Tag: Exploits

Google Fixes Critical Vulnerability in Chrome, Exploited in the Wild

Using specifically crafted WebP images, hackers can initiate CVE-2023-4863 vulnerability exploitation

Google released an urgent security update for its Chrome browser. The patch contains the fix for CVE-2023-4863, a heap buffer overflow vulnerability that can simply be exploited. Actually, Google states that this vulnerability has already been used in the wild. The breach affects browser builds for all supported OS – Mac, Linux and Windows. Google… Continue reading Google Fixes Critical Vulnerability in Chrome, Exploited in the Wild

Ivanti EPMM Vulnerability Patch is Vulnerable

Despite best efforts of Ivanti programmers, older versions of their MobileIron Core can still be exploited

Ivanti, the provider of a wide range of management solutions for corporations, have apparently taken up the baton from Ipswich, the vendor of an infamous MOVEit MFT. Analysts discovered 2 severe vulnerabilities in its EPMM over the last 10 days, and the company released urgent fixes. However, the patch for the CVE-2023-35078 appears to be… Continue reading Ivanti EPMM Vulnerability Patch is Vulnerable

The Second Exploit in Ivanti EPMM in a Week

Ivanti had a second bug on their product despite fixing a zero-day vulnerability.

Ivanti has once again encountered an error that affects and corrects its Endpoint Manager software. This is despite the fact that Ivanti had eliminated a zero-day vulnerability that targeted the same product a few days before. Analysts found new vulnerability in Ivanti EPMM Currently, two vulnerabilities are being actively exploited by malicious cyber actors. It… Continue reading The Second Exploit in Ivanti EPMM in a Week

Ivanti 0-day exploited to target Norwegian government

The actively exploited zero-day vulnerability impacted Ivanti ‘s mobile device management software EPMM.

Software development company Ivanti (formerly MobileIron Core) has patched a zero-day vulnerability that allowed authentication bypass. This vulnerability had a maximum CVSS level and was actively exploited to gain unauthorized access. What is Ivanti Company? Ivanti is an IT software company headquartered in Utah, United States. It produces a variety of IT management and security… Continue reading Ivanti 0-day exploited to target Norwegian government

NortonLifeLock Hacked by Cl0P Gang, Using MOVEit Vulnerability

Cl0p ransomware listed Norton company among others breached through MOVEit MFT breach

NortonLifeLock, the world-famous antivirus software developer, had reportedly been hacked by the Cl0p ransomware gang. Hackers listed it on their Darknet leak page, and it appears that the cybersecurity vendor is yet another victim of MOVEit vulnerability. NortonLifeLock Hacked via MOVEit Vulnerability The vulnerability in Progress’ MOVEit MFT solution set the whole cybersecurity community abuzz.… Continue reading NortonLifeLock Hacked by Cl0P Gang, Using MOVEit Vulnerability

PaperCut Vulnerability Allows RCE, Exploited in the Wild

Two CVEs in PaperCut allow RCE and account data extraction

PaperCut, a software solution used for print management, appears to be vulnerable to remote code execution (RCE). Another security violation that popped out along with the former allows extracting user data from the profiles created in the program. The RCE vulnerability is already used in cyberattacks. What is PaperCut? PaperCut is a print management solution,… Continue reading PaperCut Vulnerability Allows RCE, Exploited in the Wild

MSMQ Vulnerability Allows Remote Code Execution

CVE-2023-21554 allows hackers to take over the crucial MSMQ process

Recent update released by Microsoft, an April Patch Tuesday, revealed a severe vulnerability in Microsoft Message Queueing mechanism. That vulnerability allows remote code execution after sending 1 (one) package through a specific port. What is Microsoft Message Queueing? Microsoft Message Queueing, or MSMQ, is an infrastructure element for sharing messages within a local network. At… Continue reading MSMQ Vulnerability Allows Remote Code Execution

New Microsoft SmartScreen Bypass Technique Causes Concerns

CVE-2023-24880 allows to skip the certificate check

Microsoft SmartScreen proved to be an effective way of approving the legitimacy of the application – by checking one’s certificate. With time, Microsoft did a lot of work making it more efficient and sustainable to hacking – but that never made even a single mechanism secure from zero-day breaches. A new vulnerability that allows bypassing… Continue reading New Microsoft SmartScreen Bypass Technique Causes Concerns

Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8) and, according to Microsoft, affects all versions of Windows. At the same time, the… Continue reading Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks