Vulnerability in HP BIOS causes system takeover

UEFI, BIOS, Vulnerabilities, vulnerability, CVE-2021-3808, CVE-2021-3809

Following recent fixes for a large number of UEFI vulnerabilities, worldwide-known PC and laptop vendor HP is releasing a new BIOS update. This time around, two serious vulnerabilities affecting a wide range of over 200 PC and laptop models that allow code to run with kernel privileges, including driver management and BIOS access, were the… Continue reading Vulnerability in HP BIOS causes system takeover

Vulnerability in ransomware can prevent the encryption

Ransomware, REvil, Conti, LokiLocker, LockBit, AvosLocker, Black Basta Ransomware, Vulnerabilities,

Not a long time ago, a cybersecurity analyst posted a video on YouTube where he shows the vulnerability in ransomware samples used by well-known ransomware groups. In the footage, expert shows this exploit usage on the REvil ransomware sample, but there are half a dozen of ransomware products vulnerable to that thing. The crooks’ weapon… Continue reading Vulnerability in ransomware can prevent the encryption

A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

A vulnerability has been discovered (CVE not yet issued) in uClibc and uClibc-ng C standard libraries. These libraries are vastly used in IoT devices. The newly found vulnerability makes it possible to place forged data into the DNS cache, allowing to set an arbitrary IP address in that cache with the subsequent rerouting of all… Continue reading A DNS vulnerability in uClibc/uClibs-ng libraries jeopardizes IoT devices

F5 warns of critical BIG-IP RCE vulnerability

0-day vulnerability, Vulnerabilities, F5 Inc, Security breach, Exploit,

F5, Inc warned the users about the critical vulnerability that harms the iControl REST users. That solution is a framework offered by the F5 Corporation as an advanced tool for software developers. The detected flaw is noted as critical, since it makes the device takeover possible for non-authorised users. F5 warns its customers of a… Continue reading F5 warns of critical BIG-IP RCE vulnerability

Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

The US Infrastructure and Cybersecurity Agency (CISA) warned that a vulnerability in the Windows Print Spooler component, patched by Microsoft in February 2022, is being actively exploited by hackers. The issue in question is tracked as CVE-2022-22718 (CVSS score of 7.8) and, according to Microsoft, affects all versions of Windows. At the same time, the… Continue reading Hackers Use Fresh Vulnerability in Windows Print Spooler in Real Attacks

Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

Security firm Volexity has warned that a previously unknown Chinese hack group is exploiting a 0-day vulnerability in Zimbra’s collaborative software. According to official statistics, more than 200,000 enterprises in 140 countries around the world use Zimbra, including more than 1,000 government and financial institutions. The researchers write that using the 0-day vulnerability, attackers gain… Continue reading Chinese hackers use Zimbra 0-day vulnerability to hack European media and authorities

Another vulnerability found in Log4j, this time it is a denial of service

Log4Shell, recently discovered in the popular logging library Log4j, which is part of the Apache Logging Project, continues to get worse, as another vulnerability has been found. This time it is time a “denial of service” vulnerability. The problem was originally discovered while catching bugs on Minecraft servers, but the Log4j library is present in… Continue reading Another vulnerability found in Log4j, this time it is a denial of service

Vulnerabilities in STARTTLS threaten popular email clients

At the USENIX conference, a group of German scientists announced the discovery of more than 40 vulnerabilities in STARTTLS implementations in popular mail clients and servers, including Apple Mail, Gmail, Mozilla Thunderbird, Claws Mail, Mutt, Evolution, Exim, Mail.ru, Samsung Email, Yandex and KMail. Exploitation of these issues allows an attacker to steal credentials, intercept emails,… Continue reading Vulnerabilities in STARTTLS threaten popular email clients

Hackers exploit ProxyShell vulnerabilities to install backdoors

Experts warn that hackers are attacking Microsoft Exchange servers, exploiting ProxyShell vulnerabilities, and installing backdoors on them for subsequent access. Let me remind you that the vulnerabilities, which are collectively called ProxyShell, were recently discussed at the Black Hat conference. ProxyShell combines three vulnerabilities that allow remote code execution without authentication on Microsoft Exchange servers.… Continue reading Hackers exploit ProxyShell vulnerabilities to install backdoors

Microsoft Warns of New Print Spooler Vulnerability

Microsoft has released a notice of a new vulnerability in Print Spooler (CVE-2021-36958) that allows local attackers to gain system privileges on a computer. The new vulnerability is related to other PrintNightmare bugs that exploit the configuration settings for Print Spooler, print drivers, anфd Windows Point and Print. Microsoft previously released patches for PrintNightmare in… Continue reading Microsoft Warns of New Print Spooler Vulnerability