Tag: Vulnerabilities

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes

OpenMetadata vulnerabilities are exploited to mine cryptocurrency

Microsoft security blog reports that the OpenMetadata platform has critical vulnerabilities that allow attackers to exploit Kubernetes workloads for crypto mining. Five vulnerabilities allow attackers to bypass authentication and execute Remote Code Execution. Microsoft recommends updating to OpenMetadata and employing robust authentication measures. OpenMetadata Vulnerabilities Threats Kubernetes Workloads, Actively Exploited According to the recent Microsoft… Continue reading OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes

Critical PAN-OS Command Injection Flaw Exploited

Palo Alto Networks reports about an exploited ACE flaw, found in their PAN-OS

Palo Alto Networks warns its customers regarding a vulnerability in their PAN-OS, that leads to command injection. Residing in their GlobalProtect feature, and requiring some specific configurations, this flaw still manages to hit the max CVSS score of 10/10. Fixes for the issue are already in development, the company says. PAN-OS Command Injection Vulnerability Exploited… Continue reading Critical PAN-OS Command Injection Flaw Exploited

Progress Flowmon Command Injection Flaw Discovered

Progress uncovers critical flaw in Flowmon that allows for arbitrary command execution

Progress Flowmon, a popular network monitoring software solution, appears to be vulnerable to arbitrary command injection. Successful exploitation of the flaw can grant adversaries with full access to the network infrastructure, leading to catastrophic consequences. The developer already released the fix and insists on its urgent installation. Flowmon Command Injection Flaw Threatens Network Security The… Continue reading Progress Flowmon Command Injection Flaw Discovered

New FritzFrog Botnet Sample Exploits Log4Shell and PwnKit

Critical vulnerabilities of the past did not become less dangerous

Researchers detected a new sample of FritzFrog malware, that is known for creating significant botnets. The new threat sample includes the functionality to exploit flaws in network assets, including the infamous Log4Shell vulnerability. As it turns out, even 2 years past the discovery and feverish updating, there are quite a few instances vulnerable to such… Continue reading New FritzFrog Botnet Sample Exploits Log4Shell and PwnKit

2 Citrix RCE Under Active Exploitation, CISA Notifies

Two Citrix vulnerabilities are exploited and must be patched within seven days.

CISA has given a timeframe of one to three weeks to fix three vulnerabilities related to Citrix NetScaler and Google Chrome. These zero-day vulnerabilities were actively used in cyber attacks. 2 Citrix RCEs Exploited In The Wild, CISA Urges to Update Wednesday, January 17, the Cybersecurity and Infrastructure Security Agency (CISA) issued an alert regarding… Continue reading 2 Citrix RCE Under Active Exploitation, CISA Notifies

9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II

A newly discovered set of vulnerabilities touches a wide selection of hardware and firmware developers

A chain of 9 vulnerabilities in UEFI’s Preboot Execution Environment (PXE), dubbed PixieFail, was uncovered in a recent research. As the network boot process is a rather novice attack vector, only a few vulnerabilities received high severity status. Nonetheless, their sheer volume, along with the location in rather sensitive places, can create a mess if… Continue reading 9 PixieFail Vulnerabilities Discovered in TianoCore’s EDK II

Sierra AirLink Vulnerabilities Expose Critical Infrastructure

Researchers discovered 21 vulnerabilities in ALEOS - firmware for Sierra AirLink routers

The grand total of 21 security flaws was discovered in Sierra Wireless AirLink routers firmware. The vulnerabilities allow for remote code injection, unauthenticated access, DoS attacks, and else. As such network devices are commonly used in industrial manufacturing and applications the like, the impact of such attacks may be rather serious. Sierra AirLink Routers Have… Continue reading Sierra AirLink Vulnerabilities Expose Critical Infrastructure

Vulnerability in HP BIOS causes system takeover

UEFI, BIOS, Vulnerabilities, vulnerability, CVE-2021-3808, CVE-2021-3809

Following recent fixes for a large number of UEFI vulnerabilities, worldwide-known PC and laptop vendor HP is releasing a new BIOS update. This time around, two serious vulnerabilities affecting a wide range of over 200 PC and laptop models that allow code to run with kernel privileges, including driver management and BIOS access, were the… Continue reading Vulnerability in HP BIOS causes system takeover

Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

Vulnerability can help to avoid file encryption during ransomware attack

Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expertly shows this exploit usage on the REvil ransomware sample, but there are half a dozen of ransomware products vulnerable to that thing. The crooks’ weapon… Continue reading Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

A vulnerability has been discovered (CVE not yet issued) in uClibc and uClibc-ng C standard libraries. These libraries are vastly used in IoT devices. The newly found vulnerability makes it possible to place forged data into the DNS cache, allowing to set an arbitrary IP address in that cache with the subsequent rerouting of all… Continue reading A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices