February 28, 2024

Zyxel NAS Vulnerabilities: Critical Command Injections and Security Patch Updates

Multiple vulnerabilities have been discovered in Zyxel NAS (Network Attached Storage) products, posing a significant risk of command injection. These vulnerabilities, detailed below, could enable attackers to execute system commands, potentially leading to unauthorized access and control over affected devices. Zyxel has promptly responded by releasing patches to address these security concerns, prioritizing the protection …

Zyxel NAS Vulnerabilities: Critical Command Injections and Security Patch Updates Read More »

OwnCloud Vulnerability Exploitation: Urgent Measures Required for Critical Security Flaws

OwnCloud recently disclosed several vulnerabilities within its namesake open-source file-hosting application. Among these, one critical vulnerability (CVE-2023-49103) is currently being actively exploited by attackers. This flaw, rated with a maximum CVSS score of 10, allows malicious actors to pilfer credentials and license keys. The vulnerability resides within the Graphapi app, which leverages a third-party library …

OwnCloud Vulnerability Exploitation: Urgent Measures Required for Critical Security Flaws Read More »

Fortinet Addresses Critical Vulnerabilities Across Product Line: From Command Injection to DLL Hijacking

The US cybersecurity agency CISA updated its Known Exploited Vulnerabilities (KEV) catalog on Thursday to include flaws in Sophos, Oracle, and Microsoft products. Among these vulnerabilities, Fortinet disclosed a critical OS command injection vulnerability within the FortiSIEM report server, potentially enabling remote attackers to execute malicious commands via crafted API requests. FortiSIEM, Fortinet’s security information …

Fortinet Addresses Critical Vulnerabilities Across Product Line: From Command Injection to DLL Hijacking Read More »

Critical Vulnerabilities Exploited: Sophos and Windows Security Flaws Highlighted by CISA

The agency has identified a critical flaw in Sophos products, CVE-2023-1671, which has been exploited by attackers allowing arbitrary code execution. Sophos released patches in April and informed customers that the affected appliance would reach its end of life on July 20, 2023. Although no public reports have described attacks exploiting CVE-2023-1671, Sophos was unable …

Critical Vulnerabilities Exploited: Sophos and Windows Security Flaws Highlighted by CISA Read More »

Intel Releases Microcode Updates to Address Critical Security Vulnerability

The CPU manufacturer Intel recently released microcode updates to address a security vulnerability registered as CVE-2023-23583, which has been classified as highly severe. This vulnerability affects various desktop, server, and mobile processors and could potentially allow authenticated attackers with local access to escalate their privileges, steal information, and execute DoS attacks. The security flaw, referred …

Intel Releases Microcode Updates to Address Critical Security Vulnerability Read More »

VMware Cloud Director Vulnerability: Critical Security Bypass Exposed

VMware has disclosed a critical security vulnerability affecting its Cloud Director (VCD) software, which could allow attackers to bypass authentication on vulnerable systems. Tracked as CVE-2023-34060 and rated with a CVSS score of 9.8, the flaw impacts VCD-Appliances that have been upgraded from an older version to Version 10.5. However, newly installed Version 10.5 appliances …

VMware Cloud Director Vulnerability: Critical Security Bypass Exposed Read More »

Security Vulnerabilities Disclosed by Atlassian and ISC: Mitigations and Fixes

Atlassian and the Internet Systems Consortium (ISC) have revealed multiple security vulnerabilities affecting their products, potentially leading to denial-of-service (DoS) attacks and remote code execution. The Australian software services provider has addressed four high-severity flaws in recent updates. These include: These vulnerabilities have been addressed in the following versions: In a related update, ISC has …

Security Vulnerabilities Disclosed by Atlassian and ISC: Mitigations and Fixes Read More »

Unveiling the Enhanced Sphynx Variant: BlackCat Ransomware Targets Azure Storage with Advanced Features

A new variant of the BlackCat Ransomware, named Sphynx, has recently emerged, showcasing enhanced capabilities tailored for encrypting Azure Storage accounts. Initially identified in March, this iteration of Sphynx received upgrades in May, introducing the Exmatter exfiltration tool. Subsequent releases in August unveiled additional functionalities, including the ability to override credentials stored in configuration files …

Unveiling the Enhanced Sphynx Variant: BlackCat Ransomware Targets Azure Storage with Advanced Features Read More »

Convergence of Threats: RedLine and Vidar Groups Utilize Unified Tactics for Ransomware and Info-Stealers

A recent investigation conducted by Trend Micro reveals that threat groups associated with RedLine and Vidar have adopted similar tactics for deploying ransomware as they use for disseminating info-stealing malware. In a specific instance, victims initially encountered a malware strain designed for data theft, which was signed with Extended Validation (EV) code signing certificates. However, …

Convergence of Threats: RedLine and Vidar Groups Utilize Unified Tactics for Ransomware and Info-Stealers Read More »

AMBERSQUID: Novel Cloud-Native Cryptojacking Operation Targets AWS Services

A newly emerged cryptojacking operation, tailored for cloud-native environments, has turned its focus towards less common Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to clandestinely mine cryptocurrency. Dubbed AMBERSQUID by cloud and container security firm Sysdig, this malicious cyber activity has managed to exploit cloud services without triggering …

AMBERSQUID: Novel Cloud-Native Cryptojacking Operation Targets AWS Services Read More »

Scroll to Top