Cyber Security Informer

NSFOCUS Research Labs Acknowledged by MSRC for Reporting Azure Database Service RCE Vulnerability

Security Boulevard

MARCH 1, 2024

Overview NSFOCUS received acknowledgments from the Microsoft Security Response Center (MSRC) for reporting Azure Database Service RCE Vulnerability. The post NSFOCUS Research Labs Acknowledged by MSRC for Reporting Azure Database Service RCE Vulnerability appeared first on Security Boulevard.

Cyber Attacks

Cyber Attacks Engineering

Rhino Security Labs Uncovers EXOS Vulnerabilities, Exposing Thousands of Devices

Penetration Testing

DECEMBER 5, 2023

During an external network penetration test, David Yesland of Rhino Security Labs unearthed a quartet of vulnerabilities within the Extreme Operating System (EXOS) of ExtremeNetworks.

Penetration Testing

Three Actively Exploited SAP Vulnerabilities Identified by Onapsis Research Labs: What You Need to Know

Security Boulevard

JUNE 9, 2022

Three Actively Exploited SAP Vulnerabilities Identified by Onapsis Research Labs: What You Need to Know. The Onapsis Research Labs continuously monitors the evolving threat landscape in order to better understand what is being used to target business applications like SAP and Oracle. maaya.alagappan. Thu, 06/09/2022 - 15:20.

Risk

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Critical Vulnerability in libwebp Library

Schneier on Security

SEPTEMBER 27, 2023

Rather than Apple, Google, and Citizen Lab coordinating and accurately reporting the common origin of the vulnerability, they chose to use a separate CVE designation, the researchers said.

Salt Labs exposes a new vulnerability in popular OAuth framework, used in hundreds of online services

Security Boulevard

MAY 24, 2023

The vulnerability in the expo-auth-session library warranted a CVE assignment – CVE-2023-28131. The security gaps Salt Labs identified made services using this framework susceptible to credentials leakage, allowing: Full account takeover, leading to identity theft, financial fraud, access to credit cards and more.

Mobile

Mobile Accountability Authentication Media

Patch Tuesday, May 2024 Edition

Krebs on Security

MAY 14, 2024

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks.

Social Engineering

Social Engineering Backups Malware Banking

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Krebs on Security

SEPTEMBER 12, 2023

Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Citizen Lab says the bug it discovered was being exploited to install spyware made by the Israeli cyber surveillance company NSO Group.

Spyware

Spyware Software Surveillance Authentication

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

The Hacker News

MAY 9, 2024

That's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload. Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet.

Authentication

VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024

Security Affairs

MAY 14, 2024

VMware fixed four flaws in its Workstation and Fusion desktop hypervisors, including three zero-days exploited at the Pwn2Own Vancouver 2024 VMware addressed four vulnerabilities in its Workstation and Fusion desktop hypervisors, including three zero-day flaws demonstrated at the Pwn2Own Vancouver 2024. ” reads the advisory. .

Hacking

Hacking Information Security

Mirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887)

Penetration Testing

MAY 7, 2024

Security researchers at Juniper Threat Labs have uncovered a dangerous escalation in attacks targeting Ivanti Connect Secure (ICS) and Ivanti Policy Secure Gateways.

Penetration Testing

Penetration Testing Authentication Malware

Zero-Click iMessage Exploit

Schneier on Security

SEPTEMBER 17, 2021

Citizen Lab released a report on a zero-click iMessage exploit that is used in NSO Group’s Pegasus spyware. Apple patched the vulnerability; everyone needs to update their OS immediately. News articles on the exploit.

Spyware

More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers

Schneier on Security

DECEMBER 20, 2021

Citizen Lab published another report on the spyware used against two Egyptian nationals. According to Citzen Lab: We conducted Internet scanning for Predator spyware servers and found likely Predator customers in Armenia, Egypt, Greece, Indonesia, Madagascar, Oman, Saudi Arabia, and Serbia.

Manufacturing

Manufacturing Spyware Hacking Internet

Your Keyboard May Be Spilling Your Secrets – Critical Flaws Expose Keystrokes of Millions

Penetration Testing

APRIL 23, 2024

A shocking new report by Citizen Lab reveals that popular Chinese keyboard apps transmit your keystrokes in ways that leave them shockingly vulnerable to interception.

Penetration Testing

Penetration Testing Passwords

“Connect:fun” Campaign Targets Media Organizations, Exploits Critical Fortinet Vulnerability

Penetration Testing

APRIL 15, 2024

Researchers at Forescout Research – Vedere Labs warn that a sophisticated threat actor is exploiting a critical Fortinet vulnerability to... The post “Connect:fun” Campaign Targets Media Organizations, Exploits Critical Fortinet Vulnerability appeared first on Penetration Testing.

Media

Media Penetration Testing

MacOS Zero-Day Used against Hong Kong Activists

Schneier on Security

NOVEMBER 12, 2021

The zero-day exploit was similar to another in-the-wild vulnerability analyzed by another Google researcher in the past, according to the report. In addition, the zero-day exploit used in this hacking campaign is “identical” to an exploit previously found by cybersecurity research group Pangu Lab, Huntley said.

Hacking

Hacking Malware Cybersecurity

Old Vulnerability, New Attacks: Botnets Swarm Exploited CVE-2023-1389 in TP-Link Routers

Penetration Testing

APRIL 16, 2024

Cybersecurity experts at FortiGuard Labs are sounding the alarm about a wave of attacks targeting a known vulnerability in TP-Link Archer AX21 routers.

Penetration Testing

Penetration Testing Cybersecurity

No More Patches: D-Link DIR-822 Vulnerable to Remote Takeovers (CVE-2024-25331)

Penetration Testing

MARCH 12, 2024

Security researchers Quynh Le and Eng De Sheng from Ensign InfoSecurity Labs have uncovered a major security flaw (CVE-2024-25331) in the popular D-Link DIR-822 router.

Penetration Testing

Intel is Maintaining Legacy Technology for Security Research

Schneier on Security

NOVEMBER 30, 2021

This creates a long tail of old products that remain in widespread use, vulnerable to attacks. Intel’s answer to this conundrum was to create a warehouse and laboratory in Costa Rica, where the company already had a research-and-development lab, to store the breadth of its technology and make the devices available for remote testing.

Technology

Technology Engineering Software Cybersecurity

CVE-2024-21626: Docker Confronts Critical Container Escape Threat

Penetration Testing

JANUARY 31, 2024

Recently, Docker faced a significant challenge as Snyk Labs identified four critical security vulnerabilities affecting its container... The post CVE-2024-21626: Docker Confronts Critical Container Escape Threat appeared first on Penetration Testing.

Penetration Testing

Penetration Testing Technology

Researchers released exploit code for actively exploited Palo Alto PAN-OS bug

Security Affairs

APRIL 16, 2024

Researchers released an exploit code for the actively exploited vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS. is a critical command injection vulnerability in Palo Alto Networks PAN-OS software. is a critical command injection vulnerability in Palo Alto Networks PAN-OS software. This flaw impacts PAN-OS 10.2,

Firewall

Firewall Hacking Software Cybersecurity

Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days

Security Affairs

MARCH 22, 2024

The researcher Seunghyun Lee ( @0x10n ) of KAIST Hacking Lab used a UAF to achieve remote code execution in the renderer on both Micosoft Edge and Google Chrome. The team from STAR Labs SG demonstrated the first Docker desktop escape at Pwn2Own hacking competition by chaining two vulnerabilities, including a UAF.

Hacking

Hacking Information Security

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

The Hacker News

APRIL 24, 2024

Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi.

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

NOVEMBER 20, 2023

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. ” reads the report published by NSFOCUS.

Phishing

Phishing Financial Services Cryptocurrency Technology

Sierra Flaws Cyber Attack: Router Vulnerabilities Unveiled

Security Boulevard

DECEMBER 18, 2023

In a recent scrutiny of Sierra wireless routers, Forescout’s Vedere Labs uncovered 21 novel vulnerabilities that, though relatively straightforward to exploit, pose historical challenges for enterprises to rectify. The post Sierra Flaws Cyber Attack: Router Vulnerabilities Unveiled appeared first on Security Boulevard.

Cyber Attacks

Cyber Attacks Wireless Internet Internet

Google fixes fifth actively exploited Chrome zero-day this year

Security Affairs

MAY 10, 2024

Since the start of the year, Google released an update to fix the fifth actively exploited zero-day vulnerability in the Chrome browser. The vulnerability is the fifth zero-day flaw in the Google browser that is exploited in the wild since the start of the year. Manfred Paul demonstrated the vulnerability during the Pwn2Own 2024.

Engineering

Engineering Hacking Information Security

Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs

Security Affairs

MAY 9, 2024

Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet.

Authentication

Authentication Backups Cyber threats Malware

Google fixes sixth actively exploited Chrome zero-day this year

Security Affairs

MAY 14, 2024

Google released emergency security updates to address an actively exploited Chrome zero-day vulnerability. Google has released emergency security updates to address a high-severity zero-day vulnerability vulnerability, tracked as CVE-2024-4761, in the Chrome browser. 208 for Mac/Windows and 124.0.6367.207 for Linux.

Engineering

Engineering Hacking Information Security

CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 11, 2023

CISA adds vulnerabilities in Apple devices exploited to install NSO Group’s Pegasus spyware on iPhones to Known Exploited Vulnerabilities Catalog US Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.

Spyware

Spyware Accountability Hacking Risk

CVE-2023-6040: A Critical Linux Kernel Netfilter Vulnerability

Penetration Testing

JANUARY 11, 2024

The Linux Kernel has been hit by a significant security vulnerability, CVE-2023-6040, with a CVSS score of 7.8, Discovered by Lin Ma from Ant Security Light-Year Lab, this flaw arises... The post CVE-2023-6040: A Critical Linux Kernel Netfilter Vulnerability appeared first on Penetration Testing.

Penetration Testing

PoC Exploit Available for CVE-2024-1212 (CVSS 10): Patch Kemp LoadMaster Now

Penetration Testing

MARCH 19, 2024

Rhino Security Labs published the technical details and proof-of-concept (PoC) exploit for a severe flaw in Progress Kemp LoadMaster load balancers (CVE-2024-1212, CVSS 10).

Penetration Testing

Google fixes seventh actively exploited Chrome zero-day this year, the third in a week

Security Affairs

MAY 16, 2024

Google released security updates to address a new actively exploited Chrome zero-day vulnerability, the third in a week. Google has released a new emergency security update to address a new vulnerability, tracked as CVE-2024-4947, in the Chrome browser, it is the third zero-day exploited in attacks that was disclosed this week.

Engineering

Engineering Hacking Information Security

Patch Tuesday, October 2023 Edition

Krebs on Security

OCTOBER 10, 2023

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. The latter vulnerability could expose NTLM hashes , which are used for authentication in Windows environments. and iPadOS 17.0.3

Engineering

Engineering DDOS Software Authentication

Security Vulnerabilities in Honda’s Keyless Entry System

Schneier on Security

JULY 12, 2022

Honda vehicles from 2021 to 2022 are vulnerable to this attack : On Thursday, a security researcher who goes by Kevin2600 published a technical report and videos on a vulnerability that he claims allows anyone armed with a simple hardware device to steal the code to unlock Honda vehicles.

Software

Software Cybersecurity

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 27, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the 2023 Pwn2Own to its Known Exploited Vulnerabilities catalog. The Star Labs team demonstrated the vulnerability at the Pwn2Own Vancouver 2023 hacking competition.

Hacking

Hacking Authentication Cybersecurity Risk

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

Security Affairs

SEPTEMBER 7, 2023

Citizen Lab reported that the actively exploited zero-days fixed by Apple are being used in Pegasus spyware attacks Researchers at Citizen Lab reported that the actively exploited zero-day flaws (CVE-2023-41064 and CVE-2023-41061) fixed by Apple are being used to infect devices with NSO Group ’s Pegasus spyware.

Spyware

Spyware Accountability Hacking Mobile

Unveiling a Novel Malware Campaign: Attackers Targeting Vulnerable Docker Services

Penetration Testing

JANUARY 18, 2024

Recently, Cado Security Labs researchers have uncovered a striking and innovative campaign that specifically targets vulnerable Docker services.

Penetration Testing

Penetration Testing Malware Cyber threats

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

APRIL 28, 2024

A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike. Security experts at Deep Instinct Threat Lab have uncovered a targeted campaign against Ukraine, exploiting a Microsoft Office vulnerability dating back almost seven years to deploy Cobalt Strike on compromised systems.

VPN

VPN Hacking Engineering Information Security

New Outlook Exploit Unveiled: CVE-2023-35636 Leads to NTLM v2 Password Breach

Penetration Testing

JANUARY 18, 2024

In a recent discovery, Varonis Threat Labs has unveiled three new ways that cyber attackers can exploit to access NTLM v2 hashed passwords, putting countless systems and user data at risk.

Passwords

Passwords Penetration Testing Cyber Attacks Risk

Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices

Malwarebytes

JUNE 9, 2022

After a decent amount of pressure, Owl Labs has finally released updates for vulnerabilities in Meeting Owl, and Whiteboard Owl cameras. Owl Labs makes 360-degree video conferencing equipment for classrooms and boardrooms. And these vulnerabilities were not minor. The vulnerabilities. The research.

Authentication

Authentication Passwords Software Wireless

C3RB3R Ransomware Strikes Again: Exploiting the Confluence Vulnerability

Penetration Testing

FEBRUARY 12, 2024

In the wake of Atlassian’s disclosure of CVE-2023-22527, a critical template injection vulnerability in the Confluence Server and Data Center, Arctic Wolf Labs has uncovered threat actors are leveraging this vulnerability to deploy the... The post C3RB3R Ransomware Strikes Again: Exploiting the Confluence Vulnerability appeared first (..)

Penetration Testing

Penetration Testing Ransomware Malware

Mozilla fixed a critical zero-day in Firefox and Thunderbird

Security Affairs

SEPTEMBER 13, 2023

Mozilla addressed a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in attacks in the wild. Mozilla rolled out security updates to address a critical zero-day vulnerability, tracked as CVE-2023-4863 , in Firefox and Thunderbird that has been actively exploited in the wild. Firefox ESR 115.2.1,

Spyware

Spyware Architecture Engineering Hacking

PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)

Penetration Testing

DECEMBER 15, 2023

Two vulnerabilities in Microsoft SharePoint Server have recently come under the spotlight, thanks to the detailed work of STAR Labs researcher Nguyễn Tiến Giang (Jang).

Penetration Testing

PoC Exploit Releases for Critical Progress Flowmon Bug – CVE-2024-2389 (CVSS 10)

Penetration Testing

APRIL 25, 2024

Researchers at Rhino Security Labs have detailed a critical security flaw in Progress Flowmon, a widely used network monitoring tool.

Penetration Testing

LayerZero launches record-breaking $15M crypto bug bounty program

Bleeping Computer

MAY 18, 2023

LayerZero Labs has launched a bug bounty on the Immunefi platform that offers a maximum reward of $15 million for critical smart contract and blockchain vulnerabilities, a figure that sets a new record in the crypto space. [.]

NSFOCUS Research Labs Acknowledged by MSRC for Reporting Azure Database Service RCE Vulnerability

Rhino Security Labs Uncovers EXOS Vulnerabilities, Exposing Thousands of Devices

Webinars

Trending Sources

Three Actively Exploited SAP Vulnerabilities Identified by Onapsis Research Labs: What You Need to Know

Webinars

Critical Vulnerability in libwebp Library

Salt Labs exposes a new vulnerability in popular OAuth framework, used in hundreds of online services

Patch Tuesday, May 2024 Edition

Adobe, Apple, Google & Microsoft Patch 0-Day Bugs

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

VMware fixed zero-day flaws demonstrated at Pwn2Own Vancouver 2024

Mirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887)

Zero-Click iMessage Exploit

More on NSO Group and Cytrox: Two Cyberweapons Arms Manufacturers

Your Keyboard May Be Spilling Your Secrets – Critical Flaws Expose Keystrokes of Millions

“Connect:fun” Campaign Targets Media Organizations, Exploits Critical Fortinet Vulnerability

MacOS Zero-Day Used against Hong Kong Activists

Old Vulnerability, New Attacks: Botnets Swarm Exploited CVE-2023-1389 in TP-Link Routers

No More Patches: D-Link DIR-822 Vulnerable to Remote Takeovers (CVE-2024-25331)

Intel is Maintaining Legacy Technology for Security Research

CVE-2024-21626: Docker Confronts Critical Container Escape Threat

Researchers released exploit code for actively exploited Palo Alto PAN-OS bug

Pwn2Own Vancouver 2024: participants earned $1,132,500 for 29 unique 0-days

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Sierra Flaws Cyber Attack: Router Vulnerabilities Unveiled

Google fixes fifth actively exploited Chrome zero-day this year

Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs

Google fixes sixth actively exploited Chrome zero-day this year

CISA adds recently discovered Apple zero-days to Known Exploited Vulnerabilities Catalog

CVE-2023-6040: A Critical Linux Kernel Netfilter Vulnerability

PoC Exploit Available for CVE-2024-1212 (CVSS 10): Patch Kemp LoadMaster Now

Google fixes seventh actively exploited Chrome zero-day this year, the third in a week

Patch Tuesday, October 2023 Edition

Security Vulnerabilities in Honda’s Keyless Entry System

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware

Unveiling a Novel Malware Campaign: Attackers Targeting Vulnerable Docker Services

Targeted operation against Ukraine exploited 7-year-old MS Office bug

New Outlook Exploit Unveiled: CVE-2023-35636 Leads to NTLM v2 Password Breach

Update now! Patch against vulnerabilities in Meeting Owl Pro and Whiteboard Owl devices

C3RB3R Ransomware Strikes Again: Exploiting the Confluence Vulnerability

Mozilla fixed a critical zero-day in Firefox and Thunderbird

PoC Released for SharePoint Pre-Auth RCE Chain (CVE-2023-29357 & CVE-2023-24955)

PoC Exploit Releases for Critical Progress Flowmon Bug – CVE-2024-2389 (CVSS 10)

LayerZero launches record-breaking $15M crypto bug bounty program

Stay Connected