November 23, 2023

WinRAR Vulnerability Enables Hackers to Seize Control of PCs

A significant security vulnerability has been revealed in the WinRAR utility, which has the potential to be exploited by malicious actors to achieve remote code execution on Windows systems. This vulnerability, identified as CVE-2023-40477 with a CVSS score of 7.8, arises from improper validation during the processing of recovery volumes. The Zero Day Initiative (ZDI) …

WinRAR Vulnerability Enables Hackers to Seize Control of PCs Read More »

Vulnerability in Apache Ivy Enables Attackers to Illegitimately Extract Confidential Information

A blind XPath injection vulnerability has been uncovered in Apache Ivy, a component of the Apache Software Foundation, which permits malicious actors to surreptitiously retrieve sensitive data that is normally restricted to the host running Apache Ivy. This security flaw is present in versions prior to 2.5.2 and occurs during the parsing of XML files …

Vulnerability in Apache Ivy Enables Attackers to Illegitimately Extract Confidential Information Read More »

Vulnerabilities in Apache XML Graphics Batik Expose Confidential Data

Two Server-Side Request Forgery (SSRF) vulnerabilities have been identified in Apache Batik, potentially enabling malicious actors to gain unauthorized access to sensitive data within the Apache Batik application. These vulnerabilities specifically pertain to Apache XML Graphics Batik and have been assigned the CVE IDs CVE-2022-44729 and CVE-2022-44730. Apache Batik is a Java-based application toolkit employed …

Vulnerabilities in Apache XML Graphics Batik Expose Confidential Data Read More »

Security Experts Issue Warning About Cybercriminals Exploiting Cloudflare R2 for Phishing Page Hosting

Over the past half-year, there has been a significant uptick, a staggering 61-fold increase, in the utilization of Cloudflare R2 by threat actors for hosting phishing pages. According to Jan Michael, a security researcher at Netskope, these phishing campaigns primarily focus on acquiring Microsoft login credentials, although there are instances targeting Adobe, Dropbox, and various …

Security Experts Issue Warning About Cybercriminals Exploiting Cloudflare R2 for Phishing Page Hosting Read More »

Germany has the highest number of hacked Netscaler servers

While many Citrix Netscaler servers have been patched for a vulnerability known since July, attackers still maintain access. Security researchers from Fox-IT and the Dutch Institute of Vulnerability Disclosure (DIVD) jointly investigated a hacking campaign where malicious actors established webshells on Citrix Netscaler servers vulnerable to the CVE-2023-3519 security flaw. In total, nearly 2,000 systems …

Germany has the highest number of hacked Netscaler servers Read More »

Critical Vulnerability Exploited to Compromise Nearly 2,000 Citrix NetScaler Instances

Around 2,000 Citrix NetScaler instances have fallen victim to a backdoor attack, leveraging a recently disclosed critical security vulnerability as part of a widespread assault. According to an advisory from NCC Group, released on Tuesday, it appears that an attacker exploited CVE-2023-3519 in an automated manner, implanting web shells on vulnerable NetScalers to establish persistent …

Critical Vulnerability Exploited to Compromise Nearly 2,000 Citrix NetScaler Instances Read More »

Vulnerabilities in HPE Aruba Networking Products Enable Unauthorized File Overwriting

HPE Aruba Networking has identified two critical vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affecting their Virtual Intranet Access (VIA) client designed for Microsoft Windows. In the event of a successful exploit, an attacker gains the ability to overwrite files without authorization. HPE Aruba Networking has taken immediate action to mitigate these high-severity vulnerabilities by releasing an update. …

Vulnerabilities in HPE Aruba Networking Products Enable Unauthorized File Overwriting Read More »

Vulnerability in Cisco Unified Communications Manager Enables SQL Injection Attacks by Attackers

A vulnerability in the web-based management interface of both Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) has been identified. Cisco Unified CM is primarily used for managing voice and video calls, while Cisco Unified CM SME handles session routing intelligence. This vulnerability allows a remote …

Vulnerability in Cisco Unified Communications Manager Enables SQL Injection Attacks by Attackers Read More »

The Raccoon Stealer Makes a Comeback with Enhanced Evasion Features

The cybercrime group responsible for Raccoon Stealer has made a comeback after a six-month break, unveiling version 2.3.0 of their malware. This version, aimed at cybercriminals, is being advertised on hacker forums. The group’s resurgence follows several setbacks in 2022, leading to a temporary shutdown of their operations. New Features and Updates in Version 2.3.0: …

The Raccoon Stealer Makes a Comeback with Enhanced Evasion Features Read More »

Python URL Parsing Vulnerability Opens Door to Command Execution Attacks

A critical security vulnerability has been identified in Python’s URL parsing function, urllib.parse, specifically affecting its ability to correctly handle URLs starting with blank characters. This flaw, assigned the identifier CVE-2023-24329 with a CVSS score of 7.5, poses a risk as it can be exploited to circumvent domain or protocol blocklists, potentially leading to unauthorized …

Python URL Parsing Vulnerability Opens Door to Command Execution Attacks Read More »

Scroll to Top