Security News

Apple fixes 3 zero-day vulnerabilities exploited to compromise iPhones
2023-09-22 10:05

Apple has released updates for iOS and iPadOS, macOS, watchOS, and Safari to fix three zero-day vulnerabilities exploited "Against versions of iOS before iOS 16.7.". Earlier this month, Apple closed two zero-day vulnerabilities that have been chained together by attackers to deliver NSO Group's Pegasus spyware.

Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints
2023-09-13 14:05

Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes.

Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service
2023-09-13 13:31

More details have emerged about a set of now-patched cross-site scripting flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities. "The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of which could be exploited to perform unauthorized actions, varying from data access to session hijacking and delivering malicious payloads," Orca security researcher Lidor Ben Shitrit said in a report shared with The Hacker News.

Notepad++ 8.5.7 released with fixes for four security vulnerabilities
2023-09-08 19:46

Notepad++ version 8.5.7 has been released with fixes for multiple buffer overflow zero-days, with one marked as potentially leading to code execution by tricking users into opening specially crafted files. GitHub's security researcher Jaroslav Lobačevski reported the vulnerabilities in Notepad++ version 8.5.2 to the developers over the last couple of months.

CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
2023-09-08 05:36

The U.S. Cybersecurity and Infrastructure Security Agency on Thursday warned that multiple nation-state actors are exploiting security flaws in Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus to gain unauthorized access and establish persistence on compromised systems. "Nation-state advanced persistent threat actors exploited CVE-2022-47966 to gain unauthorized access to a public-facing application, establish persistence, and move laterally through the network," according to a joint alert published by the agency, alongside Federal Bureau of Investigation, and Cyber National Mission Force.

Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
2023-09-07 11:02

Patches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems. Outside of these weaknesses, the latest version of Superset also remediates a separate improper REST API permission issue that allows for low-privilege users to carry out server-side request forgery attacks.

Old vulnerabilities are still a big problem
2023-09-06 13:51

A recently flagged phishing campaign aimed at delivering the Agent Tesla RAT to unsuspecting users takes advantage of old vulnerabilities in Microsoft Office that allow remote code execution. "Despite fixes for CVE-2017-11882/CVE-2018-0802 being released by Microsoft in November, 2017 and January, 2018, this vulnerability remains popular amongst threat actors, suggesting there are still unpatched devices in the wild, even after over five years," says Fortinet researcher Xiaopeng Zhang.

9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products
2023-09-06 10:13

Nine security flaws have been disclosed in electric power management products made by Schweitzer Engineering Laboratories. "The most severe of those nine vulnerabilities would allow a threat actor to facilitate remote code execution on an engineering workstation," Nozomi Networks said in a report published last week.

Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
2023-09-04 14:13

An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers. Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance.

DEF CON Generative AI Hacking Challenge Explored Cutting Edge of Security Vulnerabilities
2023-08-29 19:32

Data from the human vs. machine challenge could provide a framework for government and enterprise policies around generative AI. OpenAI, Google, Meta and more companies put their large language models to the test on the weekend of August 12 at the DEF CON hacker conference in Las Vegas. The Generative Red Team Challenge organized by AI Village, SeedAI and Humane Intelligence gives a clearer picture than ever before of how generative AI can be misused and what methods might need to be put in place to secure it.