37 matches found
PT-2023-20474 · Atera · Atera Agent
Name of the Vulnerable Software and Affected Versions: Atera Agent versions 1.8.4.4 and prior Description: A privilege escalation issue was discovered due to the mishandling of privileged APIs. This issue affects Atera Agent on Windows. Recommendations: For Atera Agent versions 1.8.4.4 and prior,...
Atera Agent 安全漏洞
Atera Agent is the basis for an Atera monitoring system from Atera Corporation. A security vulnerability exists in Atera Agent version 1.8.3.6 and earlier, which originates from the ability to create temporary files in directories with insecure permissions...
PT-2023-20473 · Atera · Atera Agent
Name of the Vulnerable Software and Affected Versions: Atera Agent versions 1.8.3.6 and earlier Description: The issue is related to the creation of a temporary file in a directory with insecure permissions. This occurs in Atera Agent on Windows. Recommendations: For Atera Agent versions 1.8.3.6...
Atera Agent 安全漏洞
Atera Agent is the basis for an Atera monitoring system from Atera Corporation. A security vulnerability exists in Atera Agent version 1.8.4.4 and earlier, which stems from improper handling of privileged APIs, resulting in elevated privileges...
CVE-2023-26077
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions...
CVE-2023-26077
Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions...
CVE-2023-26078
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs...
CVE-2023-26077
The CVE-2023-26077 issue affects Atera Agent for Windows (versions 1.8.3.6 and earlier). It arises from the MSI installer’s repair functionality creating temporary files in directories with insecure permissions, enabling potential local privilege escalation (e.g., via DLL hijacking) when exploite...
CVE-2023-26078
Privilege escalation vulnerability was discovered in Atera Agent 1.8.4.4 and prior on Windows due to mishandling of privileged APIs...
CVE-2023-26078
CVE-2023-26078 affects Atera Agent for Windows (versions 1.8.4.4 and earlier). Root cause: mishandling of privileged APIs in the MSI installer’s repair functionality, enabling local privilege escalation by executing tasks under NT AUTHORITY\SYSTEM (with potential DLL hijacking as discussed in pub...
Critical PaperCut Security Vulnerabilities Actively Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Attackers are leveraging severe vulnerabilities in PaperCut MF/NG software to install Atera remote management software, posing a significant risk due to proof-of-concept exploits being available...
IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...
IcedID Malware Strikes Again: Active Directory Domain Compromised in Under 24 Hours
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an unnamed target less than 24 hours after gaining initial access, while also borrowing techniques from other groups like Conti to meet its goals. "Throughout the attack, the attacker followed a...
New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software
An ongoing search engine optimization SEO poisoning attack campaign has been observed abusing trust in legitimate software utilities to trick users into downloading BATLOADER malware on compromised machines. "The threat actor used 'free productivity apps installation' or 'free software developmen...
New Zloader Banking Malware Campaign Exploiting Microsoft Signature Verification
An ongoing ZLoader malware campaign has been uncovered exploiting remote monitoring tools and a nine-year-old flaw concerning Microsoft's digital signature verification to siphon user credentials and sensitive information. Israeli cybersecurity company Check Point Research, which has been trackin...
Conti Ransomware
Conti is a sophisticated Ransomware-as-a-Service RaaS model first detected in December 2019. Since its inception, its use has grown rapidly and has even displaced the use of other RaaS tools like Ryuk. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigati...
Conti Ransomware Expands Ability to Blow Up Backups
Good at identifying and obliterating backups? Speak Russian? The notorious Conti ransomware group may find you a fine hiring prospect. That’s according to a report published on Wednesday by cyber-risk prevention firm Advanced Intelligence, which details how Conti has honed its backup destruction ...