Tag: Vulnerabilities

New FritzFrog Botnet Sample Exploits Log4Shell and PwnKit

Critical vulnerabilities of the past did not become less dangerous

Researchers detected a new sample of FritzFrog malware, that is known for creating significant botnets. The new threat sample includes the functionality to exploit flaws in network assets, including the infamous Log4Shell vulnerability. As it turns out, even 2 years past the discovery and feverish updating, there are quite a few instances vulnerable to such… Continue reading New FritzFrog Botnet Sample Exploits Log4Shell and PwnKit

2 Citrix RCE Under Active Exploitation, CISA Notifies

Two Citrix vulnerabilities are exploited and must be patched within seven days.

CISA has given a timeframe of one to three weeks to fix three vulnerabilities related to Citrix NetScaler and Google Chrome. These zero-day vulnerabilities were actively used in cyber attacks. 2 Citrix RCEs Exploited In The Wild, CISA Urges to Update Wednesday, January 17, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert regarding… Continue reading 2 Citrix RCE Under Active Exploitation, CISA Notifies

9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II

A newly discovered set of vulnerabilities touches a wide selection of hardware and firmware developers

A chain of 9 vulnerabilities in UEFI’s Preboot Execution Environment (PXE), dubbed PixieFail, was uncovered in a recent research. As the network boot process is a rather novice attack vector, only a few vulnerabilities received high severity status. Nonetheless, their sheer volume, along with the location in rather sensitive places, can create a mess if… Continue reading 9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II

Sierra AirLink Vulnerabilities Expose Critical Infrastructure

Researchers discovered 21 vulnerabilities in ALEOS - firmware for Sierra AirLink routers

The grand total of 21 security flaws was discovered in Sierra Wireless AirLink routers firmware. The vulnerabilities allow for remote code injection, unauthenticated access, DoS attacks, and else. As such network devices are commonly used in industrial manufacturing and applications the like, the impact of such attacks may be rather serious. Sierra AirLink Routers Have… Continue reading Sierra AirLink Vulnerabilities Expose Critical Infrastructure

Vulnerability in HP BIOS causes system takeover

UEFI, BIOS, Vulnerabilities, vulnerability, CVE-2021-3808, CVE-2021-3809

Following recent fixes for a large number of UEFI vulnerabilities, worldwide-known PC and laptop vendor HP is releasing a new BIOS update. This time around, two serious vulnerabilities affecting a wide range of over 200 PC and laptop models that allow code to run with kernel privileges, including driver management and BIOS access, were the… Continue reading Vulnerability in HP BIOS causes system takeover

Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

Vulnerability can help to avoid file encryption during ransomware attack

Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expertly shows this exploit usage on the REvil ransomware sample, but there are half a dozen of ransomware products vulnerable to that thing. The crooks’ weapon… Continue reading Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

A vulnerability has been discovered (CVE not yet issued) in uClibc and uClibc-ng C standard libraries. These libraries are vastly used in IoT devices. The newly found vulnerability makes it possible to place forged data into the DNS cache, allowing to set an arbitrary IP address in that cache with the subsequent rerouting of all… Continue reading A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

F5 warns of critical BIG-IP RCE vulnerability

0-day vulnerability, Vulnerabilities, F5 Inc, Security breach, Exploit,

F5, Inc warned the users about the critical vulnerability that harms the iControl REST users. That solution is a framework offered by the F5 Corporation as an advanced tool for software developers. The detected flaw is noted as critical, since it makes the device takeover possible for non-authorised users. F5 warns its customers of a… Continue reading F5 warns of critical BIG-IP RCE vulnerability

Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8) and, according to Microsoft, affects all versions of Windows. At the same time, the… Continue reading Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

Security firm Volexity has warned that a previously unknown Chinese hack group is exploiting a 0-day vulnerability in Zimbra’s collaborative software. According to official statistics, more than 200,000 enterprises in 140 countries around the world use Zimbra, including more than 1,000 government and financial institutions. The researchers write that using the 0-day vulnerability, attackers gain… Continue reading Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities