GitHub - yunuscadirci/DIALStranger: details about DIAL protocol vulnerabilities

details about DIAL protocol vulnerabilities . Contribute to yunuscadirci/DIALStranger development by creating an account on GitHub.

#yunuscadirci #EN #2023 #Netflix #YouTube #Sony #Samsung #DIAL #DIALStranger #protocol #vulnerability

·github.com·Nov 20, 2023

GitHub - yunuscadirci/DIALStranger: details about DIAL protocol vulnerabilities

In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica

An error as small as a single flipped memory bit is all it takes to expose a private key. The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection. It affects only keys using the RSA cryptographic algorithm, which the researchers found in roughly a third of the SSH signatures they examined. That translates to roughly 1 billion signatures out of the 3.2 billion signatures examined. Of the roughly 1 billion RSA signatures, about one in a million exposed the private key of the host.

#arstechnica #EN #2023 #SSH #RSA #cryptographic #algorithm #error #vulnerability

·arstechnica.com·Nov 16, 2023

In a first, cryptographic keys protecting SSH connections stolen in new attack | Ars Technica

CVE-2023-38548

On November 6, 2023, Veeam published an advisory for several vulnerabilities affecting Veeam ONE, an IT monitoring and analytics platform for enterprises. One …

#attackerkb #CVE-2023-38548 #EN #2023 #VeeamONE #Veeam #vulnerability

·attackerkb.com·Nov 10, 2023

CVE-2023-38548

SysAid On-Prem Software CVE-2023-47246 Vulnerability Disclosure

On Nov 2nd, our security team received reports regarding a potential vulnerability in our on-premise software which was being actively exploited. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software. We urge all customers with SysAid on-prem server installations to ensure that your SysAid systems are updated to version 23.3.36, which remediates the identified vulnerability, and conduct a comprehensive compromise assessment of your network to look for any indicators further discussed below. Should you identify any indicators, take immediate action and follow your incident response protocols.

#profero #EN #2023 #CVE-2023-47246 #disclosure #vulnerability #SysAid

·profero.io·Nov 10, 2023

SysAid On-Prem Software CVE-2023-47246 Vulnerability Disclosure

SysAid On-Prem Software CVE-2023-47246 Vulnerability

On Nov 2nd, a potential vulnerability in our on-premise software came to our security team’s attention. We immediately initiated our incident response protocol and began proactively communicating with our on-premise customers to ensure they could implement a mitigation solution we had identified. We engaged Profero, a cyber security incident response company, to assist us in our investigation. The investigation determined that there was a zero-day vulnerability in the SysAid on-premises software.

#sysaid #EN #2023 #CVE-2023-47246 #SysAid #On-Prem #Vulnerability

·sysaid.com·Nov 9, 2023

SysAid On-Prem Software CVE-2023-47246 Vulnerability

Common Vulnerability Scoring System

CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard.

#first #EN #2023 #Common #Vulnerability #Scoring #System #v4-0 #CVSS

·first.org·Nov 8, 2023

Common Vulnerability Scoring System

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

FIRST announces CVSS v4.0, the latest version of the Common Vulnerability Scoring System. Discover how this update addresses critical vulnerabilities.

#thehackernews #EN #2023 #CVSS #CVSS4.0 #Vulnerability #Scoring #System

·thehackernews.com·Nov 2, 2023

FIRST Announces CVSS 4.0 - New Vulnerability Scoring System

HackerOne paid ethical hackers over $300 million in bug bounties

HackerOne has announced that its bug bounty programs have awarded over $300 million in rewards to ethical hackers and vulnerability researchers since the platform's inception.

#bleepingcomputer #EN #2023 #Bug-Bounty #Ethical-Hacking #HackerOne #Vulnerability #Vulnerability-Disclosure-Program #Vulnerability-Rewards-Program #White-Hat-Hacker

·bleepingcomputer.com·Oct 28, 2023

HackerOne paid ethical hackers over $300 million in bug bounties

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

#welivesecurity #ESET #2023 #EN #WinterVivern #APT #zero-day #XSS #vulnerability #Roundcube

·welivesecurity.com·Oct 27, 2023

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

VMSA-2023-0023

VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities

#vmware #EN #2023 #vulnerability #VMSA-2023-0023 #CVE-2023-34048 #advisory

·vmware.com·Oct 25, 2023

VMSA-2023-0023

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so

The Qualys Threat Research Unit (TRU) has discovered a buffer overflow vulnerability in GNU C Library's dynamic loader's processing of the GLIBC_TUNABLES…

#qualys #EN #2023 #GLIBC_TUNABLES #CVE-2023-4911 #buffer #overflow #vulnerability

·blog.qualys.com·Oct 4, 2023

CVE-2023-4911: Looney Tunables - Local Privilege Escalation in the glibc’s ld.so

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.

#bleepingcomputer #EN #2023 #Actively-Exploited #Android #Mobile #Qualcomm #Vulnerability #Zero-Day #GPU #Adreno

·bleepingcomputer.com·Oct 3, 2023

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Vulnerability in popular ‘libwebp’ code more widespread than expected

Initial alerts about a bug in the obscure but widely used libwebp library have expanded into concerns that it affects not only web browsers like Chrome, but also many other common pieces of software.

#therecord #EN #2023 #libwebp #vulnerability #CVE-2023-4863

·therecord.media·Sep 28, 2023

Vulnerability in popular ‘libwebp’ code more widespread than expected

GPU.zip

On the Side-Channel Implications of Hardware-Based Graphical Data Compression

#hertzbleed #EN #2023 #vulnerability #Side-Channel #Graphical-Data-Compression #GPU.zip

·hertzbleed.com·Sep 27, 2023

GPU.zip

Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes

Akamai researchers discover a critical vulnerability in Kubernetes that can lead to remote code execution.

#akamai #EN #2023 #Kubernetes #command-injection #vulnerability #YAML #rce #remote-code-execution

·akamai.com·Sep 15, 2023

Can't Be Contained: Finding a Command Injection Vulnerability in Kubernetes

CVE-2023-34127

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in SonicWall GMS, SonicWall Analytics enables an authe…

#attackerkb #EN #2023 #rapid7 #SonicWall #CVE-2023-34127 #vulnerability #PoC

·attackerkb.com·Aug 21, 2023

CVE-2023-34127

2023-08 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and EX Series: Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution

#juniper #EN #2023 #bulletin #vulnerability #Out-of-Cycle #CVE-2023-36844 #CVE-2023-36845 #CVE-2023-36846 #CVE-2023-36847

·supportportal.juniper.net·Aug 20, 2023

2023-08 Out-of-Cycle Security Bulletin: Junos OS: SRX Series and EX Series: Multiple vulnerabilities in J-Web can be combined to allow a preAuth Remote Code Execution

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

The vulnerability could allow attackers to take advantage of an information leak to steal sensitive details like private messages, passwords, and encryption keys.

#wired #EN #2023 #Downfall #chips #intel #processors #Vulnerability

·wired.com·Aug 13, 2023

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog

Rapid7 discovered a new vulnerability that allows unauthenticated attackers to access the API in unsupported versions of MobileIron Core (11.2 and below).

#rapid7 #EN #2023 #CVE-2023-35082 #MobileIron #Core #Unauthenticated #API #Access #Vulnerability

·rapid7.com·Aug 4, 2023

CVE-2023-35082 - MobileIron Core Unauthenticated API Access Vulnerability | Rapid7 Blog

Ivanti warns of second vulnerability used in attacks on Norway gov’t

A second vulnerability affecting mobile endpoint management software from IT giant Ivanti has been discovered, according to a new advisory from the company.

#therecord #EN #2023 #vulnerability #Ivanti #Norway

·therecord.media·Jul 30, 2023

Ivanti warns of second vulnerability used in attacks on Norway gov’t