Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day...

Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner

By Habiba Rashid So far, researchers have identified approximately 50 phishing websites, all targeting MSI Afterburner to deliver malware. This is a post from HackRead.com Read the original post: Watch Out Gamers: Hackers Exploiting MSI Afterburner to Deliver Coin Miner...

CVE-2022-31694

InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an attacker to plant a malicious DLL in the installer parent directory to allow executing code with the privileges of the installer...

Upgrade Apache Commons-text for CVE-2022-42889

h3. DISCLAIMER panel:bgColor=e3fcef ! Confluence IS NOT VULNERABLE to CVE-2022-42889|https://vulners.com/cve/CVE-2022-42889. This bug was created to track the change required to upgrade the Apache Commons Text library and can be used by customers to follow its progress and get notified on the nex...

Read the Docs vulnerable to Cross-Site Scripting (XSS)

Impact This vulnerability allowed a malicious user to serve arbitrary HTML files from the main application domain readthedocs.org/readthedocs.com by exploiting a vulnerability in the code that serves downloadable content from a project. Exploiting this would have required the attacker to get a...

A bidder can buy baseToken with low price by exploiting the DOS prevention measure

Lines of code Vulnerability details Impact In order to prevent DOS attacks, the smart contract introduces a measure that limits the number of bids on an auction SizeSealed.solL157-L159. However, an attacker/bidder can exploit this measure to block others to place bids so that the attacker can buy...

US healthcare organizations targeted by Daixin Team ransomware

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Daixin Team ransomware, and data extortion group has been gaining initial access to victims through virtual private networks VPN servers since June 2022, either by exploiting an unpatched vulnerability in...

Police Dismantled Car Hackers That Exploited Keyless Entry Tech

By Waqas According to authorities, more than 22 locations were searched during the operation while over $1 million in criminal assets were seized. This is a post from HackRead.com Read the original post: Police Dismantled Car Hackers That Exploited Keyless Entry Tech...

Threat Actors Exploiting F5 BIG-IP CVE-2022-1388

Summary Actions for administrators to take today: • Do not expose management interfaces to the internet. • Enforce multi-factor authentication. • Consider using CISA’s Cyber Hygiene Services. The Cybersecurity and Infrastructure Security Agency CISA and the Multi-State Information Sharing &...

Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely

WhatsApp has released security updates to address two flaws in its messaging app for Android and iOS that could lead to remote code execution on vulnerable devices. One of them concerns CVE-2022-36934 CVSS score: 9.8, a critical integer overflow vulnerability in WhatsApp that results in the...

Pax - CLI Tool For PKCS7 Padding Oracle Attacks

Exploit padding oracles for fun and profit! Pax PAdding oracle eXploiter is a tool for exploiting padding oracles in order to: 1. Obtain plaintext for a given piece of CBC encrypted data. 2. Obtain encrypted bytes for a given piece of plaintext, using the unknown encryption algorithm used by the...

SuiteCRM authenticated SQL injection in export functionality

This module exploits an authenticated SQL injection in SuiteCRM in versions before 7.12.6. The vulnerability allows an authenticated attacker to send specially crafted requests to the export entry point of the application in order to retrieve all the usernames and their associated password from t...

Jenkins HTTP/2 DoS Vulnerability (CVE-2022-2048) - Linux

Jenkins is prone to an HTTP/2 denial of service DoS vulnerability in Jetty. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...

noPac - Exploiting CVE-2021-42278 And CVE-2021-42287 To Impersonate DA From Standard Domain User

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user Changed from sam-the-admin. Usage SAM THE ADMIN CVE-2021-42278 + CVE-2021-42287 chain positional arguments: domain/username:password Account used to authenticate to DC. optional arguments: -h, --help show thi...

Metasploit Weekly Wrap-Up

ICPR Certificate Management This week Metasploit has a new ICPR Certificate Management module from Oliver Lyak and our very own Spencer McIntyre, which can be utilized for issuing certificates via Active Directory Certificate Services. It has the capability to issue certificates which is useful i...

ICPR Certificate Management

Request certificates via MS-ICPR Active Directory Certificate Services. Depending on the certificate template's configuration the resulting certificate can be used for various operations such as authentication. PFX certificate files that are saved are encrypted with a blank password. This module ...

FBI Warns Investors to Take Precautions with Decentralized Financial Platforms

The U.S. Federal Bureau of Investigation FBI on Monday warned of cyber criminals increasingly exploiting flaws in decentralized finance DeFi platforms to plunder cryptocurrency. "The FBI has observed cyber criminals exploiting vulnerabilities in the smart contracts governing DeFi platforms to ste...

QBot Malware Exploiting Windows Calculator to Compromise Devices

By Deeba Ahmed According to researcher "ProxyLife" on Twitter, QBot malware, aka QakBot, has been exploiting the Windows 7 Calculator app… This is a post from HackRead.com Read the original post: QBot Malware Exploiting Windows Calculator to Compromise Devices...

CVE-2022-33923

Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerStore T environment. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may...

Shoutrrr util package DoS via sending 2000, 4000, or 6000 character messages

The package github.com/containrrr/shoutrrr/pkg/util before 0.6.0 are vulnerable to Denial of Service DoS via the util.PartitionMessage function. Exploiting this vulnerability is possible by sending exactly 2000, 4000, or 6000 characters messages...