Showing only posts tagged vulnerabilities. Show all posts.

Friday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching Proxy

Source

In a rare squid/security post, here’s an article about unpatched vulnerabilities in the Squid caching proxy. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here. [...]

Leaving Authentication Credentials in Public Code

Source

Interesting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a total of 450,000 projects submitted to PyPI, the official code repository for …

New SSH Vulnerability

Source

This is interesting : For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. [...] The vulnerability occurs when there are errors …

Critical vulnerability in Atlassian Confluence server is under “mass exploitation”

Source

Enlarge A critical vulnerability in Atlassian’s Confluence enterprise server app that allows for malicious commands and reset servers is under active exploitation by threat actors in attacks that install ransomware, researchers said. “Widespread exploitation of the CVE-2023-22518 authentication bypass vulnerability in Atlassian Confluence Server has begun, posing a …

The latest high-severity Citrix vulnerability under attack isn’t easy to fix

Source

Enlarge (credit: Getty Images) A critical vulnerability that hackers have exploited since August, which allows them to bypass multifactor authentication in Citrix networking hardware, has received a patch from the manufacturer. Unfortunately, applying it isn’t enough to protect affected systems. The vulnerability, tracked as CVE-2023-4966 and carrying a …

Thousands of WordPress sites have been hacked through tagDiv plugin vulnerability

Source

Enlarge (credit: Getty Images ) Thousands of sites running the WordPress content management system have been hacked by a prolific threat actor that exploited a recently patched vulnerability in a widely used plugin. The vulnerable plugin, known as tagDiv Composer, is a mandatory requirement for using two WordPress themes: Newspaper …

Vulnerabilities in Supermicro BMCs could allow for unkillable server rootkits

Source

Enlarge (credit: Getty Images) If your organization uses servers that are equipped with baseboard management controllers from Supermicro, it’s time, once again, to patch seven high-severity vulnerabilities that attackers could exploit to gain control of them. And sorry, but the fixes must be installed manually. Typically abbreviated as …

They’ve begun: Attacks exploiting vulnerability with maximum 10 severity rating

Source

Enlarge (credit: Getty Images) Ransomware hackers have started exploiting one or more recently fixed vulnerabilities that pose a grave threat to enterprise networks around the world, researchers said. One of the vulnerabilities has a severity rating of 10 out of a possible 10 and another 9.9. They reside …

Vulnerable Arm GPU drivers under active exploitation. Patches may not be available

Source

Enlarge (credit: Getty Images) Arm warned on Monday of active ongoing attacks targeting a vulnerability in device drivers for its Mali line of GPUs, which run on a host of devices, including Google Pixels and other Android handsets, Chromebooks, and hardware running Linux. “A local non-privileged user can make …

Critical vulnerabilities in Exim threaten over 250k email servers worldwide

Source

Enlarge (credit: Getty Images) Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction. The vulnerabilities were reported on Wednesday by Zero Day Initiative, but they largely escaped notice …

Critical Vulnerability in libwebp Library

Source

Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library: On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from …

Zero-Click Exploit in iPhones

Source

Make sure you update your iPhones : Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 …

Inconsistencies in the Common Vulnerability Scoring System (CVSS)

Source

Interesting research : Shedding Light on CVSS Scoring Inconsistencies: A User-Centric Study on Evaluating Widespread Security Vulnerabilities Abstract: The Common Vulnerability Scoring System (CVSS) is a popular method for evaluating the severity of vulnerabilities in vulnerability management. In the evaluation process, a numeric score between 0 and 10 is calculated …

Spyware Vendor Hacked

Source

A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws in the spyware maker …

Unlimited miles and nights: Vulnerability found in rewards programs

Source

Enlarge (credit: Jose A. Bernat Bacete ) Travel rewards programs like those offered by airlines and hotels tout the specific perks of joining their club over others. Under the hood, though, the digital infrastructure for many of these programs—including Delta SkyMiles, United MileagePlus, Hilton Honors, and Marriott Bonvoy—is …

Firmware vulnerabilities in millions of computers could give hackers superuser status

Source

Enlarge (credit: Getty Images ) Two years ago, ransomware crooks breached hardware-maker Gigabyte and dumped more than 112 gigabytes of data that included information from some of its most important supply-chain partners, including Intel and AMD. Now researchers are warning that the leaked information revealed what could amount to critical …

MOVEit app mass-exploited last month patches new critical vulnerability

Source

Enlarge (credit: Lino Mirgeler/picture alliance via Getty Images ) MOVEit, the file-transfer software exploited in recent weeks in one of the biggest cyberattacks ever, has received yet another security update that fixes a critical vulnerability that could be exploited to give hackers access to vast amounts of sensitive data …

Mastodon fixes critical “TootRoot” vulnerability allowing node hijacking

Source

Enlarge The maintainers of the open source software that powers the Mastodon social network published a security update on Thursday that patches a critical vulnerability making it possible for hackers to backdoor the servers that push content to individual users. Mastodon is based on a federated model. The federation …

Actively exploited vulnerability threatens hundreds of solar power stations

Source

Enlarge (credit: Getty Images) Hundreds of Internet-exposed devices inside solar farms remain unpatched against a critical and actively exploited vulnerability that makes it easy for remote attackers to disrupt operations or gain a foothold inside the facilities. The devices, sold by Osaka, Japan-based Contec under the brand name SolarView …

Researchers tell owners to “assume compromise” of unpatched Zyxel firewalls

Source

Enlarge (credit: Getty Images) Firewalls made by Zyxel are being wrangled into a destructive botnet, which is taking control of them by exploiting a recently patched vulnerability with a severity rating of 9.8 out of a possible 10. “At this stage if you have a vulnerable device exposed …

Microsoft Secure Boot Bug

Source

Microsoft is currently patching a zero-day Secure-Boot bug. The BlackLotus bootkit is the first-known real-world malware that can bypass Secure Boot protections, allowing for the execution of malicious code before your PC begins loading Windows and its many security protections. Secure Boot has been enabled by default for over …

SolarWinds Detected Six Months Earlier

Source

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandiant detected it in December 2020, but didn’t realize what it detected—and so ignored it. WIRED can now confirm that the operation was actually discovered by the DOJ six months …

North Korea Hacking Cryptocurrency Sites with 3CX Exploit

Source

News : Researchers at Russian cybersecurity firm Kaspersky today revealed that they identified a small number of cryptocurrency-focused firms as at least some of the victims of the 3CX software supply-chain attack that’s unfolded over the past week. Kaspersky declined to name any of those victim companies, but it …

« newer articles | page 3 | older articles »