Tag: vulnerability

Critical LG TV Vulnerabilities Allow for Command Execution

LG TV users are advised to update the software to the latest version due to the 4 critical security flaws

LG reports fixing four critical vulnerabilities discovered in many of its TVs. These vulnerabilities were found back in 2023, and could allow malicious actors to gain control of affected LG TVs. Good news – the attacker should connect to the same network to exploit the flaw. Bad news – they can continue using the device… Continue reading Critical LG TV Vulnerabilities Allow for Command Execution

XZ Utils Backdoor Discovered, Threating Linux Servers

A backdoor in liblzma library, a part of XZ data compression tool was discovered by Andres Freund. The maintainer of the distribution noticed a half-second delay in the updated version, which eventually led him to the flaw. The latter appears to be the brainchild of one of the new XZ maintainers, who pulled off an… Continue reading XZ Utils Backdoor Discovered, Threating Linux Servers

Microsoft SharePoint Vulnerability Exploited, Update Now

A critical vulnerability in Microsoft SharePoint is now under active exploitation

In late March 2024, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued the alert regarding the exploitation of a flaw in Microsoft SharePoint. It was detected back in September 2023, but the facts of active exploitation surfaced only recently. Fortunately, Microsoft offers updates that fix the flaw. Remote code execution vulnerability A vulnerability designated… Continue reading Microsoft SharePoint Vulnerability Exploited, Update Now

GoFetch Vulnerability in Apple Silicon Uncovered

A new vulnerability in Apple Silicon processors allows attackers to extract secret keys from Mac computers.

Researchers uncovered a vulnerability in Apple Silicon processors, dubbed GoFetch. It allows attackers to extract secret keys from Mac computers while performing widespread cryptographic operations. Notably, it is practically impossible to patch the flaw as it stems from the microarchitecture of the processor. Apple Silicon Vulnerability Allows Hackers to Extract Encryption Keys Researchers have discovered… Continue reading GoFetch Vulnerability in Apple Silicon Uncovered

Fortinet RCE Vulnerability Affects FortiClient EMS Servers

Critical vulnerability CVE-2023-48788 in FortiClient EMS, potentially allow remote code execution without authentication.

Fortinet disclosed a critical vulnerability affecting FortiClient EMS products in March 2024. This vulnerability, categorized as an SQL injection, poses a significant cybersecurity threat. Above all, it has the potential to allow remote attackers to execute arbitrary commands on administrative workstations. Fortinet SQLi Vulnerability Causes Remote Code Execution As I mentioned, the vulnerability is classified… Continue reading Fortinet RCE Vulnerability Affects FortiClient EMS Servers

BianLian Exploits TeamCity Vulnerability to Deploy Backdoors

BianLian cybercriminals deploying PowerShell backdoors for covert system access and control.

BianLian, a group of cybercriminals known for their ransomware attacks, recently caught the attention of the information security community. By exploiting vulnerabilities in the JetBrains TeamCity platform, they managed to carry out multistage cyberattacks. Threat actors reportedly start their attack chain with a Golang-based backdoor, and work their way all the way to the ransomware… Continue reading BianLian Exploits TeamCity Vulnerability to Deploy Backdoors

New Fortinet VPN RCE Flaw Discovered, Patch ASAP

Critical vulnerability in Fortinet's SSL VPN poses a severe threat, enabling remote code execution by attackers.

Fortinet has issued a warning about a recently discovered critical vulnerability in its FortiOS SSL VPN system that could be actively exploited by attackers. The vulnerability in Fortinet network security solutions poses a significant threat to organizations. It allows unauthenticated attackers to gain remote code execution (RCE) capabilities through maliciously crafted requests. Fortinet VPN RCE… Continue reading New Fortinet VPN RCE Flaw Discovered, Patch ASAP

Shim Bootloader Vulnerability Affects Linux Systems

Critical Shim bootloader vulnerability allows attackers to bypass security and control systems before OS loads.

Researchers have identified a critical vulnerability in Shim, a widely-used Linux bootloader. This vulnerability could potentially allow attackers to execute malicious code and gain control of target systems before the kernel is even loaded. This flaw raises significant concerns because it can bypass security mechanisms. These mechanisms are typically enforced by the kernel and the… Continue reading Shim Bootloader Vulnerability Affects Linux Systems

Third Ivanti VPN Vulnerability Under Massive Exploitation

One more vulnerability in Ivanti VPN software is actively exploited

Experts have discovered a third Server Side Request Forgery (SSRF) vulnerability in Ivanti products. This is a serious security issue for corporate VPN devices. The new vulnerability allows unauthorized access to restricted resources that were available only after authentication. Ivanti SSRF Vulnerability Exploited Ivanti, a renowned corporate VPN appliance provider, has issued a warning regarding… Continue reading Third Ivanti VPN Vulnerability Under Massive Exploitation

Docker API Vulnerability Exploited in Cryptojacking Campaign

"Commando Cat" Cryptojacking Campaign Targets Vulnerable Docker APIs

A new campaign named “Commando Cat” uses a Docker API vulnerability. It uses Docker to gain initial access to a system and then deploys a series of malicious payloads. This leads to cryptocurrency mining on compromised hosts. Docker API Vulnerability Exploited Investigators have discovered a new malware campaign aimed at Docker API endpoints. The malware… Continue reading Docker API Vulnerability Exploited in Cryptojacking Campaign