A newly discovered vulnerability in OpenSSH nicknamed regreSSHion allows remote attackers to gain root privileges on Linux systems based on glibc library. This flaw enables an unauthenticated attacker to execute arbitrary code on the vulnerable system and obtain root privileges. Considering the wide application of OpenSSH, this flaw can have massive impact, comparable in size… Continue reading RegreSSHion OpenSSH Vulnerability Allows for RCE
Tag: vulnerability
New GrimResource Attack Technique Targets MMC, DLL Flaw
A new malicious code execution technique, coined GrimResource, was discovered, targeting Microsoft Management Console. Attackers are exploiting an old cross-site scripting vulnerability that allows them to bypass defenses and deploy malware to endpoints. Attack Technique Exploits Microsoft Management Console Files On June 6, 2024, Elastic reported about discovering a new attack technique that uses Microsoft… Continue reading New GrimResource Attack Technique Targets MMC, DLL Flaw
Microsoft Patches Critical MSMQ Vulnerability
In the latest Patch Tuesday, on June 11, 2024 Microsoft disclosed fixing a substantial number of flaws, including a remote code execution vulnerability in Microsoft Message Queuing (MSMQ). It plagues the selection of Windows and Windows Server versions, including ones that reached end of life to the moment. At the time, no exploitation facts were… Continue reading Microsoft Patches Critical MSMQ Vulnerability
Critical LG TV Vulnerabilities Allow for Command Execution
LG reports fixing four critical vulnerabilities discovered in many of its TVs. These vulnerabilities were found back in 2023, and could allow malicious actors to gain control of affected LG TVs. Good news – the attacker should connect to the same network to exploit the flaw. Bad news – they can continue using the device… Continue reading Critical LG TV Vulnerabilities Allow for Command Execution
Two Android Zero-Day Flaws in Google Pixel Exploited
Google has disclosed that two Android zero-day security vulnerabilities have been detected in its Pixel smartphones. The patch is already available, as Google claimed fixing the flaws in the recent Pixel Update Bulletin. Even worse news is that the flaw is already under exploitation in targeted attacks. Two Android Zero-Day Flaws Exploited in Targeted Attacks… Continue reading Two Android Zero-Day Flaws in Google Pixel Exploited
XZ Utils Backdoor Discovered, Threating Linux Servers
A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of the distribution noticed a half-second delay in the updated version, which eventually led him to the flaw. The latter appears to be the brainchild of one of the new XZ maintainers, who pulled off an… Continue reading XZ Utils Backdoor Discovered, Threating Linux Servers
Microsoft SharePoint Vulnerability Exploited, Update Now
In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now
GoFetch Vulnerability in Apple Silicon Uncovered
Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered… Continue reading GoFetch Vulnerability in Apple Silicon Uncovered
Fortinet RCE Vulnerability Affects FortiClient EMS Servers
Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential to allow remote attackers to execute arbitrary commands on administrative workstations. Fortinet SQLi Vulnerability Causes Remote Code Execution As I mentioned, the vulnerability is classified… Continue reading Fortinet RCE Vulnerability Affects FortiClient EMS Servers
BianLian Exploits TeamCity Vulnerability to Deploy Backdoors
BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to carry out multistage cyberattacks. Threat actors reportedly start their attack chain with a Golang-based backdoor, and work their way all the way to the ransomware… Continue reading BianLian Exploits TeamCity Vulnerability to Deploy Backdoors