#vulnerabilities

#vulnerabilities

Mastering the Dragon's Dogma 2 Mystic Spearhand build requires precise skill execution and understanding of vulnerabilities and follow-up attacks. [ more ]

Security researchers found a vulnerability in hotel keycard locks allowing quick access.

Exploiting encryption and RFID system vulnerabilities to open Saflok keycard locks is relatively easy. [ more ]

Two critical security vulnerabilities discovered by Rapid7 in TeamCity On-Premises servers could allow an attacker to gain administrative control. [ more ]

Apple patches iOS and iPadOS for four critical vulnerabilities, including two zero-days under active exploitation.

Vulnerabilities include memory corruption, real-time operating system flaw, accessibility and privacy issue, and a logic issue affecting Safari Private Browsing. [ more ]

Google Chrome is widely used globally.

CERT-In identified severe vulnerabilities in older versions of Google Chrome. [ more ]

Web shells have become increasingly popular as attackers target cloud resources.

WSO-NG, a web shell, disguises its login site as a 404 page and gathers information about potential targets.

Other ransomware gangs have also deployed web shells to exploit vulnerabilities and steal credentials. [ more ]

Two critical vulnerabilities in Windows Hyper-V were fixed, notably with a decrease in total fixed vulnerabilities from the previous month.

The slimline update this Patch Tuesday did not include any zero-day vulnerabilities or PoCs, leading to a moment of relative calm in the cybersecurity landscape. [ more ]

Canva discovered three vulnerabilities related to fonts - one high-severity and two moderate-severity.

Font manipulation tools like FontForge and ImageMagick pose security risks when operating on untrusted data due to naming conventions and compression issues. [ more ]

Adobe released a batch of security fixes for multiple products including Acrobat, Reader, ColdFusion, InDesign, InCopy, and Audition.

The patches cover critical-severity flaws that expose systems to arbitrary code execution and memory leak issues.

Adobe stated that there are no known exploits in the wild for the vulnerabilities. [ more ]

Russian state hackers are targeting organizations moving to the cloud, focusing on weaknesses in cloud services for initial access.

APT29, linked to Russia's Foreign Intelligence Service, is expanding its cyberattacks to various sectors and adapting techniques for cloud-based environments. [ more ]

Security incident on Cloudflare's Atlassian server

Threat actor's access and tools highlighted [ more ]

Ransomware gangs exploit ConnectWise ScreenConnect vulnerabilities with high CVE scores.

Multiple threat actors using leaked build of LockBit target unpatched organizations. [ more ]

Two easy-to-exploit flaws in ConnectWise ScreenConnect are being mass-exploited by hackers.

Hackers are using the vulnerabilities to deploy ransomware and steal sensitive data. [ more ]

Prioritize cybersecurity measures for secure Metaverse app development.

Conduct a security risk assessment to identify and address vulnerabilities. [ more ]

Cyber attacks targeting vulnerable instances of ConnectWise ScreenConnect are escalating.

CVE-2024-1709 authentication bypass vulnerability poses a significant risk and requires immediate patching. [ more ]

The high-risk flaws in ConnectWise ScreenConnect are being exploited by hackers to deploy LockBit ransomware.

Two vulnerabilities, an authentication bypass bug and a path traversal bug, are actively exploited to plant malicious code remotely. [ more ]

Memory-safety flaws are the majority of high-severity problems for Google and Microsoft.

Coding with Rust can help reduce memory safety vulnerabilities, but it won't fix everything. [ more ]

Mobb now provides instant patches for vulnerabilities during a DevSecOps workflow.

The Mobb platform combines AI and security research to automatically create patches for vulnerabilities. [ more ]

The US Cybersecurity and Infrastructure Agency is urging business and technical leaders to prioritize memory safety in software development.

Memory safety errors can lead to significant damage and be exploited by attackers to take over systems and steal data. [ more ]

Hackers working for the Chinese government are exploiting critical vulnerabilities in Ivanti VPN appliances.

Over 400 unique hosts have been found with this backdoor, indicating multiple attackers or evolving tactics. [ more ]

600 IP addresses are launching thousands of exploit attempts against a critical bug in Atlassian Confluence Data Center and Server.

More than 11,000 instances of Confluence remain exposed on the internet, and criminals are attempting remote code execution attacks. [ more ]

Major tech companies criticized for not properly disclosing vulnerabilities

Juniper Networks and Ivanti accused of bundling multiple vulnerabilities under a single CVE ID [ more ]

Bayern Munich's win over Hoffenheim showcased the team's vulnerabilities.

Harry Kane's move to Bayern Munich positions him as a frontrunner for the Ballon d'Or in 2024. [ more ]

UEFI firmware from leading suppliers contains vulnerabilities that allow for malware infections at the firmware level.

The vulnerabilities, dubbed PixieFail, pose a threat to public and private data centers. [ more ]

Hackers are actively exploiting vulnerabilities in Ivanti's products, potentially impacting its 40,000 customers.

A Chinese state-backed hacking group is suspected of targeting these vulnerabilities to access companies' networks. [ more ]

The Karakurt extortion gang poses a significant challenge for network defenders due to their extensive harassment tactics.

The FBI and US government agencies have released a list of vulnerabilities and methods exploited by Karakurt to help organizations avoid falling victim. [ more ]

The Karakurt extortion gang poses a significant challenge for network defenders due to their extensive harassment tactics.

The FBI and US government agencies have released a list of vulnerabilities and methods exploited by Karakurt to help organizations avoid falling victim. [ more ]

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Crooks are exploiting old vulnerabilities to deploy Androxgh0st malware and build a cloud-credential stealing botnet.

Androxgh0st primarily targets .env files containing user credentials for AWS, Microsoft Office 365, SendGrid, and Twilio. [ more ]

Apple was warned about vulnerabilities in AirDrop as early as 2019, which Chinese authorities claim to have used to track down users.

The Chinese government's actions raise concerns about Apple's relationship with China and the ability of authoritarian regimes to exploit US tech products. [ more ]

Researchers have discovered 23 vulnerabilities in the Bosch Rexroth Handheld Nutrunner NXA015S-36V-B, a popular line of network-connected wrenches used in factories.

These vulnerabilities could allow hackers to install malware, disable the devices, or manipulate torque settings, posing safety risks. [ more ]

MongoDB experienced a security incident involving unauthorized access to certain systems, resulting in exposure of customer account metadata and contact information.

Customers are advised to be vigilant for social engineering and phishing attacks, activate multi-factor authentication, and regularly rotate passwords. [ more ]

MongoDB experienced a security incident involving unauthorized access to certain systems, resulting in exposure of customer account metadata and contact information.

Customers are advised to be vigilant for social engineering and phishing attacks, activate multi-factor authentication, and regularly rotate passwords. [ more ]

Vulnerabilities have been found in laptop makers' implementations of Windows Hello.

The flaws relate to the Secure Device Connection Protocol (SDCP), which powers Windows Hello.

The vulnerabilities were uncovered as part of a project for Microsoft, Lenovo, and Dell. [ more ]

Vulnerabilities have been found in laptop makers' implementations of Windows Hello.

The flaws relate to the Secure Device Connection Protocol (SDCP), which powers Windows Hello.

The vulnerabilities were uncovered as part of a project for Microsoft, Lenovo, and Dell. [ more ]

Vulnerabilities have been found in laptop makers' implementations of Windows Hello.

The flaws relate to the Secure Device Connection Protocol (SDCP), which powers Windows Hello.

The vulnerabilities were uncovered as part of a project for Microsoft, Lenovo, and Dell. [ more ]

Ghost accounts on social media are becoming increasingly common.

Social media companies profit from collecting user information and exploiting our weaknesses. [ more ]

Manchester United and Aston Villa have emerged as surprise contenders in the Premier League title race.

None of the top teams in the league have been immune to vulnerabilities and surprising results.

The top seven teams in the Premier League are separated by only seven points at this stage of the season. [ more ]

Liverpool's upcoming match against Manchester City will be an important test for their title aspirations.

Liverpool's new team, dubbed 'Liverpool Mark 2.0', has been rebuilt into a dangerous outfit.

Opposition teams have found success against Manchester City by being bold and exploiting their vulnerabilities. [ more ]

CISA added known software flaws to its KEV catalog months after they were disclosed and exploited.

The delayed updates to the KEV catalog can hinder security teams' patching efforts and put organizations at risk.

The examples of Adobe, Juniper, and Veeam demonstrate the long lead time for vulnerabilities to be included in the KEV catalog. [ more ]

CISA has released a mitigation guide for the Healthcare and Public Health sector to combat cyber threats.

The guide provides defensive mitigation strategy recommendations and identifies known vulnerabilities for organizations to assess their networks.

HPH entities are encouraged to visit CISA's Healthcare and Public Health Cybersecurity Toolkit and Sector webpages for more information. [ more ]

CISA added Sophos, Oracle, and Microsoft product flaws to its Known Exploited Vulnerabilities catalog.

The Sophos flaw CVE-2023-1671 is a critical vulnerability that can be exploited for arbitrary code execution.

CVE-2020-2551 is an Oracle WebLogic Server flaw targeted by a Chinese threat actor in attacks on government and critical infrastructure organizations in Taiwan. [ more ]

Microsoft's November Patch Tuesday includes fixes for about 60 vulnerabilities, including three that have already been exploited in the wild.

The vulnerabilities include a Windows Desktop Manager elevation-of-privilege vulnerability, a privilege-escalation vulnerability in Windows Cloud Files Mini Filter Driver, and a vulnerability that allows bypassing Windows Defender SmartScreen.

These vulnerabilities are likely being exploited in conjunction with code execution bugs and users are advised to update quickly. [ more ]