February 28, 2024 – Page 2

Azure HDInsight XSS Vulnerabilities: Analysis, Impact, and Remediation

Multiple Cross-Site Scripting (XSS) vulnerabilities, encompassing Stored XSS and Reflected XSS, have been detected in Azure HDInsight, with severity ratings ranging from 4.5 (Medium) to 4.6 (Medium). These vulnerabilities impacted various products, including Azure Apache Oozie, Apache Ambari, Jupyter Notebooks, Apache Hadoop, and Apache Hive 2. However, Microsoft addressed these vulnerabilities in their Security update …

Azure HDInsight XSS Vulnerabilities: Analysis, Impact, and Remediation Read More »

Uncovering Memory Corruption: Exploitable Flaws in ncurses Library

A series of memory corruption vulnerabilities has been uncovered within the ncurses (new curses) programming library, potentially enabling threat actors to execute malicious code on susceptible Linux and macOS systems. In a technical report released today, Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse highlighted the exploitation potential of these vulnerabilities …

Uncovering Memory Corruption: Exploitable Flaws in ncurses Library Read More »

Unveiling Critical Kubernetes Security Flaws: Windows Endpoints Vulnerable to Remote Code Execution

Three interconnected security vulnerabilities of high severity have been uncovered in Kubernetes, posing a risk of remote code execution with elevated privileges on Windows endpoints within a cluster. Identified as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, these vulnerabilities have been assigned CVSS scores of 8.8 and affect all Kubernetes setups incorporating Windows nodes. Mitigations for these issues …

Unveiling Critical Kubernetes Security Flaws: Windows Endpoints Vulnerable to Remote Code Execution Read More »

Urgent Alert: Critical Security Flaw in WebP Codec Endangers Numerous Applications

A recently discovered critical security vulnerability in the WebP codec allows attackers to trigger a heap buffer overflow in numerous widely-used applications when a specially crafted image is opened. According to a report by Stackdiary, not only web browsers like Chrome, Firefox, Brave, and Edge are affected, but also countless other apps that utilize the …

Urgent Alert: Critical Security Flaw in WebP Codec Endangers Numerous Applications Read More »

Unveiling BlueShell: Insights, Variants, and Escalating Threats

Originating in 2020 and coded in Go, the BlueShell backdoor operates stealthily, utilizing TLS encryption to avoid network detection while communicating with its command-and-control (C2) server. It relies on three key configuration parameters: the C2 server’s IP address, port number, and a specified waiting time. Research has linked the use of BlueShell malware to the …

Unveiling BlueShell: Insights, Variants, and Escalating Threats Read More »

Addressing Splunk Enterprise Vulnerabilities: Patching Cross-Site Scripting, Denial of Service, and More

Splunk Enterprise harbors multiple vulnerabilities, including Cross-site Scripting (XSS), Denial of Service (DoS), Remote Code Execution, Privilege Escalation, and Path Traversal, with severity ratings ranging from 6.3 (Medium) to 8.8 (High). Addressing these concerns, Splunk has issued security advisories detailing patches for these vulnerabilities. CVE-2023-40592: Reflected Cross-Site Scripting (XSS) This vulnerability permits attackers to execute …

Addressing Splunk Enterprise Vulnerabilities: Patching Cross-Site Scripting, Denial of Service, and More Read More »

VMware Vulnerability Report: SAML Token Signature Bypass and Mitigation Measures

A vulnerability affecting VMware involving a SAML token signature bypass has been reported, potentially allowing threat actors to execute VMware Guest operations. Assigned the CVE ID CVE-2023-20900, this vulnerability is classified with a severity rating of 7.5 (High). VMware tools encompass a suite of modules and services designed to enhance various functionalities within VMware products. …

VMware Vulnerability Report: SAML Token Signature Bypass and Mitigation Measures Read More »

ArubaOS-Switch Vulnerabilities: Risks and Remediation Measures

ArubaOS-Switch Switches have been found to contain multiple vulnerabilities, including Stored Cross-site Scripting (Stored XSS), Denial of Service (DoS), and Memory Corruption issues. Aruba, the owner of ArubaOS-Switch and a subsidiary of Hewlett Packard Enterprise, has taken steps to address these vulnerabilities and has released a security advisory. ArubaOS-Switch allows centralized network management and is …

ArubaOS-Switch Vulnerabilities: Risks and Remediation Measures Read More »

Skype Security Alert: Flaw Exposes Users’ IP Addresses

A serious security flaw in Microsoft’s Skype messenger allows attackers to easily spy on your IP address. Using Skype? Then you should be particularly cautious now! A security researcher has managed to find out the IP address of a Skype user without them having to click on a link. Sounds alarming, doesn’t it? In this …

Skype Security Alert: Flaw Exposes Users’ IP Addresses Read More »

New Evasion Technique: Hackers Embed Malicious Word Files within PDFs

In an attempt to evade detection, hackers have adopted a novel technique known as “MalDoc in PDF,” wherein they embed a malicious Word file within a PDF file. Despite possessing PDF-specific file format and magic numbers, a file crafted with MalDoc in PDF can be opened in Word. When such a file contains a configured …

New Evasion Technique: Hackers Embed Malicious Word Files within PDFs Read More »