Tag: Exploit

BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Bluetooth Forward and Future Secrecy (BLUFFS) vulnerabilities can leave devices vulnerable to man-in-the-middle attacks

Eurecom has uncovered a series of exploits named “BLUFFS”, posing a significant threat to the security of Bluetooth sessions. These attacks exploit two previously unknown flaws in the Bluetooth standard, impacting versions 4.2 through 5.4 and potentially putting billions of devices, including smartphones and laptops, at risk. BLUFFS Exploits – How Do They Work? BLUFFS… Continue reading BLUFFS Bluetooth Vulnerability Threatens Billions of Devices

Zimbra Vulnerability Exploited in the Wild

Zimbra has patched a vulnerability exploited by several threat actors.

Google TAG’s recent discovery reveals a 0-day exploit, CVE-2023-37580, targeting Zimbra Collaboration. This is a Cross-Site Scripting (XSS) vulnerability exploited in four campaigns. Zero-day discovery was patched A severe vulnerability has been discovered in the Zimbra email software. Four hacker groups exploited vulnerabilities to steal email data, user credentials, and tokens. According to the Google… Continue reading Zimbra Vulnerability Exploited in the Wild

VMWare Cloud Director Vulnerability Circumvents Authentication

VMware reported an unpatched vulnerability affecting Cloud Director appliance deployments.

VMware, a key player in virtualization services, is reaching out to users about a critical security issue in its Cloud Director. Tracked under CVE-2023-34060, this vulnerability, with a CVSS score of 9.8, specifically affects instances that have undergone an upgrade to version 10.5 from previous versions. VMWave Cloud Director Vulnerability Allows for Unauthorized Access Discovered… Continue reading VMWare Cloud Director Vulnerability Circumvents Authentication

New F5 BIG-IP Vulnerabilities Exploited In The Wild

F5 discloses two vulnerabilities in BIG-IP; CISA claims they're already exploited in the wild

Two new vulnerabilities in F5 BIG-IP reportedly allow for remote code execution and SQL injection. The company explains it as a bad input validation. The worst part though is that both vulnerabilities were probably exploited in real-world attacks. F5 BIG-IP Vulnerabilities Allows SQL Injection and Remote Code Execution On October 26, 2023, F5 published two… Continue reading New F5 BIG-IP Vulnerabilities Exploited In The Wild

New Confluence Vulnerability Leads to Unauthorised Access

A new CVE-2023-22518 vulnerability allows hackers to perform access data on the server without any authorization

Another vulnerability in the flagship product of Atlassian corporation, Confluence, allows hackers to access the servers and dump the data. As the company claims, the issue sits in the improper authorization within the Data Center and Server apps. The company already offers the patches for this breach. Confluence Data Center and Server Vulnerability Leads to… Continue reading New Confluence Vulnerability Leads to Unauthorised Access

Can Zero-Day Attacks Be Prevented With Patches?

Patches to 0-day breaches are offered as a magic pill. But are they?

In recent years, zero-day exploits and attacks have become prominent emerging threats. These attacks take advantage of unknown vulnerabilities within software, which makes them almost impossible to detect and prevent. Zero-day attacks can have dire consequences, allowing attackers to take control of systems, steal data, or install malware. What is a Zero-Day attack? A zero-day… Continue reading Can Zero-Day Attacks Be Prevented With Patches?

GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users

The vulnerability allowed some root privileges to be used when executing a file.

Cloud security researchers have discovered two easily exploitable privilege escalation vulnerabilities called GameOver(lay) in the Ubuntu OverlayFS module. These vulnerabilities could affect 40% of Ubuntu users. What is OverlayFS? OverlayFS in Linux is a unified file system used in Docker containers. Its function – modify files without changing the base filesystem. OverlayFS allows one directory… Continue reading GameOver(lay) Vulnerabilities Endanger 40% of Ubuntu Users

Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites

Hackers use a vulnerability in the widely used WooCommerce Payments WordPress plugin to gain privileges of any user, including administrator, on vulnerable sites. WooCommerce Payments is a popular WordPress plugin that allows websites to accept credit cards as a payment method in WooCommerce stores. According to official statistics, the plugin has over 600,000 active installations.… Continue reading Vulnerability in WordPress Plugin WooCommerce Payments Is Actively Used to Hack Sites

Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

Vulnerability in nOAuth Azure Active Directory that allows adversaries to use the "Log In with Microsoft" feature.

In June, researchers revealed a vulnerability in Azure Active Directory and third-party apps called “nOAuth,” that could result in a complete account takeover. This is just one of the many vulnerabilities in Microsoft software and systems like Active Directory that can be exploited, putting organizations at risk. Although Microsoft has responded to the vulnerability, developers… Continue reading Microsoft “nOAuth” is Vulnerable to Simple Email Spoofing

Researchers Found BlackLotus UEFI Bootkit Sources on GitHub

The source code for the BlackLotus UEFI bootkit, which was previously sold on the dark web for $5,000, has been discovered by Binarly analysts on GitHub. The researchers say the leaked sources are not entirely complete and contain mostly a rootkit and a bootkit to bypass Secure Boot. What is BlackLotus bootkit? BlackLotus was first… Continue reading Researchers Found BlackLotus UEFI Bootkit Sources on GitHub