Showing only posts tagged exploit. Show all posts.

How Did Authorities Identify the Alleged Lockbit Boss?

Source

Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “ LockBitSupp ” claims the feds named the wrong guy, saying the charges don’t explain how …

Ivanti warns of critical vulnerability in its popular line of endpoint protection software

Source

Enlarge Software maker Ivanti is urging users of its end-point security product to patch a critical vulnerability that makes it possible for unauthenticated attackers to execute malicious code inside affected networks. The vulnerability, in a class known as a SQL injection, resides in all supported versions of the Ivanti …

A new Chrome 0-day is sending the Internet into a new chapter of Groundhog Day

Source

Enlarge (credit: Getty Images) A critical zero-day vulnerability Google reported on Wednesday in its Chrome browser is opening the Internet to a new chapter of Groundhog Day. Like a critical zero-day Google disclosed on September 11, the new exploited vulnerability doesn’t affect just Chrome. Already, Mozilla has said …

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

Source

Enlarge (credit: Getty Images) Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab said Friday. The previously unknown vulnerabilities, which Apple patched …

With 0-days hitting Chrome, iOS, and dozens more this month, is no software safe?

Source

Enlarge (credit: Getty Images ) End users, admins, and researchers better brace yourselves: The number of apps being patched for zero-day vulnerabilities has skyrocketed this month and is likely to get worse in the following weeks. People have worked overtime in recent weeks to patch a raft of vulnerabilities actively …

Cisco security appliance 0-day is under attack by ransomware crooks

Source

Enlarge / Cisco Systems headquarters in San Jose, California, US, on Monday, Aug. 14, 2023. Cisco Systems Inc. is scheduled to release earnings figures on August 16. Photographer: David Paul Morris/Bloomberg via Getty Images Cisco on Thursday confirmed the existence of a currently unpatched zero-day vulnerability that hackers are …

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Source

Enlarge (credit: Getty Images) A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives. The vulnerability, residing in the way WinRAR …

An Apple malware-flagging tool is “trivially” easy to bypass

Source

Enlarge (credit: Getty Images ) One of your Mac's built-in malware detection tools may not be working quite as well as you think. At the Defcon hacker conference in Las Vegas, longtime Mac security researcher Patrick Wardle presented findings on Saturday about vulnerabilities in Apple's macOS Background Task Management mechanism …

Zyxel users still getting hacked by DDoS botnet emerge as public nuisance No. 1

Source

Enlarge (credit: Aurich Lawson / Ars Technica ) Organizations that have yet to patch a 9.8-severity vulnerability in network devices made by Zyxel have emerged as public nuisance No. 1 as a sizable number of them continue to be exploited and wrangled into botnets that wage DDoS attacks. Zyxel patched …

Exploited 0-days, an incomplete fix, and a botched disclosure: Infosec snafu reigns

Source

Enlarge (credit: Getty Images) Organizations big and small are once again scrambling to patch critical vulnerabilities that are already under active exploitation and cause the kind of breaches coveted by ransomware actors and nation-state spies. The exploited vulnerabilities—one in Adobe ColdFusion and the other in various Citrix NetScaler …

Meet the Administrators of the RSOCKS Proxy Botnet

Source

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the …

Cybercriminals Ramp Up Exploits Against Serious Zyxel Flaw

Source

More than 100,000 Zyxel networking products could be vulnerable to a hardcoded credential vulnerability (CVE-2020-29583) potentially allowing cybercriminal device takeover. [...]