Security News
A "0.0.0.0-Day" vulnerability affecting Chrome, Safari and Firefox can be - and has been - exploited by attackers to gain access to services on internal networks, Oligo Security researchers have revealed. The vulnerability stems from how those popular browsers handle network requests from external, public websites, and may allow attackers to change settings, gain access to protected information, uploading malicious models, or even achieve remote code execution.
Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks. The critical vulnerability "Exposes a fundamental flaw in how browsers handle network requests, potentially granting malicious actors access to sensitive services running on local devices," Oligo Security researcher Avi Lumelsky said.
Google has addressed a high-severity security flaw impacting the Android kernel that it has been actively exploited in the wild. That said, Clement Lecigne of Google's Threat Analysis Group has been credited with reporting the flaw, suggesting that it's likely being exploited by commercial spyware vendors to infiltrate Android devices in narrowly targeted attacks.
Thousands of accounts have been exposed after hackers used existing emails to create Google Workspace accounts and bypassed the verification process. One impacted user that shared their experience on a Google Cloud Community forum was notified by Google that someone had created a Workspace account with their email without verification and then used it to log into Dropbox.
Thousands of email addresses have been compromised after hackers used them to create Google Workspace accounts and bypassed the verification process. One impacted user that shared their experience on a Google Cloud Community forum was notified by Google that someone had created a Workspace account with their email without verification and then used it to log into Dropbox.
CVE-2024-37085 only carries a 6.8 CVSS rating, but has been used as a post-compromise technique by many of the world's most high-profile ransomware groups and their affiliates, including Black Basta, Akira, Medusa, and Octo Tempest/Scattered Spider. The vulnerability allows attackers who have the necessary privileges to create AD groups - which isn't necessarily an AD admin - to gain full control of an ESXi hypervisor.
CVE-2023-45249, a critical vulnerability affecting older versions of Acronis Cyber Infrastructure, is being exploited by attackers. Acronis Cyber Infrastructure is an IT infrastructure solution that provides storage, compute, and network resources.
Cybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. "An attacker could escalate their privileges to the Default Cloud Build Service Account and access numerous services such as Cloud Build, storage, artifact registry and container registry," the exposure management company said in a statement.
Using the exploit to abuse a vulnerability that ESET named "EvilVideo," attackers could share malicious Android payloads via Telegram channels, groups, and chats, and make them appear to be multimedia files. "We found the exploit being advertised for sale on an underground forum. In the post, the seller shows screenshots and a video of testing the exploit in a public Telegram channel. We were able to identify the channel in question, with the exploit still available. That allowed us to get our hands on the payload and test it ourselves," explains ESET researcher Lukáš Štefanko, who discovered the Telegram exploit.
Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins. Tracked as CVE-2024-20419, the bug carries a maximum 10/10 CVSS 3.1 rating and affects the authentication system of Cisco Smart Software Manager On-Prem.