Security Affairs

APRIL 15, 2023

The Goldoson library was discovered by researchers from McAfee’s Mobile Research Team, it collects lists of applications installed on a device, and a history of Wi-Fi and Bluetooth devices information, including nearby GPS locations. The experts have found more than 60 applications in Google Play that were containing the malicious library.

Libraries 246

Libraries Data collection Education Security 246

Security Affairs

APRIL 9, 2023

The development team behind the vm2 JavaScript sandbox library addressed a critical Remote Code Execution vulnerability. servers, it has approximately four million weekly downloads and its library is part of 722 packages. servers, it has approximately four million weekly downloads and its library is part of 722 packages.

Libraries 245

Libraries File names Education Cybersecurity 245

Security Affairs

JULY 9, 2019

Lodash is a JavaScript library which provides utility functions for common programming tasks using the functional programming paradigm. The flaw could be exploited by hackers to compromise the security of affected services using the library. The popular library is currently used in more than 4 million projects on GitHub.

Libraries 242

Libraries Security IT Information Security 242

Security Affairs

APRIL 15, 2025

A critical vulnerability, tracked as CVE-2025-24859 (CVSS score of 10.0), affects the Apache Roller open-source, Java-based blogging server software. In early April, experts warned of another critical vulnerability impacting Apache Parquets Java Library. All versions 6.1.4 are affected.

Passwords 127

Passwords Access Libraries Big data 127

Security Affairs

SEPTEMBER 7, 2020

The trick used by the Epic Macnchego gang consists of compiling the documents with a.NET library called EPPlus , instead of the standard Microsoft Office software. ” The library can generate files in multiple spreadsheet formats, it also supports Excel 2019. .” ” reads the analysis published by NVISO.

Libraries 338

Libraries Phishing Passwords Security 338

Security Affairs

DECEMBER 29, 2021

CVE-2021-44832 is the fifth vulnerability discovered in the popular library in the last weeks. Like the previous issues affecting the library, this one could be exploited by threat actors to execute malicious code on affected systems. The Apache Software Foundation released Log4j 2.17.1 “Apache Log4j2 versions 2.0-beta7

Libraries 354

Libraries Security IT Information Security 354

Security Affairs

NOVEMBER 2, 2022

The OpenSSL project fixed two high-severity flaws in its cryptography library that can trigger a DoS condition or achieve remote code execution. The OpenSSL project has issued security updates to address a couple of high-severity vulnerabilities, tracked as CVE-2022-3602 and CVE-2022-3786 , in its cryptography library. of the library.

Libraries 309

Libraries Encryption Authentication Communications 309

Security Affairs

JUNE 9, 2022

It is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and like a parasite infects the machine. Symbiote can be loaded by the linker via the LD_PRELOAD directive before any other shared objects allowing to “hijack the imports” from the other library files loaded for the application.

Libraries 364

Libraries Passwords Security IT 364

Security Affairs

JUNE 17, 2022

Every document library in SharePoint Online and OneDrive is characterized with a set of attributes, including the number of saved versions that can be changed by the site owner can change, regardless of their other roles. The versioning settings are under list settings for each document library. . ” continues the report.

Libraries 282

Libraries Encryption Ransomware Cloud 282

Security Affairs

AUGUST 12, 2024

The CloudSorcerer employed in this campaign was updated since its initial discovery in July 2024, when experts noticed the malware using profiles on the LiveJournal blog and the Q&A site Quora as its initial command server. “This library is a backdoor packed with the VMProtect tool.

Libraries 343

Libraries Encryption Cloud Archiving 343

Security Affairs

APRIL 22, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. A remote attacker who had compromised the renderer process can exploit the integer overflow in the Skia library to potentially perform a sandbox escape via a crafted HTML page.

IT 246

IT Libraries Cybersecurity Education 246

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). Researchers from threat intelligence firm Cyble uncovered a malware campaign targeting the infoSec community. This PoC is fake do not run it.

Libraries 363

Libraries Information Security Cybersecurity Security 363

Security Affairs

JUNE 9, 2019

The group of security researchers NightSt0rm published technical details about the vulnerability in a blog post on Medium. The SpiService.exe is associated with XFS, the Extension for Financial Services DLL library (MSXFS.dll) that is specifically used by ATMs.” ” reads the post published by the experts.

Libraries 279

Libraries Communications Financial Services Security 279

Security Affairs

SEPTEMBER 24, 2020

The vulnerability ties on how Instagram uses third-party libraries for image processing, in particular, the open-source JPEG decoder Mozjpeg. “Our blog post describes how image parsing code, as a third party library, ends up being the weakest point of Instagram’s large system.

Access 332

Access Libraries Communications IT 332

Security Affairs

APRIL 19, 2023

The vulnerability is an Integer overflow in the Skia graphics library, the issue was reported by Clément Lecigne of Google’s Threat Analysis Group on April 12, 2023. Google rolled out emergency fixes to address another actively exploited high-severity zero-day flaw, tracked as CVE-2023-2136 , in its Chrome web browser.

Libraries 246

Libraries Education Access Security 246

Security Affairs

APRIL 13, 2023

The HTLM files are hosted on a legitimate online library website that was likely compromised by the threat actors sometime between the end of January 2023 and the beginning of February 2023. One of them was a Windows shortcut (LNK) file pretending to be a document but actually running a hidden DLL library with the actor’s tools.”

Libraries 246

Libraries Military Education Government 246

Outpost24

MARCH 17, 2022

Opensource from hell: malicious JavaScript distributed via opensource libraries, again. In this blog our CSO explores why distribution of malicious scripts via libraries is causing a stir amongst the open-source community and how you can defend against it. Florian Barre. Thu, 03/17/2022 - 08:01. Ghost Labs.

Libraries 97

Libraries IT 97

Security Affairs

MAY 27, 2022

“In places like a cafe, library, meeting room, or conference lobbies, people might place their smartphone face-down on the table2. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). Redmi 8, and an iPhone SE (2020). ” concludes the paper.

Paper 363

Paper Libraries Passwords Authentication 363

Security Affairs

APRIL 14, 2023

We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.” ” concludes the advisory.

Libraries 246

Libraries Education Cybersecurity Security 246

Security Affairs

APRIL 11, 2022

Yet another time, a new security threat reminds us how important is to keep all the software updated and to monitor the security releases for 3rd party libraries we rely on. Alternatively, a patch file is available for download as well – [link] – and deploys a fix valid for any previous version. To nominate, please visit:?

Security 246

Security Cybersecurity Libraries Access 246

Security Affairs

JUNE 7, 2019

“Today, Komodo were made aware of an issue with one of the libraries used by the Agama wallet, potentially putting some user funds at risk.” ” reads a blog post published by the company. JavaScript library. ” reads the post published by the npm, Inc. security team.

IT 244

IT Libraries Risk Security 244

Security Affairs

OCTOBER 23, 2018

The key is stored in plain text to a local file called %AppData%Signalconfig.json on Windows PCs and on a Mac at ~/Library/Application Support/Signal/config.json. ” read a blog post published by Bleeping Computer. The encryption key for the encrypted database is generated by the application during the installation phase.

Encryption 279

Encryption Passwords Libraries Cybersecurity 279

Security Affairs

MAY 2, 2023

. “They deliver important security improvements between software updates — for example, improvements to the Safari web browser, the WebKit framework stack, or other critical system libraries. ”” reads the announcement published by Apple. iPadOS 16.4.1, and macOS 13.3.1. .” ” “iOS Security Response 16.4.1

Security 246

Security Libraries Education Cybersecurity 246

Security Affairs

APRIL 14, 2020

.” The messages use a weaponized rich text format (RTF) attachment that exploits the CVE-2012-0158 buffer overflow in Microsoft’s ListView / TreeView ActiveX controls in MSCOMCTL.OCX library. ” continues the analysis. ” concludes the report. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 361

Ransomware Phishing Government File names 361

Security Affairs

JUNE 22, 2022

Malwarebytes researchers observed the use of 3 different themes by the threat actor to hide their skimmer, named after JavaScript libraries: hal-data[.]org/gre/code.js For an example of a client-side attack via JavaScript draining crypto assets, check out this blog from Eliya Stein over at Confiant.” org/data/ ( Logger ) js.g-livestatic[.]com/theme/main.js

Cleanup 325

Cleanup CMS Libraries Phishing 325

Security Affairs

APRIL 2, 2021

Experts suggest to fix the issue by implementing input sanitizations to some core processes and library APIs, unfortunately the issue has yet to be fixed. March 31, 2021 – Initial blog post published. March 31, 2021 – Initial blog post has been published. triggers some behavior in other processes).” Pierluigi Paganini.

Libraries 283

Libraries Authentication Security Access 283

Security Affairs

JUNE 20, 2022

sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security 264

Security Ransomware Libraries Encryption 264

Security Affairs

MAY 5, 2023

Upon executing one of the infected apps, it loads a heavily obfuscated native library containing a dropper that decrypts and runs malicious code from the app assets. Once discovered, the apps have been quickly removed from the Play Store, but the threat actors might have already uploaded other tainted apps that have yet to be discovered.

Libraries 246

Libraries Cybersecurity Security IT 246

Security Affairs

APRIL 12, 2022

One of the most severe issues addressed with the release of Patch Tuesday Security Updates for April 2022 is an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). “The vulnerability could allow a remote attacker to executed code at high privileges on an affected system. To nominate, please visit:?

Libraries 251

Libraries Cybersecurity Security IT 251

Security Affairs

MAY 8, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. Pierluigi Paganini.

Security 246

Security IoT Ransomware Libraries 246

Security Affairs

DECEMBER 3, 2018

Elasticsearch is a Java-based search engine based on the free and open-source information retrieval software library Lucene. ” reads a blog post published by HackenProof. ” continues the blog post. Experts from HackenProof discovered Open Elasticsearch instances that expose over 82 million users in the United States.

Data breaches 279

Data breaches Analytics Libraries Archiving 279

Security Affairs

APRIL 23, 2020

” reads a blog post published by Guerrero-Saade. The malicious code leverages two custom resources, ‘godown.dll’and ‘filesystem.dll’ treated as type libraries and registered as OLE controls, to enumerate attached drives, traverse folder structures, and handle some C&C functionality.

Libraries 349

Libraries Cybersecurity Access IT 349

Security Affairs

FEBRUARY 16, 2021

dll: Windows legitimate DLL for runtime dependencies – MICROSOFT® C RUNTIME LIBRARY. dll: Windows legitimate DLL for runtime dependencies – MICROSOFT® C RUNTIME LIBRARY. If a path is passed, then the library is only loaded from the specific path. Avira.OE.NativeCore.dll: malicious DLL used during the DLL side-loading process.

Libraries 332

Libraries Communications Encryption Phishing 332

Security Affairs

APRIL 26, 2023

It uses a statically linked OpenSSL (OpenSSL 0.9.8e) library to interact with the domain over HTTPS via HTTP POST request” The researchers noticed that the command handler implemented in the PingPull malware is similar to the ones supported by both the China Chopper web shell and the PingPull Windows PE variant. .”

Communications 246

Communications Military Government Libraries 246

Security Affairs

DECEMBER 15, 2018

” reads a blog post published by the Tencent Blade Team. SQLite is a widely adopted relational database management system contained in a C programming library. As a well-known database, SQLite is widely used in all modern mainstream operating systems and software, so this vulnerability has a wide range of influence.

IoT 277

IoT Libraries Security IT 277

Security Affairs

MAY 22, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice. Pierluigi Paganini.

Security 246

Security Ransomware Libraries Cybersecurity 246

Krebs on Security

APRIL 14, 2020

Near the top of the heap is CVE-2020-1020 , a remotely exploitable bug in the Adobe Font Manager library that was first detailed in late March when Microsoft said it had seen the flaw being used in active attacks. Also, keep an eye on the AskWoody blog from Woody Leonhard , who keeps a close eye on buggy Microsoft updates each month.

Libraries 317

Libraries Security Authentication IT 317