Category Archives: Vulnerabilities
5 Critical VMware ESXi Vulnerabilities
It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could give hackers access to virtual machine environments.
VMware suggested that patching ESXi servers immediately is your best option, but you could also remove USB controllers from your VMs as a workaround. However, regarding to this advisory “that may be infeasible at scale and does not eliminate the potential threat like patching does.”
Noted Vulnerabilities
- CVE-2021-22040: Use-after-free vulnerability in XHCI USB controller (CVSS 8.4)
- CVE-2021-22041: Double-fetch vulnerability in UHCI USB controller (CVSS 8.4)
- CVE-2021-22042: ESXi ‘settingsd’ unauthorized access vulnerability (CVSS 8.2)
- CVE-2021-22043: ‘ESXi settingsd’ TOCTOU vulnerability (CVSS 8.2)
- CVE-2021-22050: ESXi slow HTTP POST denial of service vulnerability (CVSS 5.3)
VMware has said that there haven’t seen any attacks in the … Read the rest
Hackers Exploiting Cisco RV VPN Routers
Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.
Why are they even still used? Well, the RV series of VPN appliances is affordable and functional. They can easily connect remote workers to a company network with no hassle. Each appliance has a built-in firewall, VPN, encryption, and authentication features.
Cisco disclosed 15 vulnerabilities affecting their RV product line this week. Some of the bugs can be exploited alone, but others can be chained together to lead to a variety of bad outcomes. These issues remain unpatched at the time of writing.
According to Cisco, the bugs affect products that the company makes. Cisco’s advisory said: “An attacker could exploit these vulnerabilities by sending malicious packets to the affected systems.”
- Execute arbitrary
New UEFI Bootkit called MoonBounce
Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers who have been robbing businesses for many years.
Researchers at Kaspersky Labs discovered a new type of malware. This is the third known type that infects UEFI firmware. The first two types were FinFisher and ESPecter.
- The malware is injected into the SPI flash part of the motherboard, signifying that it cannot be removed even after hard disk replacement.
- The injection is stored in the CORE_DXE component, which is called during the early boot sequence of UEFI.
- Once the MoonBounce rootkit malware makes its way inside the OS, it may reach out to a server to obtain further payloads.
- Additionally, the infection chain does not leave any evidence and works
SSRF Vulnerability In VMware Authentication
Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.
This serious security vulnerability was found in a popular service called VMware Workspace ONE Access. It’s used to provide multi-factor authentication, conditional access, and single sign-on to web and mobile apps. The vulnerability could enable malicious actors to read the full response of HTTP requests. This vulnerability is tracked as CVE-2021-22056. It has a severity score of 5.5, or ‘moderate’.
Security researchers Shubham Shah and Keiran Sampson discovered the bug that could lead to the leaking of JWTs. This would give malicious actors full access to vulnerable systems. JWTs are strings that act as a way to identify users. They contain JSON-encoded data, making them convenient for embedding information. They are typically used as session identifiers for mobile and web … Read the rest
Microsoft Warns Log4j Flaw Attacks Remain High
Microsoft has warned that Windows and Azure customers should be on high alert after spotting state-sponsored and cyber-criminal hackers probing systems for a flaw in the Log4j. Microsoft says it spotted attackers using the Log4j flaw through December.
The Apache open source project disclosed on December 9 and will likely take a long time to fix the Log4j flaw. The problem is widespread because the open source project is used in many applications and services.
Microsoft says that this problem is not just in your organization; it’s everywhere. The company has released updates to its security software to help you identify the vulnerability and protect yourself from attackers.
… Read the rest“Exploitation attempts and testing have remained high during the last weeks of December. We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks,” the Microsoft 365 Defender Threat
Windows Zero-Day Allows Privileged File Access
Windows 10 Bug Exploitation Details
Hashthemes Demo Importer WordPress Plugin Vulnerability
The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use the demo importer as a tool to wipe out content on any WordPress site.
WordPress Yanks Plugin, Puts Out Fix
Google Chrome Releases Two Zero Day Patches
Google stated the following:
“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,”“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in Thursday’s security update. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
Here are details on the two zero-days:
- CVE-2021-37976 Google Project Zero found a bug in a critical component of Chrome. The bug was
Apple users to update immediately. Apple Zero-Click Exploit
The Citizen Lab has discovered a zero-click zero-day flaw in all Apple products. The new zero-day flaw is called ForcedEntry, and it affects iPhones, iPads, Macs, Apple Watches, and even AirPods. Citizen Lab urges all Apple users to update their devices immediately.
Apple released a Security update on Monday. The iOS 14.8 for iPhones and iPads includes patches for vulnerabilities, which may have been exploited by hackers. Also included are Apple Watch and macOS updates.
Citizen Lab, a digital watchdog, discovered a new kind of spyware that is used to illegally monitor activists’ iPhone communications. It’s allegedly been used by the NSO Group to target the communications of people in Bahrain. The researchers called this new zero-click attack ForcedEntry. Citizen Lab said it had identified nine Bahraini activists whose iPhones had been targeted with Pegasus spyware between June of 2020 and February of 2021. These phones suffered zero-click attacks that … Read the rest
Microsoft Office 0-day Vulnerability
On Tuesday, Microsoft revealed an alarming vulnerability in Internet Explorer, a bug that is being used to harm Windows users. The attack is enabled by a weaponized Office file and works like this: A victim receives an email with a link to a Word document inside. It is very important that you do not click on the link; instead, you should open the document directly.
The critical vulnerability has been found in Microsoft’s proprietary web rendering engine. The flaw, tracked as CVE-2021-40444, allows attackers to remotely execute code on a vulnerable system. The engine is used to render web content inside Word, Excel, and PowerPoint documents.
… Read the restThey have said. “Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,”.
They also added: “An attacker could
Loading ...