image
Patrick Domingues

Category Archives: Vulnerabilities


5 Critical VMware ESXi Vulnerabilities

It has been alerted; five security vulnerabilities could lead to major potential issues for VMware ESXi customers. This includes command execution and DoS. VMware has issued a critical security update to patch its ESXi customers. Exploitation of these vulnerabilities could give hackers access to virtual machine environments.

VMware suggested that patching ESXi servers immediately is your best option, but you could also remove USB controllers from your VMs as a workaround. However, regarding to this advisory “that may be infeasible at scale and does not eliminate the potential threat like patching does.”

 

Noted Vulnerabilities 

  • CVE-2021-22040: Use-after-free vulnerability in XHCI USB controller (CVSS 8.4)
  • CVE-2021-22041: Double-fetch vulnerability in UHCI USB controller (CVSS 8.4)
  • CVE-2021-22042: ESXi ‘settingsd’ unauthorized access vulnerability (CVSS 8.2)
  • CVE-2021-22043: ‘ESXi settingsd’ TOCTOU vulnerability (CVSS 8.2)
  • CVE-2021-22050: ESXi slow HTTP POST denial of service vulnerability (CVSS 5.3)

 

VMware has said that there haven’t seen any attacks in the … Read the rest

Vulnerabilities

Hackers Exploiting Cisco RV VPN Routers

Security researchers have found critical vulnerabilities in Cisco Small Business RV VPN routers. The bugs could allow attackers to take control of the router with root privileges, get access to customer data, and conduct DDOS attacks.

Why are they even still used? Well, the RV series of VPN appliances is affordable and functional. They can easily connect remote workers to a company network with no hassle. Each appliance has a built-in firewall, VPN, encryption, and authentication features.

Cisco disclosed 15 vulnerabilities affecting their RV product line this week. Some of the bugs can be exploited alone, but others can be chained together to lead to a variety of bad outcomes. These issues remain unpatched at the time of writing.

According to Cisco, the bugs affect products that the company makes. Cisco’s advisory said: “An attacker could exploit these vulnerabilities by sending malicious packets to the affected systems.”

  • Execute arbitrary
Read the rest
Vulnerabilities

New UEFI Bootkit called MoonBounce

Researchers have discovered a sophisticated new type of malware that targets UEFI and its called MoonBounce. The Bootkit or also known as rootkit malware is suspected to be associated with (advanced persistent threat 41). APT41 is a group of hackers who have been robbing businesses for many years.

Researchers at Kaspersky Labs discovered a new type of malware. This is the third known type that infects UEFI firmware. The first two types were FinFisher and ESPecter.

  • The malware is injected into the SPI flash part of the motherboard, signifying that it cannot be removed even after hard disk replacement.
  • The injection is stored in the CORE_DXE component, which is called during the early boot sequence of UEFI.
  • Once the MoonBounce rootkit malware makes its way inside the OS, it may reach out to a server to obtain further payloads.
  • Additionally, the infection chain does not leave any evidence and works
Read the rest
Vulnerabilities

SSRF Vulnerability In VMware Authentication

Researchers have found that VMware has a server-side request forgery (SSRF) vulnerability could allow an attacker to obtain administrative JSON Web Tokens (JWT) in versions of the VMware authentication software.

This serious security vulnerability was found in a popular service called VMware Workspace ONE Access. It’s used to provide multi-factor authentication, conditional access, and single sign-on to web and mobile apps. The vulnerability could enable malicious actors to read the full response of HTTP requests. This vulnerability is tracked as CVE-2021-22056. It has a severity score of 5.5, or ‘moderate’.

Security researchers Shubham Shah and Keiran Sampson discovered the bug that could lead to the leaking of JWTs. This would give malicious actors full access to vulnerable systems. JWTs are strings that act as a way to identify users. They contain JSON-encoded data, making them convenient for embedding information. They are typically used as session identifiers for mobile and web … Read the rest

Vulnerabilities

Microsoft Warns Log4j Flaw Attacks Remain High

Microsoft has warned that Windows and Azure customers should be on high alert after spotting state-sponsored and cyber-criminal hackers probing systems for a flaw in the Log4j. Microsoft says it spotted attackers using the Log4j flaw through December.

The Apache open source project disclosed on December 9 and will likely take a long time to fix the Log4j flaw. The problem is widespread because the open source project is used in many applications and services.

Microsoft says that this problem is not just in your organization; it’s everywhere. The company has released updates to its security software to help you identify the vulnerability and protect yourself from attackers.

“Exploitation attempts and testing have remained high during the last weeks of December. We have observed many existing attackers adding exploits of these vulnerabilities in their existing malware kits and tactics, from coin miners to hands-on-keyboard attacks,” the Microsoft 365 Defender Threat

Read the rest
Vulnerabilities

Windows Zero-Day Allows Privileged File Access

A Windows security vulnerability could allow information disclosure and local privilege escalation (LPE), researchers have warned. The issue (CVE-2021-24084) has yet to get an official fix, but there is a way to protect yourself. A micropatch has been rolled out as a stop-gap measure.
 
 
Security researcher Abdelhamid Naceri reported a bug in Microsoft’s Autopilot software last October. Microsoft patched it in April, but it has not yet been released. Naceri recently discovered that CVE-2021-24084 could also be exploited for local privilege escalation. He demonstrates that users can copy files from a chosen location into a Cabinet (.CAB) archive, which they can then open and read.
 
 
The process of exploiting the bug is very similar to the LPE exploitation techniques used in a vulnerability in Windows 10, CVE-2021-36934. This bug affects the Security Accounts Manager (SAM) database, which houses user account credentials and network domain information.
 

Windows 10 Bug Exploitation Details

Read the rest
Vulnerabilities

Hashthemes Demo Importer WordPress Plugin Vulnerability

The Hashthemes Demo Importer and is found in more than 8,000 blogs, according to researchers at Wordfence. It’s a high-severity security flaw. This WordPress plugin is designed to import demo content from HashThemes.com. However, it’s possible for subscribers to use the demo importer as a tool to wipe out content on any WordPress site.

The HashThemes Demo Importer plugin allows you to easily import demos for WordPress themes with a single click. It also has no dependencies such as XML files, .json theme options, .dat customizer files or .wie widget files.
 
 
A security researcher named Ram Gall from Wordfence said that he reported the bug to the developer of the plug-in on Aug. 25. However, the developer did not respond for nearly a month. So, he got in touch with the WordPress team Sept. 20.
 

WordPress Yanks Plugin, Puts Out Fix

 
On the same day, the WordPress team removed the
Read the rest
Vulnerabilities

Google Chrome Releases Two Zero Day Patches

Google has released an emergency update Chrome 94.0.4606.71 that fixes two zero-day vulnerabilities being exploited in the wild. These are the second and third zero-day vulnerabilities found this year. A total of twelve zero-days have been found in the browser since January. The new version will be released on all three platforms, Windows, Mac, Linux, to fix these issues.
 

Google stated the following:

“Google is aware the exploits for CVE-2021-37975 and CVE-2021-37976 exist in the wild,”
 
“Access to bug details and links may be kept restricted until a majority of users are updated with a fix,” the company said in Thursday’s security update. “We will also retain restrictions if the bug exists in a third party library that other projects similarly depend on, but haven’t yet fixed.”
 
 

Here are details on the two zero-days:

  • CVE-2021-37976 Google Project Zero found a bug in a critical component of Chrome. The bug was
Read the rest
Vulnerabilities

Apple users to update immediately. Apple Zero-Click Exploit

The Citizen Lab has discovered a zero-click zero-day flaw in all Apple products. The new zero-day flaw is called ForcedEntry, and it affects iPhones, iPads, Macs, Apple Watches, and even AirPods. Citizen Lab urges all Apple users to update their devices immediately.

Apple released a Security update on Monday. The iOS 14.8 for iPhones and iPads includes patches for vulnerabilities, which may have been exploited by hackers. Also included are Apple Watch and macOS updates.

 

Citizen Lab, a digital watchdog, discovered a new kind of spyware that is used to illegally monitor activists’ iPhone communications. It’s allegedly been used by the NSO Group to target the communications of people in Bahrain. The researchers called this new zero-click attack ForcedEntry. Citizen Lab said it had identified nine Bahraini activists whose iPhones had been targeted with Pegasus spyware between June of 2020 and February of 2021. These phones suffered zero-click attacks that … Read the rest

Vulnerabilities

Microsoft Office 0-day Vulnerability

On Tuesday, Microsoft revealed an alarming vulnerability in Internet Explorer, a bug that is being used to harm Windows users. The attack is enabled by a weaponized Office file and works like this: A victim receives an email with a link to a Word document inside. It is very important that you do not click on the link; instead, you should open the document directly.

The critical vulnerability has been found in Microsoft’s proprietary web rendering engine. The flaw, tracked as CVE-2021-40444, allows attackers to remotely execute code on a vulnerable system. The engine is used to render web content inside Word, Excel, and PowerPoint documents.

 

 

They have said. “Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents,”.

They also added: “An attacker could

Read the rest
Vulnerabilities

Available On Amazon

Polls

What Content Do You Want To See?

View Results

Loading ... Loading ...

Categories

Archives

Subscribe Today

Want to know when new posts are published? Enter your email & click on that subscribe button.