CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

CVE-2022-35650 The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.

In our previous article Yet another bug into Netfilter, I presented a vulnerability found within the netfilter subsystem of the Linux kernel. During my investigation, I found a weird comparison that does not fully protect a copy within a buffer. It led to a heap buffer overflow that was exploited to obtain root privileges on Ubuntu 22.04.

12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.

We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts.

MIT CSAIL boffins devise PACMAN attack to let existing exploits avoid pointer authentication

On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.

Two days ago, Nao_sec identified an odd looking Word document in the wild, uploaded from an IP address in Belarus...

This blog post describes an unchecked return value vulnerability found and exploited in September 2021 by Alex Plaskett, Cedric Halbronn and Aaron Adams working at the Exploit Development Group (EDG) of NCC Group. We successfully exploited it at Pwn2Own 2021 competition in November 2021 when targeting the Western Digital PR4100.

This post details the development of a guest-to-host virtualization escape for Parallels Desktop on macOS, as used in our successful Pwn2Own 2021 entry. Give...

Flaw makes it possible to install web shell to maintain control of affected devices.

CVE-2022-1388 is a critical vulnerability (CVSS 9.8) in the management interface of F5 Networks’ BIG-IP solution that enables an unauthenticated attacker to gain remote code execution on the system through bypassing F5’s iControl REST authentication. The vulnerability was first discovered by F5’s internal product security team and disclosed publicly on May 4, 2022.

Nozomi Networks Labs has disclosed an unpatched vulnerability affecting the DNS of popular C standard libraries potentially in use by millions of IoT devices: uClibc and uClibc-ng.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - GitHub - Dec0ne/KrbRelayUp: KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.

GitHub is unaffected by the vulnerabilities, but users should be aware of them and upgrade their local installation of Git.

Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai botnet malware. The exploitation allows threat actors to download the Mirai sample to the “/tmp” folder and execute them after permission change using “chmod”. We began seeing malicious activities at the start of April 2022. We also found the malware file server with other variants of the sample for different CPU architectures.

At the start of 2022, CrowdStrike Intelligence and CrowdStrike Services investigated an incident in which PROPHET SPIDER exploited CVE-2021-22941 — a remote code execution (RCE) vulnerability impacting Citrix ShareFile Storage Zones Controller — to compromise a Microsoft Internet Information Services (IIS) web server. The adversary exploited the vulnerability to deploy a webshell that enabled the downloading of additional tools. This incident highlights how PROPHET SPIDER continues to evolve their tradecraft while continuing to exploit known web-server vulnerabilities.

Vulnerabilities found in widely-used Uninterruptible Power Supplies could allow attackers to bypass security features and remotely take over or damage critical industrial, medical, and enterprise devices

Mozilla has pushed out-of-band software updates to its Firefox web browser to contain two high-impact security vulnerabilities, both of which it says are being actively exploited in the wild.

This is the story of CVE-2022-0847, a vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes. It is similar to CVE-2016-5195 “Dirty Cow” but is easier to exploit. The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102.

On Feb. 4, Linux announced CVE-2022-0492, a new privilege escalation vulnerability in the kernel. CVE-2022-0492 marks a logical bug in control groups (cgroups), a Linux feature that is a fundamental building block of containers. The issue stands out as one of the simplest Linux privilege escalations discovered in recent times: The Linux kernel mistakenly exposed a privileged operation to unprivileged users.

Researchers have disclosed details of a new security vulnerability in GitLab, an open-source DevOps software, that could potentially allow a remote, unauthenticated attacker to recover user-related information.

A serious vulnerability affecting the eCos SDK made by Taiwanese semiconductor company Realtek could expose the networking devices of many vendors to remote attacks.

CISA has urged organizations to patch a recent Zimbra credential theft vulnerability after reports of exploitation in the wild.

CVE-2022-35650 The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature is only available to teachers, managers and admins by default.

In our previous article Yet another bug into Netfilter, I presented a vulnerability found within the netfilter subsystem of the Linux kernel. During my investigation, I found a weird comparison that does not fully protect a copy within a buffer. It led to a heap buffer overflow that was exploited to obtain root privileges on Ubuntu 22.04.

12.07.2022 - Security researchers from the ETH Zürich have discovered a serious security vulnerability in Intel and AMD microprocessors. The vulnerability, called Retbleed, potentially allows an attacker to access any memory area. Initial countermeasures have already been defined. The NCSC has assigned the internationally valid CVE identifiers for the vulnerability of both manufacturers.

We discovered flaws in Zimbra, an enterprise email solution, that allow attackers to steal credentials of users and gain access to their email accounts.

MIT CSAIL boffins devise PACMAN attack to let existing exploits avoid pointer authentication