Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

A critical security flaw has been disclosed in the Microchip Advanced Software Framework ASF that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been described as a...

CERT/CC Reports R Programming Language Vulnerability

CERT Coordination Center CERT/CC has released information on a vulnerability in R programming language implementations CVE-2024-27322link is external. A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the...

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection BHI, can be used to leak arbitrary kernel...

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

New research has found that the CONTINUATION frame in the HTTP/2 protocol can be exploited to conduct denial-of-service DoS attacks. The technique has been codenamed HTTP/2 CONTINUATION Flood by security researcher Bartek Nowotarski, who reported the issue to the CERT Coordination Center CERT/CC ...

Rhysida Ransomware

Rhysida Ransomware By Alexandre Mundo, Max Kersten, and Leandro Velasco · October 9, 2023 New ransomware victims are made every day by ransom gangs with a variety of ransomware malware families, one of which is the Rhysida ransomware family. Within this blog, an anonymised version of an attack by...

JPCERT Coordination Center Special Interest Group Network for Analysis and Liaison Security Vulnerabilities

JPCERT Coordination Center Special Interest Group Network for Analysis and Liaison is an application of JPCERT Coordination Center, Inc. A security vulnerability exists in JPCERT Coordination Center Special Interest Group Network for Analysis and Liaison versions 4.4.0 through 4.7.7, which stems...

INTERPOL Nabs Hacking Crew OPERA1ER's Leader Behind $11 Million Cybercrime

A suspected senior member of a French-speaking hacking crew known as OPERA1ER has been arrested as part of an international law enforcement operation codenamed Nervone, Interpol has announced. "The group is believed to have stolen an estimated USD 11 million -- potentially as much as 30 million -...

CERT Coordination Center VINCE代码问题漏洞

VINCE is a CERT Coordination Center in the United States CERT Coordination Center open source a CERT Coordination Center development and use of vulnerability information and coordination environment. Vulnerability disclosure for improved coordination. A security vulnerability exists in CERT...

VINCE 跨站脚本漏洞

VINCE is a CERT Coordination Center in the United States CERT Coordination Center open source a CERT Coordination Center development and use of vulnerability information and coordination environment. Vulnerability disclosure for improved coordination. A cross-site scripting vulnerability exists i...

VINCE 跨站脚本漏洞

VINCE is a CERT Coordination Center in the United States CERT Coordination Center open source a CERT Coordination Center development and use of vulnerability information and coordination environment. Vulnerability disclosure for improved coordination. A cross-site scripting vulnerability exists i...

New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain

A new kind of Windows NTLM relay attack dubbed DFSCoerce has been uncovered that leverages the Distributed File System DFS: Namespace Management Protocol MS-DFSNM to seize control of a domain. "Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service...

Microsoft Releases Out-of-Band Security Updates for PrintNightmare

Microsoft has released out-of-band security updates to address a remote code execution RCE vulnerability—known as PrintNightmare CVE-2021-34527—in the Windows Print spooler service. According to the CERT Coordination Center CERT/CC, “The Microsoft Windows Print Spooler service fails to restrict...

Pulse Secure VPNs Get Quick Fix for Critical RCE

Pulse Secure has issued a workaround for a critical remote-code execution RCE vulnerability in its Pulse Connect Secure PCS VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory...

New High-Severity Vulnerability Reported in Pulse Connect Secure VPN

Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. "Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote...

Sudo Heap-Based Buffer Overflow Vulnerability — CVE-2021-3156

Sudo has released an advisory addressing a heap-based buffer overflow vulnerability—CVE-2021-3156—affecting sudo legacy versions 1.8.2 through 1.8.31p2 and stable versions 1.9.0 through 1.9.5p1. Sudo is a utility included in many Unix- and Linux-based operating systems that allows a user to run...

Netgear Router Vulnerabilities

Multiple Netgear router models contain vulnerabilities that a remote attacker can exploit to take control of an affected device. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to update to the most recent firmware version and to replace end-of-life...

Microsoft RCE Vulnerabilities Affecting Windows, Windows Server

Microsoft has released a security advisory to address remote code execution vulnerabilities in Adobe Type Manager Library affecting all currently supported versions of Windows and Windows Server operating systems. A remote attacker can exploit these vulnerabilities to take control of an affected...

Zyxel Flaw Powers New Mirai IoT Botnet Strain

In February, hardware maker Zyxel fixed a zero-day vulnerability in its routers and VPN firewall products after KrebsOnSecurity told the company the flaw was being abused by attackers to break into devices. This week, security researchers said they spotted that same vulnerability being exploited ...

Microsoft Releases Out-of-Band Security Updates for SMB RCE Vulnerability

Microsoft has released out-of-band security updates to address a remote code execution vulnerability CVE-2020-0796 in Microsoft Server Message Block 3.1.1 SMBv3. A remote attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security...

Microsoft Server Message Block RCE Vulnerability

Microsoft has released a security advisory to address a remote code execution vulnerability CVE-2020-0796 in Microsoft Server Message Block 3.1.1 SMBv3. A remote attacker can exploit this vulnerability to take control of an affected system. SMB is a network file-sharing protocol that allows clien...