Security Affairs

SEPTEMBER 11, 2023

Google rolled out emergency security updates to address a new Chrome zero-day (CVE-2023-4863) actively exploited in the wild. The vulnerability, tracked as CVE-2023-4863, is the fourth actively exploited zero-day fixed by Google in 2023. The flaw CVE-2023-4863 is a critical heap buffer overflow that resides in the WebP.

Libraries 334

Libraries Security IT Information Security 334

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217.

Libraries 332

Libraries Passwords Security IT 332

Security Affairs

JANUARY 12, 2024

Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently disclosed critical flaw CVE-2023-51467 (CVSS score: 9.8) in the Apache OfBiz.

Honeypots 360

Honeypots Authentication Libraries Passwords 360

Security Affairs

NOVEMBER 28, 2023

Threat actors started exploiting a critical ownCloud vulnerability (CVE-2023-49103) that can lead to sensitive information disclosure. The vulnerability, tracked as CVE-2023-49103 , resides in the Graphapi app, which relies on a third-party GetPhpInfo.php library that provides a URL. ” reported the company.

Cybersecurity 329

Cybersecurity Libraries Passwords Access 329

Krebs on Security

NOVEMBER 14, 2023

The zero-day threats targeting Microsoft this month include CVE-2023-36025 , a weakness that allows malicious content to bypass the Windows SmartScreen Security feature. Microsoft says it is relatively straightforward for attackers to exploit CVE-2023-36036 as a way to elevate their privileges on a compromised PC.

Phishing 309

Phishing Authentication Libraries Access 309

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 349

Government Ransomware Libraries Access 349

Krebs on Security

OCTOBER 10, 2023

The patch fixes CVE-2023-42724 , which attackers have been using in targeted attacks to elevate their access on a local device. Apple said it also patched CVE-2023-5217 , which is not listed as a zero-day bug. ” Microsoft also patched zero-day bugs in Skype for Business ( CVE-2023-41763 ) and Wordpad ( CVE-2023-36563 ).

Libraries 281

Libraries Authentication Communications Cloud 281

Security Affairs

APRIL 19, 2023

Google rolled out emergency fixes to address another actively exploited high-severity zero-day flaw, tracked as CVE-2023-2136 , in its Chrome web browser. The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023.

Libraries 246

Libraries Education Access Security 246

Security Affairs

JUNE 6, 2023

Google released security updates to address a high-severity vulnerability, tracked as CVE-2023-3079, in its Chrome web browser. The vulnerability has reported on June 1, 2023, it is likely that the flaw was exploited as part of an exploit used by a state-sponsored APT group. ” reads the advisory published by the company.

Libraries 246

Libraries Security IT Information Security 246

Security Affairs

APRIL 9, 2023

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. The developers behind the vm2 JavaScript sandbox module have addressed a critical vulnerability, tracked as CVE-2023-29017 (CVSS score 9.8), that could be exploited to execute arbitrary shellcode.

Libraries 245

Libraries File names Education Cybersecurity 245

Security Affairs

APRIL 14, 2023

Google released an emergency security update to address the first Chrome zero-day vulnerability (CVE-2023-2033) in 2023, the company is aware of attacks in the wild exploiting the issue. The vulnerability was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-11. “Type Confusion in V8.

Libraries 246

Libraries Education Cybersecurity Security 246

Security Affairs

DECEMBER 20, 2023

Google has released emergency updates to address a new zero-day vulnerability, tracked as CVE-2023-7024, in its web browser Chrome. The flaw was reported by Clément Lecigne and Vlad Stolyarov of Google’s Threat Analysis Group on 2023-12-19 and fixed in just one day. TODAY, 1 day later, Chrome has a fix out to protect users!!!

Libraries 349

Libraries Access IT Information Security 349

Security Affairs

JANUARY 11, 2023

Microsoft Patch Tuesday security updates for January 2023 fixed 97 flaws and an actively exploited zero-day. One of the flaws addressed this month, tracked as CVE-2023-21674 (CVSS score 8.8), is listed as being in the wild at the time of release. Another issue fixed by Microsoft is the CVE-2023-21549 (CVSS Score 8.8)

Security 246

Security Libraries Encryption Authentication 246

Security Affairs

JULY 5, 2024

The two vulnerabilities are: CVE ID CVSS Score Vulnerability CVE-2023-2071 9.8 Remote code execution (RCE) CVE-2023-29464 8.2 DoS via out-of-bounds read CVE-2023-2071 (CVSS score: 9.8) The device has the functionality, through a CIP class, to execute exported functions from libraries. CVE-2023-29464 (CVSS score: 8.2)

Libraries 326

Libraries Communications Cybersecurity Risk 326

Security Affairs

DECEMBER 27, 2023

On December 21, network and email cybersecurity firm Barracuda started releasing security updates to address a zero-day, tracked as CVE-2023-7102 , in Email Security Gateway (ESG) appliances. “Spreadsheet::ParseExcel is an open source library used by the Amavis virus scanner within the ESG appliance.”

Libraries 353

Libraries Access Cybersecurity Security 353

Security Affairs

APRIL 9, 2024

running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. running on OLED55A23LA Below is the disclosure timeline: November 01, 2023: Vendor disclosure November 15, 2023: Vendor confirms the vulnerabilities. Sweden, and Finland.

Authentication 352

Authentication Libraries Access Information Security 352

Security Affairs

DECEMBER 6, 2023

Below is the list of vulnerabilities addressed by the vendor: CVE-2022-1471 (CVSS score: 9.8) – SnakeYAML library RCE Vulnerability that impacts multiple products. CVE-2023-22522 (CVSS score: 9.0) – RCE Vulnerability In Confluence Data Center and Confluence Server. See “What You Need To Do” for detailed instructions.

IT 329

IT Libraries Security Information Security 329

Security Affairs

DECEMBER 1, 2023

The two issues are: CVE-2023-6345 Google Skia Integer Overflow Vulnerability CVE-2023-49103 ownCloud graphapi Information Disclosure Vulnerability CVE-2023-6345 – The CVE-2023-5217 is a high-severity integer overflow in Skia. CISA orders federal agencies to fix these vulnerabilities by December 21, 2023.

IT 320

IT Libraries Cybersecurity Passwords 320

Security Affairs

OCTOBER 6, 2023

Researchers published PoC exploits for CVE-2023-4911 vulnerability (aka Looney Tunables) impacting most popular Linux distributions. The vulnerability CVE-2023-4911 (CVSS score 7.8) is a buffer overflow issue that resides in the GNU C Library’s dynamic loader ld.so 2023-10-03: Coordinated Release Date (17:00 UTC).

Libraries 318

Libraries Risk Security IT 318

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity 258

Cybersecurity Phishing Authentication Analytics 258

Security Affairs

NOVEMBER 14, 2023

Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild. – CVE-2023-36036 – Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability An attacker can exploit this flaw to gain SYSTEM privileges. ” reads the post published by ZDI.

Security 327

Security Cloud Libraries Phishing 327

Security Affairs

JULY 30, 2024

These included relocating malicious functions to obfuscated native libraries, using certificate pinning to secure C2 communications, and determine if it was running on a rooted device or in an emulated environment. “In April 2024, we found a suspicious sample that turned out to be a new version of Mandrake. .”

Libraries 318

Libraries Communications Encryption IT 318

Security Affairs

JULY 24, 2023

The now-patched vulnerability, tracked as CVE-2023-38408 , can be exploited by a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent. For example, many shared libraries have constructor and destructor functions that are automatically executed by dlopen() and dlclose(), respectively.”

Libraries 246

Libraries Authentication Encryption Security 246

Security Affairs

AUGUST 7, 2024

In December 2023, the group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. The group also claimed the hack of the British Library and China Energy Engineering Corporation. The Rhysida ransomware group has been active since May 2023. The victims of the group are “targets of opportunity.”

Ransomware 342

Ransomware Manufacturing Libraries Education 342

Security Affairs

DECEMBER 28, 2023

An attacker can trigger the vulnerability, tracked as CVE-2023-51467 , to bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) The issue resides in the login functionality and results from an incomplete patch for the Pre-auth RCE vulnerability CVE-2023-49070 (CVSS score: 9.8).

Authentication 350

Authentication Libraries Passwords Information Security 350

Security Affairs

FEBRUARY 11, 2024

The malware uses cmd.exe to read and execute a file stored on the infected external drive, it leverages msiexec.exe for external network communication to a rogue domain used as C2 to download and install a DLL library file. ” The vulnerability CVE-2023-36802 is a Type Confusion issue in Microsoft Streaming Service Proxy.

Communications 349

Communications Manufacturing Libraries Cybersecurity 349

Schneier on Security

MARCH 29, 2024

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

Libraries 132

Libraries Ransomware 132

Security Affairs

APRIL 28, 2024

The researchers found a malicious PPSX (PowerPoint Slideshow signal-2023-12-20-160512.ppsx) ppsx) file uploaded from Ukraine to VirusTotal at the end of 2023. The payload includes a dynamic-link library (vpn.sessings) that injects the post-exploitation tool Cobalt Strike Beacon into memory and awaits commands from the C2 server.

Military 342

Military Mining Libraries Security 342

Security Affairs

APRIL 22, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added the following three new issues to its Known Exploited Vulnerabilities Catalog : CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability. CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability.

IT 246

IT Libraries Cybersecurity Education 246

Security Affairs

SEPTEMBER 6, 2023

The attack was reported by a customer on June 16, 2023. The investigation revealed that the attack began on May 15, 2023, when Storm-0558 gained access to email accounts affecting approximately 25 organizations, including government agencies as well as related consumer accounts of individuals likely associated with these organizations.

Authentication 340

Authentication Libraries Access Government 340

Security Affairs

NOVEMBER 25, 2023

ransomfeed #security #infosec #energychina pic.twitter.com/deRRximVPd — Ransomfeed (@ransomfeed) November 25, 2023 The China Energy Engineering Corporation (CEEC) is a state-owned company in China that operates in the energy and infrastructure sectors. The Rhysida ransomware group has been active since May 2023.

Ransomware 357

Ransomware Manufacturing Education Libraries 357

Security Affairs

OCTOBER 5, 2023

“The document said the exploit worked for Android versions 9 to 11, which was released in 2020, and that it took advantage of a flaw in the “image rendering library.” According to the documents, a company was selling a zero-click exploit for a remote code execution (RCE) vulnerability in WhatsApp for around $1.7

Marketing 352

Marketing Libraries Sales Government 352

Security Affairs

MARCH 31, 2024

ESET first discovered a new Linux version of DinodasRAT in October 2023, but experts believe it has been active since 2022. Since 2023, the Earth Krahang shifted to another backdoor (named XDealer by TeamT5 and DinodasRAT by ESET). The library uses the Tiny Encryption Algorithm ( TEA ) in CBC mode to cipher and decipher the data.

Libraries 362

Libraries Encryption Communications Government 362

Security Affairs

JULY 25, 2023

According to the advisory, the vulnerabilities were reported to the company via its bug bounty and pen-testing processes, as well as 3rd party library scans. CVE-2023-22508 View Ticket Jul 18, 2023 Injection, RCE (Remote Code Execution) in Bamboo High 7.5 The flaw CVE-2023-22508 was introduced in version 7.4.0

Libraries 246

Libraries Authentication Security IT 246

Security Affairs

JULY 24, 2024

In 2023, Symantec identified a Daggerfly intrusion at an African telecom operator, using new MgBot plugins. In addition to this shared infrastructure, Macma and other malware in the Daggerfly’s arsenal, including Mgbot all contain code from a single, shared library or framework.

Libraries 334

Libraries IT Information Security Security 334

Security Affairs

JULY 8, 2023

CVE-2023-26083 CVE-2021-29256 CVE-2023-2136 The CVE-2023-26083 is an Arm Mali GPU kernel driver information disclosure vulnerability that the US CISA added to its Known Exploited Vulnerabilities catalog in April 2023. The flaw was reported by Clément Lecigne of Google’s Threat Analysis Group on 2023-04-12.

Libraries 246

Libraries Security Access IT 246

Security Affairs

DECEMBER 17, 2023

“Today we experienced an exploit on the Ledger Connect Kit, a Javascript library that implements a button allowing users to connect their Ledger device to third party DApps (wallet-connected Web sites). ledger library confirmed compromised and replaced with a drainer. that included a crypto drainer malware.

Phishing 352

Phishing Libraries Authentication Access 352