Security News

Horizon3 security researchers have released proof-of-concept code for a VMware vRealize Log Insight vulnerability chain that allows attackers to gain remote code execution on unpatched appliances. Earlier today, Horizon3 published the PoC exploit and explained that the RCE exploit "Abuses the various Thrift RPC endpoints to achieve an arbitrary file write."

QNAP Systems has fixed a critical vulnerability affecting QNAP network-attached storage devices, which could be exploited by remote attackers to inject malicious code into a vulnerable system.Luckily for QNAP NAS owners, there's no mention of it being exploited by attackers or an exploit being publicly available.

Taiwanese company QNAP has released updates to remediate a critical security flaw affecting its network-attached storage devices that could lead to arbitrary code injection. Tracked as CVE-2022-27596, the vulnerability is rated 9.8 out of a maximum of 10 on the CVSS scoring scale.

QNAP is warning customers to install QTS and QuTS firmware updates that fix a critical security vulnerability allowing remote attackers to inject malicious code on QNAP NAS devices. "A vulnerability has been reported to affect QNAP devices running QTS 5.0.1 and QuTS hero h5.0.1. If exploited, this vulnerability allows remote attackers to inject malicious code,' warns the QNAP security advisory."

Critical vulnerabilities discovered in OpenEMR can be chained to gain code execution on a server running a vulnerable version of the popular open-source electronic health record system. Discovered, privately reported and now publicly documented by researcher Dennis Brinkrolf, the vulnerabilities have been promptly patched by the OpenEMR maintainers at the end of November 2022.

How to tackle the cybersecurity skills shortage in the EUIn this Help Net Security Dritan Saliovski, Director - Nordic Head of Cyber M&A, Transaction Advisory Services at Aon, offers some pointers, as well as advice to organizations on how to attract and retain the best cybersecurity talent. ENISA gives out toolbox for creating security awareness programsThe European Union Agency for Cybersecurity has made available Awareness Raising in a Box, a "Do it yourself" toolbox to help organizations in their quest to create and implement a custom security awareness raising program.

Akamai researchers have published a PoC exploit for a critical vulnerability in Windows CryptoAPI, which validates public key certificates. "An attacker could manipulate an existing public x.509 certificate to spoof their identity and perform actions such as authentication or code signing as the targeted certificate," Microsoft said in October 2022, when they announced fixes for vulnerable Windows and Windows Server versions.

Proof of concept exploit code has been released by Akamai researchers for a critical Windows CryptoAPI vulnerability discovered by the NSA and U.K.'s NCSC allowing MD5-collision certificate spoofing. Unauthenticated attackers can exploit this bug in low-complexity attacks.

Hackers have leveraged a critical remote code execution vulnerability in Realtek Jungle SDK 134 million attacks trying to infect smart devices in the second half of 2022. Most of these attacks originate from botnet malware families like Mirai, Gafgyt, Mozi, and derivatives of them.

Hackers have leveraged a critical remote code execution vulnerability in Realtek Jungle SDK 134 million attacks trying to infect smart devices in the second half of 2022. Unit 42 logged activity leveraging CVE-2021-35394 from all over the world but almost half of the attacks originated from the United States.