The agency has identified a critical flaw in Sophos products, CVE-2023-1671, which has been exploited by attackers allowing arbitrary code execution. Sophos released patches in April and informed customers that the affected appliance would reach its end of life on July 20, 2023. Although no public reports have described attacks exploiting CVE-2023-1671, Sophos was unable …
The CPU manufacturer Intel recently released microcode updates to address a security vulnerability registered as CVE-2023-23583, which has been classified as highly severe. This vulnerability affects various desktop, server, and mobile processors and could potentially allow authenticated attackers with local access to escalate their privileges, steal information, and execute DoS attacks. The security flaw, referred …
Intel Releases Microcode Updates to Address Critical Security Vulnerability Read More »
VMware has disclosed a critical security vulnerability affecting its Cloud Director (VCD) software, which could allow attackers to bypass authentication on vulnerable systems. Tracked as CVE-2023-34060 and rated with a CVSS score of 9.8, the flaw impacts VCD-Appliances that have been upgraded from an older version to Version 10.5. However, newly installed Version 10.5 appliances …
VMware Cloud Director Vulnerability: Critical Security Bypass Exposed Read More »
Atlassian and the Internet Systems Consortium (ISC) have revealed multiple security vulnerabilities affecting their products, potentially leading to denial-of-service (DoS) attacks and remote code execution. The Australian software services provider has addressed four high-severity flaws in recent updates. These include: These vulnerabilities have been addressed in the following versions: In a related update, ISC has …
Security Vulnerabilities Disclosed by Atlassian and ISC: Mitigations and Fixes Read More »
A new variant of the BlackCat Ransomware, named Sphynx, has recently emerged, showcasing enhanced capabilities tailored for encrypting Azure Storage accounts. Initially identified in March, this iteration of Sphynx received upgrades in May, introducing the Exmatter exfiltration tool. Subsequent releases in August unveiled additional functionalities, including the ability to override credentials stored in configuration files …
A recent investigation conducted by Trend Micro reveals that threat groups associated with RedLine and Vidar have adopted similar tactics for deploying ransomware as they use for disseminating info-stealing malware. In a specific instance, victims initially encountered a malware strain designed for data theft, which was signed with Extended Validation (EV) code signing certificates. However, …
A newly emerged cryptojacking operation, tailored for cloud-native environments, has turned its focus towards less common Amazon Web Services (AWS) offerings such as AWS Amplify, AWS Fargate, and Amazon SageMaker to clandestinely mine cryptocurrency. Dubbed AMBERSQUID by cloud and container security firm Sysdig, this malicious cyber activity has managed to exploit cloud services without triggering …
AMBERSQUID: Novel Cloud-Native Cryptojacking Operation Targets AWS Services Read More »
Multiple Cross-Site Scripting (XSS) vulnerabilities, encompassing Stored XSS and Reflected XSS, have been detected in Azure HDInsight, with severity ratings ranging from 4.5 (Medium) to 4.6 (Medium). These vulnerabilities impacted various products, including Azure Apache Oozie, Apache Ambari, Jupyter Notebooks, Apache Hadoop, and Apache Hive 2. However, Microsoft addressed these vulnerabilities in their Security update …
Azure HDInsight XSS Vulnerabilities: Analysis, Impact, and Remediation Read More »
A series of memory corruption vulnerabilities has been uncovered within the ncurses (new curses) programming library, potentially enabling threat actors to execute malicious code on susceptible Linux and macOS systems. In a technical report released today, Microsoft Threat Intelligence researchers Jonathan Bar Or, Emanuele Cozzi, and Michael Pearse highlighted the exploitation potential of these vulnerabilities …
Uncovering Memory Corruption: Exploitable Flaws in ncurses Library Read More »
Three interconnected security vulnerabilities of high severity have been uncovered in Kubernetes, posing a risk of remote code execution with elevated privileges on Windows endpoints within a cluster. Identified as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, these vulnerabilities have been assigned CVSS scores of 8.8 and affect all Kubernetes setups incorporating Windows nodes. Mitigations for these issues …