Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google has addressed a high-severity security flaw impacting the Android kernel that it said has been actively exploited in the wild. The vulnerability, tracked as CVE-2024-36971, has been described as a case of remote code execution impacting the kernel. "There are indications that CVE-2024-3697...

CVE-2023-47246

In SysAid On-Premise before 23.3.36, a path traversal vulnerability leads to code execution after an attacker writes a file to the Tomcat webroot, as exploited in the wild in November 2023. Recent assessments: cbeek-r7 at November 09, 2023 2:50pm UTC reported: On November 8, 2023, SysAid, an IT...

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

Adobe's Patch Tuesday update for September 2023 comes with a patch for a critical actively exploited security flaw in Acrobat and Reader that could permit an attacker to execute malicious code on susceptible systems. The vulnerability, tracked as CVE-2023-26369, is rated 7.8 for severity on the...

CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency CISA on March 15 added a security vulnerability impacting Adobe ColdFusion to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The critical flaw in question is CVE-2023-26360 CVSS score: 8.6, which...

Threat Advisory: Microsoft Outlook privilege escalation vulnerability being exploited in the wild

Update March 21, 2023: To aid defenders trying to detect and mitigate this vulnerability, we are providing a couple of additional resources. First, we are providing a ClamAV signature that detects this threat -- the rule can be found on our GitHub here and can be leveraged anywhere ClamAV...

FIN8 Resurfaces with Revamped Backdoor Malware

The FIN8 cyberattack group has resurfaced after a period of relative quiet, researchers have found. The gang is using new versions of the BadHatch backdoor to compromise companies in the chemical insurance, retail and technology industries. The attacks have been seen hitting organizations around...

Microsoft Released Out-of-Band Advisory – Windows Adobe Type Manager Library Remote Code Execution Vulnerability (ADV200006)

Today, Microsoft released an out-of-band security advisory ADV200006 to address two critical remote code execution vulnerabilities in Adobe Type Manager Library. Microsoft is also aware of limited, targeted attacks that attempt to leverage this vulnerability. The Vulnerability Microsoft Windows...

Warning — Two Unpatched Critical 0-Day RCE Flaws Affect All Windows Versions

Microsoft today issued a new security advisory warning billions of Windows users of two new critical, unpatched zero-day vulnerabilities that could let hackers remotely take complete control over targeted computers. According to Microsoft, both unpatched flaws are being used in limited, targeted...

A new exploit for zero-day vulnerability CVE-2018-8589

Yesterday, Microsoft published its security bulletin, which patches a vulnerability discovered by our technologies. We reported it to Microsoft on October 17, 2018. The company confirmed the vulnerability and assigned it CVE-2018-8589. In October 2018, our Automatic Exploit Prevention AEP systems...

flashplugin, lib32-flashplugin: multiple issues

CVE-2015-8459: Memory corruption vulnerabilities that could lead to code execution. Credited to Kai Kang of Tencent's Xuanwu LAB. - CVE-2015-8460: Memory corruption vulnerabilities that could lead to code execution. Credited to Jie Zeng of Qihoo 360. - CVE-2015-8634, CVE-2015-8635: Use-after-free...

Adobe Releases Critical Security Updates for Flash Player, Acrobat and Adobe Reader

Adobe has released security updates to fix seven vulnerabilities in its Flash and Air platforms and one in its Reader and Acrobat which, according to the company, is being exploited by attackers in wild "...in limited, isolated attacks targeting Adobe Reader users on Windows." The vulnerabilities...

Malware Signed by Adobe Certificate Only Used in Limited Targeted Attacks

Adobe’s revocation of a code-signing certificate that had been used by attackers to sign several malicious utilities sparked concerns in the security community about widespread malware attacks using those utilities. The key concern was that most antimalware systems will implicitly trust files tha...

The Mystery of Duqu: Part Two

Our investigation and research of Duqu malware continues. In our previous report, we made two points: there are more drivers than it was previously thought; it is possible that there are additional modules. Besides those key points, we concluded that unlike the massive Stuxnet infections, Duqu...