CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client version E87.30 via crafted OpenSSL configuration file...

CVE-2023-28133

Local privilege escalation in Check Point Endpoint Security Client version E87.30 via crafted OpenSSL configuration file...

Check Point Endpoint Security Client 安全漏洞

Check Point Endpoint Security Client is an endpoint security protection software from Check Point, Israel. A security vulnerability exists in Check Point Endpoint Security Client version E87.30, which originated from a vulnerability that allows an attacker to perform a local privilege escalation ...

Check Point Research: Microsoft the Most Phished Brand in Q2 2023

By Habiba Rashid The report highlights the fact that cybersecurity is essential for brand protection. This is a post from HackRead.com Read the original post: Check Point Research: Microsoft the Most Phished Brand in Q2 2023...

PT-2023-3999 · Check Point · Check Point Endpoint Security Client

Name of the Vulnerable Software and Affected Versions: Check Point Endpoint Security Client version E87.30 Description: The issue is related to a local privilege escalation in Check Point Endpoint Security Client. It is caused by incorrect permission assignment for a critical resource. Exploitati...

Critical Security Flaws Uncovered in Honeywell Experion DCS and QuickBlox Services

Multiple security vulnerabilities have been discovered in various services, including Honeywell Experion distributed control system DCS and QuickBlox, that, if successfully exploited, could result in severe compromise of affected systems. Dubbed Crit.IX, the nine flaws in the Honeywell Experion D...

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

The Chinese cyber espionage actor known as Camaro Dragon has been observed leveraging a new strain of self-propagating malware that spreads through compromised USB drives. "While their primary focus has traditionally been Southeast Asian countries, this latest discovery reveals their global reach...

Exploit for Generation of Error Message Containing Sensitive Information in Checkpoint Ssl_Network_Extender

CVE-2021-30357CheckPointSNXVPNPoC Proof-of-Concept for pri...

Stealth Soldier: A New Custom Backdoor Targets North Africa with Espionage Attacks

A new custom backdoor dubbed Stealth Soldier has been deployed as part of a set of highly-targeted espionage attacks in North Africa. "Stealth Soldier malware is an undocumented backdoor that primarily operates surveillance functions such as file exfiltration, screen and microphone recording,...

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains

The North Korean threat actor known as ScarCruft started experimenting with oversized LNK files as a delivery route for RokRAT malware as early as July 2022, the same month Microsoft began blocking macros across Office documents by default. "RokRAT has not changed significantly over the years, bu...

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

The prolific Iranian nation-state group known as Charming Kitten is actively targeting multiple victims in the U.S., Europe, the Middle East and India with a novel malware dubbed BellaCiao, adding to its ever-expanding list of custom tools. Discovered by Bitdefender Labs, BellaCiao is a...

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...

Rorschach Ransomware Emerges: Experts Warn of Advanced Evasion Strategies

Cybersecurity researchers have taken the wraps off a previously undocumented ransomware strain called Rorschach that's both sophisticated and fast. "What makes Rorschach stand out from other ransomware strains is its high level of customization and its technically unique features that have not be...

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

High-profile government entities in Southeast Asia are the target of a cyber espionage campaign undertaken by a Chinese threat actor known as Sharp Panda since late last year. The intrusions are characterized by the use of a new version of the Soul modular framework, marking a departure from the...

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

Entities in Armenia have come under a cyber attack using an updated version of a backdoor called OxtaRAT that allows remote access and desktop surveillance. "The tool capabilities include searching for and exfiltrating files from the infected machine, recording the video from the web camera and...

ChatGPT-Written Malware

I dont know how much of a thing this will end up being, but we are seeing ChatGPT-written malware in the wild. …within a few weeks of ChatGPT going live, participants in cybercrime forums--­some with little or no coding experience­--were using it to write software and emails that could be used fo...

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

Government entities in Ukraine have been breached as part of a new campaign that leveraged trojanized versions of Windows 10 installer files to conduct post-exploitation activities. Mandiant, which discovered the "socially engineered supply chain" attack around mid-July 2022, said the malicious I...

Check Point IPSec VPN 安全漏洞

Check Point IPSec VPN is a suite of VPN Virtual Private Network software based on the IPSec protocol from Check Point, Israel. Check Point IPSec VPN suffers from a security vulnerability that stems from susceptibility to brute force attacks on usernames and passwords...

PT-2022-16247 · Check Point · Check Point Ipsec Vpn Blade

Name of the Vulnerable Software and Affected Versions: Check Point IPsec VPN blade affected versions not specified Description: The issue concerns a brute-force attack vulnerability when the IPsec VPN blade's portal is configured for username/password authentication, allowing attackers to target...

Researchers Uncover PyPI Package Hiding Malicious Code Behind Image File

A malicious package discovered on the Python Package Index PyPI has been found employing a steganographic trick to conceal malicious code within image files. The package in question, named "apicolor," was uploaded to the Python third-party repository on October 31, 2022, and described as a "Core...