ChakraCore, Internet Explorer Security Vulnerabilities

New ransomware group demands Change Healthcare ransom

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...

New ransomware group demands Change Healthcare ransom

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of "highly selective data," which relates to "all Change Health clients that have sensitive data being...

Patch Tuesday - April 2024

Microsoft is addressing 149 vulnerabilities this April 2024 Patch Tuesday, which is significantly more than usual. For the second month in a row, Microsoft indicated that they weren't aware of prior public disclosure or exploitation in the wild for any of the vulnerabilities patched today....

April’s Patch Tuesday Brings Record Number of Fixes

If only Patch Tuesdays came around infrequently -- like total solar eclipse rare -- instead of just creeping up on us each month like The Man in the Moon. Although to be fair, it would be tough for Microsoft to eclipse the number of vulnerabilities fixed in this month's patch batch -- a record 147....

Microsoft and Adobe Patch Tuesday, April 2024 Security Update Review

Welcome to another insightful dive into Microsoft's Patch Tuesday! This month's security updates address a vast number of vulnerabilities in multiple popular products, features, and roles. We invite you to join us to review and discuss the details of these security updates and patches. Microsoft...

10-Year-Old 'RUBYCARP' Romanian Hacker Group Surfaces with Botnet

A threat group of suspected Romanian origin called RUBYCARP has been observed maintaining a long-running botnet for carrying out crypto mining, distributed denial-of-service (DDoS), and phishing attacks. The group, believed to be active for at least 10 years, employs the botnet for financial gain,....

Researchers Discover LG Smart TV Vulnerabilities Allowing Root Access

Multiple security vulnerabilities have been disclosed in LG webOS running on its smart televisions that could be exploited to bypass authorization and gain root access on the devices. The findings come from Romanian cybersecurity firm Bitdefender, which discovered and reported the flaws in...

Starry Addax targets human rights defenders in North Africa with new malware

Cisco Talos is disclosing a new threat actor we deemed "Starry Addax" targeting mostly human rights activists associated with the Sahrawi Arab Democratic Republic (SADR) cause with a novel mobile malware. Starry Addax conducts phishing attacks tricking their targets into installing malicious...

SUBNET PowerSYSTEM Server and Substation Server

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.6 ATTENTION: Low attack complexity Vendor: SUBNET Solutions Inc. Equipment: PowerSYSTEM Server, Substation Server 2021 Vulnerabilities: Reliance on Insufficiently Trustworthy Component 2. RISK EVALUATION Successful exploitation of the vulnerabilities in...

CL0P's Ransomware Rampage - Security Measures for 2024

2023 CL0P Growth Emerging in early 2019, CL0P was first introduced as a more advanced version of its predecessor the 'CryptoMix' ransomware, brought about by its owner CL0P ransomware, a cybercrime organisation. Over the years the group remained active with significant campaigns throughout 2020 to....

April 9, 2024—KB5036950 (Security-only update)

April 9, 2024—KB5036950 (Security-only update) Reminder Windows Server 2008 SP2 Extended Security Updates (ESU) third and final year ended on January 10, 2023. Additionally, Extended Security Updates on Azure only support ended on January 9, 2024. For more information, see Extended Security...

April 9, 2024—KB5036892 (OS Builds 19044.4291 and 19045.4291)

April 9, 2024—KB5036892 (OS Builds 19044.4291 and 19045.4291) 03/12/24 IMPORTANT The following editions of Windows 10, version 21H2 will reach end of service on June 11, 2024:- Windows 10 Enterprise and Education- Windows 10 IoT Enterprise- Windows 10 Enterprise multi-sessionAfter that date, these....

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447)

April 9, 2024—KB5036893 (OS Builds 22621.3447 and 22631.3447) 2/27/24 IMPORTANT: New dates for the end of non-security updates for Windows 11, version 22H2The new end date is June 24, 2025 for Windows 11, version 22H2 Enterprise and Education editions. Home and Pro editions of version 22H2 will...

April 9, 2024—KB5036922 (Security-only update)

April 9, 2024—KB5036922 (Security-only update) Reminder As of January 10, 2023, Microsoft no longer provides security updates or technical support for Windows 7 Service Pack 1 (SP1). We recommend that you upgrade to a supported version of Windows. For more information, see Update that enables you.....

Critical Flaws Leave 92,000 D-Link NAS Devices Vulnerable to Malware Attacks

Threat actors are actively scanning and exploiting a pair of security flaws that are said to affect as many as 92,000 internet-exposed D-Link network-attached storage (NAS) devices. Tracked as CVE-2024-3272 (CVSS score: 9.8) and CVE-2024-3273 (CVSS score: 7.3), the vulnerabilities impact legacy...

Microsoft Windows Internet Shortcut SmartScreen Bypass Vulnerability

This vulnerability allows remote attackers to bypass the SmartScreen security feature to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The...

Bind vulnerabilities

Releases Ubuntu 18.04 ESM Ubuntu 16.04 ESM Ubuntu 14.04 ESM Packages bind9 - Internet Domain Name Server Details Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue...

Internet Bug Bounty: Assertion failed in node::http2::Http2Session::~Http2Session() leads to HTTP/2 server crash

An attacker can make the Node.js HTTP/2 server completely unavailable by sending a small amount of HTTP/2 frames packets with a few HTTP/2 frames inside. It is possible to leave some data in nghttp2 memory after reset when headers with HTTP/2 CONTINUATION frame are sent to the server and then a...

Internet Bug Bounty: Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

I'd like to report Apache httpd vulnerability (CVE-2024-27316) that was recently fixed. * Advisory: https://httpd.apache.org/security/vulnerabilities_24.html Impact HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413...

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2024-31224

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

CVE-2024-31224 GPT Academic: Pickle deserializing cookies may pose RCE risk

GPT Academic provides interactive interfaces for large language models. A vulnerability was found in gpt_academic versions 3.64 through 3.73. The server deserializes untrustworthy data from the client, which may risk remote code execution. Any device that exposes the GPT Academic service to the...

Porn panic imperils privacy online, with Alec Muffett (re-air): Lock and Code S05E08

This week on the Lock and Code podcast… A digital form of protest could become the go-to response for the world’s largest porn website as it faces increased regulations: Not letting people access the site. In March, PornHub blocked access to visitors connecting to its website from Texas. It marked....

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.7.1.7)

The version of AOS installed on the remote host is prior to 6.7.1.7. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.7.1.7 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Exploit for Path Traversal in Apache Http Server

CVE-2021-42013 Vulnerability Scanner This Python script...

60% of small businesses are concerned about cybersecurity threats

According to a recent poll by the US Chamber of Commerce, 60% of small businesses are concerned about cybersecurity threats, and 58% are concerned about a supply chain breakdown. Not surprisingly, small businesses in the professional services sector feel significantly more concerned about...

Internet Bug Bounty: Proxy-Authorization header not cleared on cross-origin redirect in undici.request

Summary:: Undici already cleared Authorization and Cookie headers on cross-origin redirects, but did not clear Proxy-Authorization and x-auth-token headers. Description: Like https://github.com/nodejs/undici/security/advisories/GHSA-3787-6prv-h9w3, this is a fixed security issue in v5.28.3,...

GDBFuzz - Fuzzing Embedded Systems Using Hardware Breakpoints

This is the companion code for the paper: 'Fuzzing Embedded Systems using Debugger Interfaces'. A preprint of the paper can be found here https://publications.cispa.saarland/3950/. The code allows the users to reproduce and extend the results reported in the paper. Please cite the above paper when....

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Threat actors have been found exploiting a critical flaw in Magento to inject a persistent backdoor into e-commerce websites. The attack leverages CVE-2024-20720 (CVSS score: 9.1), which has been described by Adobe as a case of "improper neutralization of special elements" that could pave the way.....

CVE-2024-31220

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...

CVE-2024-31220

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...

Internet Bug Bounty: CVE-2019-1551: rsaz_512_sqr overflow bug on x86_64

There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are....

CVE-2024-31220 Sunshine vulnerable to remote unauthenticated arbitrary file read

Sunshine is a self-hosted game stream host for Moonlight. Starting in version 0.16.0 and prior to version 0.18.0, an attacker may be able to remotely read arbitrary files without authentication due to a path traversal vulnerability. Users who exposed the Sunshine configuration web user interface...

Exploit for Embedded Malicious Code in Tukaani Xz

Ansible Role: xz backdoor (CVE-2024-3094) (for...

Lexmark Printer RCE Vulnerability (CVE-2023-50739)

Multiple Lexmark printer devices are prone to remote code execution (RCE)...

Visual Planning 8 Authentication Bypass

...

Visual Planning REST API 2.0 Authentication Bypass

...

Visual Planning 8 Arbitrary File Read

...

Security Advisory 0094

Security Advisory 0094 PDF Date: April 5, 2024 Revision | Date | Changes ---|---|--- 1.0 | April 3, 2024 | Initial release 1.1 | April 5, 2024 | Update required configuration for exploitation and mitigation Description Arista Networks is providing this security update in response to the...

Wordfence Intelligence Weekly WordPress Vulnerability Report (March 25, 2024 to March 31, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 405 vulnerabilities disclosed in 320...

Jackson County hit by ransomware, declares state of emergency

On April 2, 2024, Jackson County tweeted that it had identified significant disruptions within its IT systems, "potentially attributable to a ransomware attack". Jackson County is one of 114 counties in Missouri, with a population of approximately 718,000 people, mostly in Kansas City. We have...

Fake Lawsuit Threat Exposes Privnote Phishing Sites

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and...

CoralRaider targets victims’ data and social media accounts

Cisco Talos discovered a new threat actor we're calling "CoralRaider" that we believe is of Vietnamese origin and financially motivated. CoralRaider has been operating since at least 2023, targeting victims in several Asian and Southeast Asian countries. This group focuses on stealing victims'...

Schweitzer Engineering Laboratories SEL

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 5.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Schweitzer Engineering Laboratories Equipment: SEL 700 series relays Vulnerability: Inclusion of Undocumented Features 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Hitachi Energy Asset Suite 9

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.9 ATTENTION: Exploitable remotely/low attack complexity Vendor: Hitachi Energy Equipment: Asset Suite 9 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to use an...

Considerations for Operational Technology Cybersecurity

Operational Technology (OT) refers to the hardware and software used to change, monitor, or control the enterprise's physical devices, processes, and events. Unlike traditional Information Technology (IT) systems, OT systems directly impact the physical world. This unique characteristic of OT...

A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

As “P4x,” Alejandro Caceres single-handedly disrupted the internet of an entire country. Then he tried to show the US military how it can—and should—adopt his...

Nextcloud: Weak ssh algorithms and CVE-2023-48795 Discovered on various subdomains of nextcloud.com

Security researchers from Ruhr University Bochum have discovered a vulnerability in the Secure Shell (SSH) cryptographic network protocol that could allow an attacker to downgrade the connection's security by breaking the integrity of the secure channel. Called Terrapin (CVE-2023-48795, CVSS...

Internet Bug Bounty: [CVE-2024-25126] Denial of Service Vulnerability in Rack Content-Type Parsing

I've made a report https://discuss.rubyonrails.org/t/denial-of-service-vulnerability-in-rack-content-type-parsing/84941 Impact Carefully crafted content type headers can cause Rack’s media type parser to take much longer than expected, leading to a possible denial of service...