Security News

So a RCE with #printnightmare on a fully patched server, with Point & Print enabled. Mimikatz creator Benjamin Delpy, who is also responsible for the R&D Security Center at the Banque de France, shared a screenshot of a reversed-engineered Windows DLL with The Register and explained that the problem was down to how Microsoft was checking for remote libraries in its patch for PrintNightmare aka CVE-2021-34527.

Researchers have successfully reproduced the exploit used in the recent cyberattack targeting IT management software maker Kaseya and its customers. Kaseya on July 2 urged customers to immediately shut down on-premises servers running its VSA endpoint management and network monitoring tool due to a cyberattack.

A researcher at Positive Technologies has described the potential impact of a recently addressed command injection vulnerability affecting SonicWall's Network Security Manager product. The security hole affects the on-premises versions of SonicWall NSM only and can be exploited through specially crafted HTTP requests sent to the vulnerable application.

A proof-of-concept exploit related to a remote code execution vulnerability affecting Windows Print Spooler and patched by Microsoft earlier this month was briefly published online before being taken down. The Windows maker addressed the vulnerability as part of its Patch Tuesday update on June 8, 2021.

Abandoned or ignored subdomains often include overlooked vulnerabilities that leave organisations open to attack, according to a team of infosec researchers from the Vienna University of Technology and the Ca' Foscari University of Venice. That laxity leaves subdomains open to a cookie-based attack in which an attacker sets up their own site to replace an abandoned or expired subdomain hosted on a completely different server from the main web site.

It is increasingly being breached: numerous security hacks just this past month include the Colonial Pipeline security breach and the JBS Foods ransomware attacks where hackers took over the organization's computer systems and demanded payment to unlock and release it back to the owners. Columbia Engineering researchers who are leading experts in computer security recently presented two major papers that make computer systems more secure.

Researchers at cybersecurity firm Check Point discovered several vulnerabilities that could have been chained to take over Atlassian accounts or access a company's Bitbucket-hosted source code. The software development and collaboration tools made by Australia-based Atlassian are used by more than 150,000 organizations worldwide, which can make the company's products a tempting target for malicious actors.

Linux marketplaces that are based on the Pling platform are impacted by a cross-site scripting vulnerability and potentially exposed to supply chain attacks, according to German cybersecurity consultancy Positive Security. Positive Security co-founder Fabian Bräunlein discovered that all Pling-based marketplaces are impacted by a wormable XSS that potentially opens the door for supply chain attacks.

A security researcher claims he discovered a critical vulnerability in Apple's password reset feature that could have been used to take over any iCloud account, but Apple has downplayed the impact of the flaw. The issue, researcher Laxman Muthiyah says, was a bypass of the various security measures Apple has in place to prevent attempts to brute force the 'forgot password' functionality for Apple accounts.

A researcher has identified several vulnerabilities, including ones that have been rated high severity, in Cisco's Small Business 220 series smart switches. The vulnerabilities were discovered by security researcher Jasper Lievisse Adriaanse, and they impact switches that run firmware versions earlier than 1.2.0.6 and have the web-based management interface enabled - the interface is enabled by default.