Security News

VMware has released security updates to fix a trio of flaws in Aria Operations for Networks that could result in information disclosure and remote code execution. The most critical of the three vulnerabilities is a command injection vulnerability tracked as CVE-2023-20887 that could allow a malicious actor with network access to achieve remote code execution.

VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers to gain remote execution or access sensitive information. Previously known as vRealize Network Insight, this network visibility and analytics tool helps admins optimize network performance or manage and scale various VMware and Kubernetes deployments.

VMware issued multiple security patches today to address critical and high-severity vulnerabilities in VMware Aria Operations for Networks, allowing attackers to gain remote execution or access sensitive information. Previously known as vRealize Network Insight, this network visibility and analytics tool helps admins optimize network performance or manage and scale various VMware and Kubernetes deployments.

MOVEit Transfer zero-day attacks: The latest infoProgress Software has updated the security advisory and confirmed that the vulnerability is a SQL injection vulnerability in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Kali Linux 2023.2 released: New tools, a pre-built Hyper-V image, a new audio stack, and more!Offensive Security has released Kali Linux 2023.2, the latest version of its popular penetration testing and digital forensics platform.

A critical zero-day vulnerability in Progress Software's enterprise managed file transfer solution MOVEit Transfer is being exploited by attackers to grab corporate data. " could lead to escalated privileges and potential unauthorized access to the environment," the company warned on Wednesday, and advised customers to take action to protect their MOVEit Transfer environment, "While our team produces a patch."

WordPress has issued an automatic update to address a critical flaw in the Jetpack plugin that's installed on over five million sites.The vulnerability, which was unearthed during an internal security audit, resides in an API present in the plugin since version 2.0, which was released in November 2012.

Hackers are performing widespread exploitation of a critical-severity command injection flaw in Zyxel networking devices, tracked as CVE-2023-28771, to install malware. The flaw, which is present in the default configuration of impacted firewall and VPN devices, can be exploited to perform unauthenticated remote code execution using a specially crafted IKEv2 packet to UDP port 500 on the device.

Everyone is writing about an interagency and international report on Chinese hacking of US critical infrastructure. Lots of interesting details about how the group, called Volt Typhoon, accesses target networks and evades detection.

Cybersecurity researchers have found "Backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format. "Most Gigabyte firmware includes a Windows Native Binary executable embedded inside of the UEFI firmware," John Loucaides, senior vice president of strategy at Eclypsium, told The Hacker News.

Microsoft has shared details of a now-patched flaw in Apple macOS that could be abused by threat actors with root access to bypass security enforcements and perform arbitrary actions on affected devices. "The most straight-forward implication of a SIP bypass is that an attacker can create files that are protected by SIP and therefore undeletable by ordinary means," Microsoft researchers Jonathan Bar Or, Michael Pearse, and Anurag Bohra said.