Security News

A high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477, the vulnerability has been described as a case of improper validation while processing recovery volumes.

While the CRA doesn't demand companies forward an exploited vulnerability's full technical specifications to ENISA, it does require companies to report on a vulnerability "With details"-and these details could be more than enough to attract the attention of a savvy attacker. As the CERT Guide to Coordinated Vulnerability Disclosure puts it: "Mere knowledge of a vulnerability's existence in a feature of some product is sufficient for a skillful person to discover it for themselves."

Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into one's own network. This has increased the percentage of Zero Trust advocates from 24% to 55%. The security model known as Zero Trust is an overarching security strategy designed to continuously audit and verify access to resources, both internally and externally.

CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers.GreyNoise has flagged on Tuesday a sudden spike in IP addresses from which exploitation attempts are coming, and the Cybersecurity and Infrastructure Agency has added the vulnerability to its Known Exploited Vulnerabilities Catalog.

Nearly 2,000 Citrix NetScaler instances have been compromised with a backdoor by weaponizing a recently disclosed critical security vulnerability as part of a large-scale attack. CVE-2023-3519 refers to a critical code injection vulnerability impacting NetScaler ADC and Gateway servers that could lead to unauthenticated remote code execution.

E-commerce sites using Adobe's Magento 2 software are the target of an ongoing campaign that has been active since at least January 2023. The attacks, dubbed Xurum by Akamai, leverage a now-patched critical security flaw in Adobe Commerce and Magento Open Source that, if successfully exploited, could lead to arbitrary code execution.

Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says that vehicle driving safety isn't impacted. The vulnerability is tracked as CVE-2023-29468 and is in the WL18xx MCP driver for the WiFi subsystem incorporated in the car's infotainment system, which allows an attacker in WiFi range to trigger buffer overflow using a specially crafted frame.

Downfall Vulnerability Affects Millions of Intel CPUs With Strong Data Leak Impact Learn technical details about this newly disclosed security vulnerability, as well as mitigation recommendations from the Google researcher who discovered it. Google researcher Daniel Moghimi discovered a new vulnerability affecting millions of Intel chip models.

Ecommerce stores using Adobe's open source Magento 2 software are being targeted by an ongoing exploitation campaign based on a critical vulnerability that was patched last year, on February 13, 2022. "The attacker seems to be interested in payment stats from the orders in the victim's Magento store placed in the past 10 days," they said.

The U.S. Cybersecurity and Infrastructure Security Agency has added a recently patched security flaw in Microsoft's.NET and Visual Studio products to its Known Exploited Vulnerabilities catalog, citing evidence of active exploitation.