Experts warned that an exploit for two high-profile vulnerabilities in Microsoft Exchange, which are collectively called ProxyNotShell, has appeared in the public domain. Vulnerabilities have been used by hackers before, but now there may be more attacks. Initially, ProxyNotShell problems (CVE-2022-41040 and CVE-2022-41082) were discovered in September by analysts from the Vietnamese company GTSC. Let… Continue reading Exploit for Vulnerabilities ProxyNotShell Appeared on the Network
Tag: Exploit
OpenSSL Patches Released and Critical Vulnerability Turns Out to be Not So Critical
At the end of October, OpenSSL developers warned that the upcoming update to version 3.0.7 would close a critical vulnerability. Notably, this would only be the second critical bug in OpenSSL since 2016. Now that OpenSSL 3.0.7 has been officially released, it turned out that fixes were released for two serious vulnerabilities at once, and… Continue reading OpenSSL Patches Released and Critical Vulnerability Turns Out to be Not So Critical
OpenSSL Fixes First Critical Vulnerability Since 2016
The developers of the OpenSSL project have informed users that the upcoming version 3.0.7 will close a recently discovered critical vulnerability. This is only the second critical bug in OpenSSL in recent years. The release of OpenSSL version 3.0.7 is scheduled for Tuesday, November 1, 2022. No details about this release have been published yet:… Continue reading OpenSSL Fixes First Critical Vulnerability Since 2016
Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits
Experts from the Leiden Institute for Advanced Computer Science have discovered thousands of GitHub repositories with fake PoC exploits for various vulnerabilities that spread malware. It turned out that the probability of infection with malware when downloading PoC can reach 10.3%, even if outright fakes are excluded. Let me remind you that we also reported… Continue reading Thousands of GitHub Repositories Spread Malware That Is Disguised as Exploits
New Vulnerability in Apache Commons Text Is Already Being Attacked by Hackers
According to WordPress security firm Defiant, attempts have already been made to exploit a new vulnerability in Apache Commons Text (CVE-2022-42889). Called Text4Shell and affects versions 1.5 to 1.9 of the library. Some believe that this issue could become the new Log4Shell. The issue scored 9.8 out of 10 on the CVSS vulnerability rating scale.… Continue reading New Vulnerability in Apache Commons Text Is Already Being Attacked by Hackers
CloudMensis Malware Attacks MacOS Users
ESET experts have discovered the CloudMensis malware, which is used to create backdoors on devices running macOS and subsequently steal information. The malware received its name due to the fact that it uses pCloud, Dropbox and Yandex.Disk cloud storages as control servers. Let me remind you that we also wrote that Vulnerability in macOS Leads… Continue reading CloudMensis Malware Attacks MacOS Users
Microsoft Releases PoC Exploit to Escape MacOS Sandbox
Microsoft has detailed a recently patched vulnerability affecting Apple operating systems and published a PoC exploit to escape the macOS sandbox. If successfully exploited, this bug allows to leavei the sandbox, elevate privileges on the device and deploy malware. Let me remind you that they also wrote that Vulnerability in macOS Leads to Data Leakage,… Continue reading Microsoft Releases PoC Exploit to Escape MacOS Sandbox
0-Day Vulnerabilities of 2022 Repeat the Mistakes of Past Years
Google Project Zero researcher Maddie Stone published a study on 0-day vulnerabilities in 2022 on GitHub called “0-day In-the-Wild Exploitation in 2022…so far”. According to Stone, 9 of the 18 exploited zero-day vulnerabilities are variants of previously patched vulnerabilities. In many cases, the attacks were not sophisticated, and the attacker could have exploited the vulnerability… Continue reading 0-Day Vulnerabilities of 2022 Repeat the Mistakes of Past Years
MITRE experts have published a list of the 25 most dangerous problems of 2022
MITRE experts have published a list of the 25 most common and dangerous problems of 2022. Such bugs can potentially expose systems to attack, allow attackers to take control of vulnerable devices, access sensitive information, or cause a denial of service. By the way, we also love all sorts of lists and tops, for example:… Continue reading MITRE experts have published a list of the 25 most dangerous problems of 2022
New DFSCoerce PoC Exploit Allows Attackers to Take Over Windows Domains
The recently published DFSCoerce PoC exploit uses the MS-DFSNM file system to take over Windows domains. This exploit is conceptually similar to the sensational PetitPotam attack. Let me remind you that we recently talked about how LockFile ransomware adopts ProxyShell and PetitPotam vulnerabilities. Filip Dragovich published a PoC script called “DFSCoerce” to attack an NTLM… Continue reading New DFSCoerce PoC Exploit Allows Attackers to Take Over Windows Domains