Search cyberveille.decio.ch

Found 331 bookmarks

Custom sorting

Jenkins discloses dozens of zero-day bugs in multiple plugins

On Thursday, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched.

#bleepingcomputer #EN #2023 #CSRF #Jenkins #Vulnerability #XSS #Zero-Day #Security

·bleepingcomputer.com·Jan 5, 2023

Jenkins discloses dozens of zero-day bugs in multiple plugins

Hacker claims to be selling Twitter data of 400 million users

A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale.

#bleepingcomputer #EN #2022 #Twitter #threat #API #vulnerability #ransom

·bleepingcomputer.com·Dec 27, 2022

Hacker claims to be selling Twitter data of 400 million users

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

he maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.

#thehackernews #EN #2022 #Ping #Vulnerability #FreeBSD #CVE-2022-23093

·thehackernews.com·Dec 6, 2022

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

CVE-2022-21661: Exposing Database Info via WordPress SQL Injection

In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently addressed as CVE-2022-21661 ( ZDI-22-020

#zerodayinitiative #EN #2022 #CVE-2022-21661 #SQL-injection #vulnerability #WordPress

·zerodayinitiative.com·Dec 5, 2022

CVE-2022-21661: Exposing Database Info via WordPress SQL Injection

Google pushes emergency Chrome update to fix 8th zero-day in 2022

Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year.

#bleepingcomputer #Google #Google-Chrome #Vulnerability #Web-Browser #Zero-Day #patch #CVE-2022-3723 #CVE-2022-3075 #CVE-2022-2856 #CVE-2022-2294 #CVE-2022-1364 #CVE-2022-1096 #CVE-2022-0609

·bleepingcomputer.com·Nov 25, 2022

Google pushes emergency Chrome update to fix 8th zero-day in 2022

Firefox fixes fullscreen fakery flaw – get the update now! – Naked Security

What’s so bad about a web page going fullscreen without warning you first?

#nakedsecurity #EN #2022 #CVE-2022-45407 #CVE-2022-4540 #firefox #mozilla #vulnerability #patch

·nakedsecurity.sophos.com·Nov 17, 2022

Firefox fixes fullscreen fakery flaw – get the update now! – Naked Security

Compromising Plesk via its REST API

Compromising Plesk via its REST API, CSRF, CORS misconfiguration, add db user, add backdoor, add secret token, cookieless CSRF

#fortbridge #EN #2022 #Plesk #REST #misconfiguration #CSRF #Vulnerability

·fortbridge.co.uk·Nov 12, 2022

Compromising Plesk via its REST API

Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)

Windows ZIP extraction bug (CVE-2022-41049) lets attackers craft ZIP files, which evade warnings on attempts to execute packaged files, even if ZIP file was downloaded from the Internet.

#breakdev #EN #2022 #CVE-2022-41049 #Windows #Mark-of-the-Web #Bypass #Vulnerability #analysis

·breakdev.org·Nov 12, 2022

Exploring ZIP Mark-of-the-Web Bypass Vulnerability (CVE-2022-41049)

SHA-3 Buffer Overflow

Over the past few months, I’ve been coordinating the disclosure of a new vulnerability that I’ve found. Today is the disclosure date, so I am excited that I can finally talk about what I’ve been working on! The vulnerability has been assigned CVE-2022-37454 and bug reports are available for Python, PHP, PyPy, SHA3 for Ruby, and XKCP.

#mouha.be #EN #2022 #CVE-2022-37454 #SHA-3 #Buffer-Overflow #vulnerability #XKCP

·mouha.be·Oct 24, 2022

SHA-3 Buffer Overflow

Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability

n April, VMware patched a vulnerability CVE-2022-22954. It causes server-side template injection because of the lack of sanitization on parameters “deviceUdid” and “devicetype”. It allows attackers to inject a payload and achieve remote code execution on VMware Workspace ONE Access and Identity Manager. FortiGuard Labs published Threat Signal Report about it and also developed IPS signature in April.

#fortinet #EN #2022 #VMware #CVE-2022-22954 #vulnerability #Campaigns #deviceUdid #devicetype

·fortinet.com·Oct 24, 2022

Mirai, RAR1Ransom, and GuardMiner – Multiple Malware Campaigns Target VMware Vulnerability

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

Command & Control (C2) frameworks are a very sensitive component of Red Team operations. Often, a Red Team will be in a highly privileged position on a target’s network, and a compromise of the C2 framework could lead to a compromise of both the red team operator’s system and control over beacons established on a target’s systems. As such, vulnerabilities in C2 frameworks are high priority targets for threat actors and Counterintelligence (CI) operations. On September 20, 2022, HelpSystems published an out-of-band patch for Cobalt Strike which stated that there was potential for Remote Code Execution (RCE).

#securityintelligence #EN #2022 #RCE #Cobalt-Strike #HelpSystems #Vulnerability #Analysis

·securityintelligence.com·Oct 22, 2022

Analysis of a Remote Code Execution (RCE) Vulnerability in Cobalt Strike 4.7.1

On Bypassing eBPF Security Monitoring

There are many security solutions available today that rely on the Extended Berkeley Packet Filter (eBPF) features of the Linux kernel to monitor kernel functions. Such a paradigm shift in the latest monitoring technologies is being driven by a variety of reasons

#doyensec #doyensecurity #EN #2022 #vulnerability #exploit #eBPF #bypass #research

·blog.doyensec.com·Oct 13, 2022

On Bypassing eBPF Security Monitoring

Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)

Read how macOS vulnerability in Archive Utility could lead to the execution of an unsigned and unnotarized application without displaying security prompts.

#jamf #EN #2022 #Archive #Utility #macOS #vulnerability #CVE-2022-32910 #Gatekeeper #bypass

·jamf.com·Oct 8, 2022

Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)

CVE-2022-41352

On September 25, 2022, CVE-2022-41352 was filed for Zimbra Collaboration Suite. The vulnerability is a remote code execution flaw that arises from unsafe usage…

#attackerkb #EN #2022 #CVE-2022-41352 #Zimbra #vulnerability

·attackerkb.com·Oct 7, 2022

CVE-2022-41352

Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure was being attacked, specifically to their Microsoft Exchange application. During the investigation, GTSC Blue Team experts determined that the attack utilized an unpublished Exchange security vulnerability, i.e., a 0-day vulnerability, thus immediately came up with a temporary containment plan.

#gteltsc.vn #EN #2022 #Microsoft-Exchange #Exchange #0-day #RCE #vulnerability #campaign #IoCs

·gteltsc.vn·Sep 30, 2022

Warning: New attack campaign utilized a new 0-day RCE vulnerability on Microsoft Exchange Server

Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks

Microsoft this week released an out-of-band security update for its Endpoint Configuration Manager solution to patch a vulnerability that could be useful to malicious actors for moving around in a targeted organization’s network. The vulnerability is tracked as CVE-2022-37972 and it has been described by Microsoft as a medium-severity spoofing issue. The tech giant has credited Brandon Colley of Trimarc Security for reporting the flaw.

#Microsoft #EN #2022 #CVE-2022-37972 #Endpoint-Configuration-Manager #patch #vulnerability

·securityweek.com·Sep 25, 2022

Microsoft Issues Out-of-Band Patch for Flaw Allowing Lateral Movement, Ransomware Attacks

Unpatched 15-year old Python bug allows code execution in 350k projects

A vulnerability in the Python programming language that has been overlooked for 15 years is now back in the spotlight as it likely affects more than 350,000 open-source repositories and can lead to code execution.

#bleepingcomputer #Code-Execution #Path-Traversal #Python #Vulnerability #CVE-2007-4559

·bleepingcomputer.com·Sep 25, 2022

Unpatched 15-year old Python bug allows code execution in 350k projects

Tarfile: Exploiting the World With a 15-Year-Old Vulnerability

Trellix Advanced Research Center stumbled across a vulnerability in Python’s tarfile module. As we dug into the issue, we realized this was in fact CVE-2007-4559. The vulnerability is a path traversal attack in the extract and extractall functions in the tarfile module that allow an attacker to overwrite arbitrary files by adding the “..” sequence to filenames in a TAR archive. Over the course of our research into the impact of this vulnerability we discovered that hundreds of thousands of repositories were vulnerable to this vulnerability. While the vulnerability was originally only marked as a 6.8, we were able to confirm that in most cases an attacker can gain code execution from the file write.

#trellix #EN #2022 #CVE-2007-4559 #tarfile #Python #vulnerability

·trellix.com·Sep 25, 2022

Tarfile: Exploiting the World With a 15-Year-Old Vulnerability

PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin

Late evening, on September 6, 2022, the Wordfence Threat Intelligence team was alerted to the presence of a vulnerability being actively exploited in BackupBuddy, a WordPress plugin we estimate has around 140,000 active installations. This vulnerability makes it possible for unauthenticated users to download arbitrary files from the affected site which can include sensitive information. ...Read More

#wordfence #EN #2022 #Wordpress #vulnerability #0-day #BackupBuddy #plugin

·wordfence.com·Sep 9, 2022

PSA: Nearly 5 Million Attacks Blocked Targeting 0-Day in BackupBuddy Plugin

Researchers found one-click exploits in Discord and Teams

A group of security researchers found a series of vulnerabilities in the software underlying popular apps like Discord, Microsoft Teams, Spotify and many others

#malwarebytes #EN #2022 #Electron #vulnerability

·malwarebytes.com·Aug 31, 2022

Researchers found one-click exploits in Discord and Teams

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.

#securityweek #EN #2022 #SDK #remote #attack #vulnerability #Rrealtek #CVE-2022-27255

·securityweek.com·Aug 13, 2022

Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks

Zimbra Credential Theft Vulnerability Exploited in Attacks

CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

#securityweek #EN #Zimbra #vulnerability #CVE-2022-27924 #credential-theft #exploited #CISA #email

·securityweek.com·Aug 8, 2022

Zimbra Credential Theft Vulnerability Exploited in Attacks

CVE-2022-35650 Analysis

CVE-2022-35650 The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.

#Anna #0x1337 #CVE-2022-35650 #Analysis #Moodle #vulnerability #PHP

·0x1337.ninja·Aug 4, 2022

CVE-2022-35650 Analysis

[CVE-2022-34918] A crack in the Linux firewall

In our previous article Yet another bug into Netfilter, I presented a vulnerability found within the netfilter subsystem of the Linux kernel. During my investigation, I found a weird comparison that does not fully protect a copy within a buffer. It led to a heap buffer overflow that was exploited to obtain root privileges on Ubuntu 22.04.

#randorisec #EN #2022 #CVE-2022-34918 #Linux #netfilter #Vulnerability #analysis

·randorisec.fr·Jul 21, 2022

[CVE-2022-34918] A crack in the Linux firewall

Retbleed – serious vulnerability discovered in microprocessors

12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.

#NCSC #EN #2022 #retbleed #Vulnerability #CVE-2022-29900 #CVE-2022-29901

·ncsc.admin.ch·Jul 12, 2022

Retbleed – serious vulnerability discovered in microprocessors

Zimbra Email - Stealing Clear-Text Credentials via Memcache injection

We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts.

#sonarsource #EN #2022 #Zimbra #memcache #Vulnerability #email #steal #credentials

·blog.sonarsource.com·Jun 15, 2022

Zimbra Email - Stealing Clear-Text Credentials via Memcache injection

Vulnerability discovered in Apple M1 chip

MIT CSAIL boffins devise PACMAN attack to let existing exploits avoid pointer authentication

#theregister #EN #2022 #M1 #Apple #PACMAN #attache #ARM #chip #Vulnerability

·theregister.com·Jun 13, 2022

Vulnerability discovered in Apple M1 chip

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.

#Guidance #CVE-2022-30190 #mitigation #Workarounds #Vulnerability #Microsoft #EN #2022 #Follina

·msrc-blog.microsoft.com·Jun 7, 2022

Guidance for CVE-2022-30190 Microsoft Support Diagnostic Tool Vulnerability

Follina — a Microsoft Office code execution vulnerability

Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus...

#doublepulsar #EN #2022 #Office #vulnerability #msdt.exe #PowerShell #Follina

·doublepulsar.com·May 30, 2022

Follina — a Microsoft Office code execution vulnerability

Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)

This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.

#CVE-2022-23121 #nccgroup #EN #2022 #Netatalk #WesternDigital #vulnerability #AppleDouble

·research.nccgroup.com·May 24, 2022

Remote Code Execution on Western Digital PR4100 NAS (CVE-2022-23121)